download-telegram.org Open in urlscan Pro
2a01:230:2::21f Public Scan

Go To Rescan
Add Verdict Report

URL:
http://download-telegram.org/
Submission: On September 12 via api (September 12th 2023, 7:42:55 pm UTC) from US — Scanned from DE

Summary HTTP 207 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 42 IPs in 7 countries across 31 domains to perform 207 HTTP transactions. The main IP is 2a01:230:2::21f, located in Russian Federation and belongs to RU-JSCIOT, RU. The main domain is download-telegram.org.

This is the only time download-telegram.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	2a01:230:2::21f 2a01:230:2::21f	29182 (RU-JSCIOT) (RU-JSCIOT)
4	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
11	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
15	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	88.208.46.156 88.208.46.156	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	176.99.5.252 176.99.5.252	49352 (LOGOL-AS) (LOGOL-AS)
12	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
5 21	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1 11	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 5	88.208.46.60 88.208.46.60	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	88.208.5.115 88.208.5.115	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
6	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::184 2a02:6b8::184	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a02:6b8::36 2a02:6b8::36	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	185.98.54.153 185.98.54.153	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::28d 2a02:6b8::28d	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	2a02:6b8::487 2a02:6b8::487	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2001:41a8:104... 2001:41a8:104:3::3	6762 (SEABONE-N...) (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A.)
3	2a02:6b8::158 2a02:6b8::158	208722 (GLOBAL_DC) (GLOBAL_DC)
1 7	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
4 4	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
1	81.171.9.38 81.171.9.38	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1	85.192.12.174 85.192.12.174	12695 (DINET-AS) (DINET-AS)
1	37.230.131.21 37.230.131.21	200197 (HYBRID-PO...) (HYBRID-POLAND)
1 1	138.201.34.238 138.201.34.238	24940 (HETZNER-AS) (HETZNER-AS)
1 1	167.235.14.51 167.235.14.51	24940 (HETZNER-AS) (HETZNER-AS)
1 2	185.15.175.157 185.15.175.157	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.43.60.179 23.43.60.179	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2 5	2a02:26f0:ab0... 2a02:26f0:ab00::214:8ea1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2 6	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
6	2a00:1450:401... 2a00:1450:4019:808::2003	15169 (GOOGLE) (GOOGLE)
1	66.102.1.156 66.102.1.156	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:401e:28::7	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
207	42

36 2a01:230:2::21f (Russian Federation)

ASN29182 (RU-JSCIOT, RU)

download-telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.208.46.156 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

hunterers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.99.5.252 (Russian Federation)

ASN49352 (LOGOL-AS, RU)

installpack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 88.208.46.60 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

dariolunus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

msstral.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.208.5.115 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

mpraven.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::36 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.98.54.153 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::28d (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

log.strm.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::487 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

strm.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41a8:104:3::3 (Italy)

ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT)

ext-strm-itt01.strm.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::158 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

storage.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.95.102.105 (Russian Federation) 4 redirects

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.171.9.38 (Renswoude, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

z.cdn.adtarget.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.192.12.174 (Russian Federation)

ASN12695 (DINET-AS, RU)

dmpprof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.230.131.21 (Amsterdam, Netherlands)

ASN200197 (HYBRID-POLAND, PL)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.34.238 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.238.34.201.138.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.235.14.51 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.51.14.235.167.clients.your-server.de

match.ohmy.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.157 (Russian Federation) 1 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.43.60.179 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-43-60-179.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:ab00::214:8ea1 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.244 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4019:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:401e:28::7 (Ireland)

ASN15169 (GOOGLE, US)

r2---sn-4g5ednsr.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	download-telegram.org download-telegram.org	560 KB
33	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 152 ade.googlesyndication.com — Cisco Umbrella Rank: 329	389 KB
25	yandex.ru 3 redirects yandex.ru — Cisco Umbrella Rank: 1983 mc.yandex.ru — Cisco Umbrella Rank: 3619 an.yandex.ru — Cisco Umbrella Rank: 5061 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 23085 log.strm.yandex.ru — Cisco Umbrella Rank: 15499 strm.yandex.ru — Cisco Umbrella Rank: 13908	244 KB
21	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	264 KB
16	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8039	6 KB
14	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 47 bid.g.doubleclick.net — Cisco Umbrella Rank: 949 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 396 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	110 KB
12	yastatic.net yastatic.net — Cisco Umbrella Rank: 5801	490 KB
11	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4219	32 KB
8	uuidksinc.net 2 redirects s.uuidksinc.net — Cisco Umbrella Rank: 11310 uuidksinc.net — Cisco Umbrella Rank: 11223 d.uuidksinc.net — Cisco Umbrella Rank: 196112	3 KB
7	adnxs.com 2 redirects cdn.adnxs.com — Cisco Umbrella Rank: 1896 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6907 ib.adnxs.com — Cisco Umbrella Rank: 268	31 KB
7	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 7063 favicon.yandex.net — Cisco Umbrella Rank: 8836 ext-strm-itt01.strm.yandex.net — Cisco Umbrella Rank: 291579 storage.mds.yandex.net — Cisco Umbrella Rank: 14483	2 MB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 56 imasdk.googleapis.com — Cisco Umbrella Rank: 501	135 KB
5	bing.com 2 redirects www.bing.com — Cisco Umbrella Rank: 78	7 KB
5	dariolunus.com 1 redirects dariolunus.com	24 KB
4	gnezdo.ru 4 redirects fcgi4.gnezdo.ru — Cisco Umbrella Rank: 52075	1 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1293 r2---sn-4g5ednsr.c.2mdn.net — Cisco Umbrella Rank: 593981	2 MB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	114 KB
2	digitaltarget.ru 1 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 21640	1 KB
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1630	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4861	35 KB
1	ohmy.bid 1 redirects match.ohmy.bid — Cisco Umbrella Rank: 42097	281 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 18288	182 B
1	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 17437	280 B
1	dmpprof.com dmpprof.com — Cisco Umbrella Rank: 42323	745 B
1	adtarget.me z.cdn.adtarget.me — Cisco Umbrella Rank: 178339	41 B
1	mpraven.org mpraven.org	507 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1183	611 B
1	msstral.icu msstral.icu — Cisco Umbrella Rank: 753615	694 B
1	installpack.net installpack.net	713 B
1	hunterers.com hunterers.com	9 KB
207	31

	Domain	Requested by
36	download-telegram.org	download-telegram.org
16	tpc.googlesyndication.com	googleads.g.doubleclick.net download-telegram.org imasdk.googleapis.com pagead2.googlesyndication.com tpc.googlesyndication.com
16	mc.yandex.com	3 redirects download-telegram.org mc.yandex.ru
15	pagead2.googlesyndication.com	download-telegram.org pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	yastatic.net	yandex.ru yastatic.net download-telegram.org
12	fonts.gstatic.com	fonts.googleapis.com download-telegram.org
11	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
11	yandex.ru	download-telegram.org yandex.ru yastatic.net
11	static.addtoany.com	download-telegram.org static.addtoany.com
6	csi.gstatic.com	imasdk.googleapis.com
6	d.uuidksinc.net	1 redirects uuidksinc.net
6	an.yandex.ru	yandex.ru
5	www.bing.com	2 redirects googleads.g.doubleclick.net
5	dariolunus.com	1 redirects download-telegram.org dariolunus.com
5	mc.yandex.ru	2 redirects download-telegram.org yastatic.net
4	ams3-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
4	fcgi4.gnezdo.ru	4 redirects
4	fonts.googleapis.com	download-telegram.org googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	storage.mds.yandex.net	yastatic.net download-telegram.org
2	ib.adnxs.com	2 redirects
2	ade.googlesyndication.com
2	r2---sn-4g5ednsr.c.2mdn.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	www.googletagservices.com	download-telegram.org googleads.g.doubleclick.net
2	dmg.digitaltarget.ru	1 redirects uuidksinc.net
2	ads.betweendigital.com	2 redirects
2	favicon.yandex.net	download-telegram.org
1	cm.g.doubleclick.net
1	googleads4.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	cdn.adnxs.com	download-telegram.org
1	adsdk.microsoft.com	download-telegram.org
1	match.ohmy.bid	1 redirects
1	exchange.buzzoola.com	1 redirects
1	dm-eu.hybrid.ai	uuidksinc.net
1	dmpprof.com	uuidksinc.net
1	z.cdn.adtarget.me	uuidksinc.net
1	uuidksinc.net	dariolunus.com
1	ext-strm-itt01.strm.yandex.net	download-telegram.org
1	strm.yandex.ru	1 redirects
1	log.strm.yandex.ru	yastatic.net
1	ysa-static.passport.yandex.ru	download-telegram.org
1	s.uuidksinc.net	1 redirects
1	avatars.mds.yandex.net	download-telegram.org
1	mpraven.org	hunterers.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	msstral.icu	hunterers.com
1	installpack.net	download-telegram.org
1	hunterers.com	download-telegram.org
207	52

This site contains links to these domains. Also see Links.

Domain
icons8.ru
www.addtoany.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-04` - `2024-05-03`	a year	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2023-06-21` - `2023-12-19`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
download-telegram.org R3	`2023-08-17` - `2023-11-15`	3 months	crt.sh
hunterers.com R3	`2023-07-20` - `2023-10-18`	3 months	crt.sh
installpack.net R3	`2023-08-28` - `2023-11-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
dariolunus.com R3	`2023-08-19` - `2023-11-17`	3 months	crt.sh
msstral.icu GTS CA 1P5	`2023-08-24` - `2023-11-22`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-07-10` - `2024-01-07`	6 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
mpraven.org R3	`2023-07-19` - `2023-10-17`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-04-08` - `2023-10-07`	6 months	crt.sh
*.avatars.mds.yandex.net GlobalSign RSA OV SSL CA 2018	`2023-03-06` - `2023-10-06`	7 months	crt.sh
favicon.yandex.net GlobalSign ECC OV SSL CA 2018	`2023-06-02` - `2023-11-01`	5 months	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2023-03-06` - `2023-10-06`	7 months	crt.sh
log.strm.yandex.ru GlobalSign RSA OV SSL CA 2018	`2023-05-02` - `2023-09-29`	5 months	crt.sh
*.mds.yandex.net GlobalSign RSA OV SSL CA 2018	`2023-03-06` - `2023-10-06`	7 months	crt.sh
uuidksinc.net R3	`2023-09-10` - `2023-12-09`	3 months	crt.sh
adtarget.me R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
dmpprof.com R3	`2023-07-19` - `2023-10-17`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-04-07` - `2024-04-01`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
r.bing.com Microsoft RSA TLS CA 01	`2022-11-15` - `2023-11-15`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-08-29` - `2023-11-07`	2 months	crt.sh

This page contains 17 frames:

Primary Page: http://download-telegram.org/
Frame ID: 55ECBA86F336A926FC32AF7543090662
Requests: 111 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: 55B652BFDB08AD284481EC59A32924CA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/zrt_lookup.html
Frame ID: ADBF42748199DB14D71CB8982439F305
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5409240997335254&output=html&adk=1812271804&adf=3025194257&lmt=1694540567&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_r&format=0x0&url=http%3A%2F%2Fdownload-telegram.org%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&dt=1694547766871&bpp=5&bdt=554&idt=350&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=295036319739&frm=20&pv=2&ga_vid=512193337.1694547767&ga_sid=1694547767&ga_hid=2070314423&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077328%2C31077488%2C31077699%2C31076997&oid=2&pvsid=2547987266537031&tmod=1392376339&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=418
Frame ID: BA2C1D49FEA786824BB1B27543DB6026
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: E391C01524173B925401D78052DD3E73
Requests: 9 HTTP requests in this frame

Frame: https://dariolunus.com/js/cs?uuid=875bcfc1-d293-48ff-b503-b0dc7b25e97c&oid=XOaQhCaRBBpayCfAiXW3
Frame ID: 42BDF18C3A9A89B8A9D6A4938DBC3EC5
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html
Frame ID: A6C1342A67FFBB7286E49021892F53F7
Requests: 4 HTTP requests in this frame

Frame: https://uuidksinc.net/matchx
Frame ID: 2129625D4303702EE8EFE20DF64A0CCB
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Frame ID: B967C6B1DD1988F0F976FF4745188ACE
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6C49DFF57D1BA02740588765D5BCE990
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Frame ID: E8787DD5227B4929F956428347941C27
Requests: 31 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 2167D6A390ADE2796D802246440E8A17
Requests: 15 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 81929A6B14C5E4D5FF9B3376FE78B9F4
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Frame ID: EF5AF22191816DBDCBA7834F4E572DA4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 2A40A8D5B2FAD4ABDF837743BB814C2C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3BFA3CFC19F2F570B60D58CBF0BE556B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4ED08247C449F3D08E039F972BC576A4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Про мессенджер Telegram: загрузка приложения, полезные советы

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

207
Requests

86 %
HTTPS

60 %
IPv6

31
Domains

52
Subdomains

42
IPs

7
Countries

6785 kB
Transfer

11405 kB
Size

41
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://icons8.ru/
Title: icons8

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=http%3A%2F%2Fdownload-telegram.org%2F&title=%D0%9F%D1%80%D0%BE%20%D0%BC%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20Telegram%3A%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%2C%20%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B
Title: Отправить

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10124.JYKzErttK_35jevyxFeFMX_VJxf4wmGin63fIQ8NyiQDsOG0FLhLb9NbTw5jEkTn.hLxkt9ENwCX5TS30kcPFbSOnV3U%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10124.O7QfoMk-aQ_lFVe3XCsPhZ4Qar3umxi6f07SjdYT778zQ8QbMSKPN_plXdr01nagJypNSPIcwqtFjB-zk4FU11wxgqEn24axMTkc4PzC30VApBTdZvEDPfAZPaUv3-A4TDnBqxqLPU-nZRpEHUeaNd80OgfL3VR9kIRG3Ryt-q0qEq_olc_EYGe0CHNbrfhsb_jv-EW4wQ1B5G6oHRLmV2VAH3bD-hf9d-CjrHoIO_k%2C.UmqS5Sm2td2Ym1rh4r7nUBU5q1s%2C

Request Chain 91

https://dariolunus.com/js/cs?uuid=875bcfc1-d293-48ff-b503-b0dc7b25e97c HTTP 302
https://s.uuidksinc.net/match/1165/?remote_uid=875bcfc1-d293-48ff-b503-b0dc7b25e97c&cb_url=https%3A%2F%2Fdariolunus.com%2Fjs%2Fcs%3Fuuid%3D875bcfc1-d293-48ff-b503-b0dc7b25e97c%26oid%3D%5BUID%5D HTTP 302
https://dariolunus.com/js/cs?uuid=875bcfc1-d293-48ff-b503-b0dc7b25e97c&oid=XOaQhCaRBBpayCfAiXW3

Request Chain 92

https://mc.yandex.com/watch/1961151?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&nohit=1&charset=utf-8&cnt-class=1&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A2%3Adp%3A0%3Als%3A478058975839%3Ahid%3A159105966%3Az%3A120%3Ai%3A20230912214247%3Aet%3A1694547767%3Ac%3A1%3Arn%3A610913842%3Au%3A169454776711178037%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1694547765888%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1694547768%3At%3A%D0%9F%D1%80%D0%BE%20%D0%BC%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20Telegram%3A%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%2C%20%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B&t=mc(p-1)clc(0-0-0)lt(25000)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/1961151/1?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&nohit=1&charset=utf-8&cnt-class=1&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A2%3Adp%3A0%3Als%3A478058975839%3Ahid%3A159105966%3Az%3A120%3Ai%3A20230912214247%3Aet%3A1694547767%3Ac%3A1%3Arn%3A610913842%3Au%3A169454776711178037%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1694547765888%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1694547768%3At%3A%D0%9F%D1%80%D0%BE%20%D0%BC%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20Telegram%3A%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%2C%20%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B&t=mc%28p-1%29clc%280-0-0%29lt%2825000%29aw%281%29ti%282%29

Request Chain 93

https://mc.yandex.com/watch/28975340?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A751%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A1025921355167%3Ahid%3A159105966%3Az%3A120%3Ai%3A20230912214247%3Aet%3A1694547767%3Ac%3A1%3Arn%3A667596550%3Arqn%3A1%3Au%3A169454776711178037%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A303%2C59%2C64%2C117%2C0%2C0%2C%2C472%2C7%2C%2C%2C%2C1023%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1694547765888%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1694547768%3At%3A%D0%9F%D1%80%D0%BE%20%D0%BC%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20Telegram%3A%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%2C%20%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/28975340/1?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A751%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A1025921355167%3Ahid%3A159105966%3Az%3A120%3Ai%3A20230912214247%3Aet%3A1694547767%3Ac%3A1%3Arn%3A667596550%3Arqn%3A1%3Au%3A169454776711178037%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A303%2C59%2C64%2C117%2C0%2C0%2C%2C472%2C7%2C%2C%2C%2C1023%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1694547765888%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1694547768%3At%3A%D0%9F%D1%80%D0%BE%20%D0%BC%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20Telegram%3A%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%2C%20%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 96

https://mc.yandex.ru/watch/39370120?vsid=fa56bb3213a6b157e142c0afcb0d3d3abf14751e253bxVASx3968x1694547766 HTTP 302
https://mc.yandex.ru/watch/39370120/1?vsid=fa56bb3213a6b157e142c0afcb0d3d3abf14751e253bxVASx3968x1694547766

Request Chain 108

https://strm.yandex.ru/vh-canvas-converted/vod-content/2829328631580210543/470ea1f7-9d0e-45c4-8b94-fa9ed01f7057/webm/VP8_854_480_1800.webm?vsid=fa56bb3213a6b157e142c0afcb0d3d3abf14751e253bxVASx3968x1694547766 HTTP 302
https://ext-strm-itt01.strm.yandex.net/vh-canvas-converted/vod-content/2829328631580210543/470ea1f7-9d0e-45c4-8b94-fa9ed01f7057/webm/VP8_854_480_1800.webm?vsid=fa56bb3213a6b157e142c0afcb0d3d3abf14751e253bxVASx3968x1694547766&noredir=1&lid=1529

Request Chain 114

https://fcgi4.gnezdo.ru/cookie_matching/kadam/XOaQhCaRBBpayCfAiXW3 HTTP 302
https://fcgi4.gnezdo.ru/cookie_matching/kadam/XOaQhCaRBBpayCfAiXW3/?redirect=1 HTTP 302
https://d.uuidksinc.net/match/216/?remote_uid=XV9maWUAvzh5HLmea9WqAg==

Request Chain 116

https://ads.betweendigital.com/match?bidder_id=44509&callback_url=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F372%2F%3Fremote_uid%3D%24%7BUSER_ID%7D%26cb_url%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F354%252F%253Fremote_uid%253D%24%7BUSER_ID%7D%2526 HTTP 302
https://ads.betweendigital.com/match?bidder_id=44509&callback_url=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F372%2F%3Fremote_uid%3D%24%7BUSER_ID%7D%26cb_url%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F354%252F%253Fremote_uid%253D%24%7BUSER_ID%7D%2526&crf=1&rts=7351996155439822517 HTTP 302
https://d.uuidksinc.net/match/372/?remote_uid=08ed2758-0bcb-52ff-8cfb-c72ce9fb7814&cb_url=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F354%2F%3Fremote_uid%3D08ed2758-0bcb-52ff-8cfb-c72ce9fb7814%26 HTTP 302
https://d.uuidksinc.net/match/354/?remote_uid=08ed2758-0bcb-52ff-8cfb-c72ce9fb7814&

Request Chain 119

https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https://d.uuidksinc.net/match/444/?remote_uid=${UUID} HTTP 301
https://d.uuidksinc.net/match/444/?remote_uid=43f728eb-c7f0-4754-71b5-ed89ffdf8e8d

Request Chain 120

https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/XOaQhCaRBBpayCfAiXW3 HTTP 302
https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/XOaQhCaRBBpayCfAiXW3/?redirect=1 HTTP 302
https://d.uuidksinc.net/match/493/?remote_uid=XV9maWUAvzh5HLmea9WqAg==

Request Chain 121

https://match.ohmy.bid/cm?ssp=kadam HTTP 302
https://d.uuidksinc.net/match/585/?remote_uid=9d3a621f-1383-4dae-a9d1-12ae6e587cbe

Request Chain 122

https://dmg.digitaltarget.ru/1/6573/i/i?a=662&e=XOaQhCaRBBpayCfAiXW3&i=0.9690168932213177 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1694547768598&a=662&e=XOaQhCaRBBpayCfAiXW3&i=0.9690168932213177

Request Chain 136

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=6a92c703-c2b5-4f0e-bfc8-569c4307e61a&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=faf0bbdb-1f1d-401d-95eb-5093a607aa37&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D82ead756c48e46e7a79b68263ebb9528%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=tqcecnff&aid=4849683970066613103 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=82ead756c48e46e7a79b68263ebb9528&SNR=1&GV=2&med=10

Request Chain 170

https://gcdn.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726083769/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/2452BDFA68C395231D1CCD6E507807A0CC10871A.1D7CAA02C86A774F2AA46CED897B78469D93D3D4/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726083769/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4939D18CE94FC18F28EBC4E71ABEAFBEF941ADCA.49AAA00F7A519AA3CF3B3642EE70C89C2F1A104E/key/cms1/cms_redirect/yes/mh/C5/mip/2001:1b60:1010:2:1011:f87c:8169:34a/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1694547413/mv/m/mvi/2/pl/29/file/file.mp4

Request Chain 189

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj-qgIQgJyQvwIY977y7wEgATAB&v=APEucNUND-nUcP5-wEzjgQgfol5it8B5W2vIYD9NgdVTj5etTpFf0fYbf2GQTE9felZvrPr85VAwged-eGOqxPoUGY64XhWHIg HTTP 302
https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgyMDYyNDEwMDcwNTAzODE2OA%3D%3D

Request Chain 199

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=6a92c703-c2b5-4f0e-bfc8-569c4307e61a&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=faf0bbdb-1f1d-401d-95eb-5093a607aa37&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D82ead756c48e46e7a79b68263ebb9528%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=tqcecnff&aid=4849683970066613103 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=82ead756c48e46e7a79b68263ebb9528&tids=15000&med=10

207 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
download-telegram.org/ 189 KB
46 KB 426ms
63ms Document
text/html 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 / PHP/7.4.19
Resource Hash: 50811b95697b8a5fedd7fb29d16f2738005b5de2c35c13d6556bbfaff5f1d262

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=3, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 12 Sep 2023 19:42:46 GMT
Server: nginx/1.16.1
Transfer-Encoding: chunked
Vary: Accept-Encoding, Cookie
X-Cache: HIT
X-Powered-By: PHP/7.4.19

GET
H/1.1 200
OK style.min.css
download-telegram.org/wp-includes/css/dist/block-library/ 95 KB
13 KB 121ms
62ms Stylesheet
text/css 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 19:42:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 May 2023 06:27:41 GMT
Server: nginx/1.16.1
ETag: W/"646c5cdd-17ced"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H/1.1 200
OK classic-themes.min.css
download-telegram.org/wp-includes/css/ 291 B
539 B 119ms
60ms Stylesheet
text/css 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 19:42:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 May 2023 06:27:41 GMT
Server: nginx/1.16.1
ETag: W/"646c5cdd-123"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H/1.1 200
OK styles.min.css
download-telegram.org/wp-content/plugins/expert-review/assets/public/css/ 98 KB
10 KB 119ms
61ms Stylesheet
text/css 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-content/plugins/expert-review/assets/public/css/styles.min.css?ver=1.8.0
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7d718af4f11881bb2d7887d9e910209de6606a1bb7db1609876ce988683d7b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 19:42:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Mar 2023 08:20:51 GMT
Server: nginx/1.16.1
ETag: W/"64181763-188da"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 86ms
32ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7CUbuntu%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.2.2

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e7932922a7a128ab9286f9bdf0bdbbd73a0643a98554759f269fa14e029cf159

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Sep 2023 19:42:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 19:42:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Sep 2023 19:42:46 GMT

GET
H/1.1 200
OK style.min.css
download-telegram.org/wp-content/themes/download-telegram/assets/css/ 223 KB
42 KB 122ms
63ms Stylesheet
text/css 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-content/themes/download-telegram/assets/css/style.min.css?ver=1.4.9
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 6f82a27bc12d72baa63167352a41b5452b402fba4f7c6d95a1710744f74c86b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 19:42:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Oct 2022 14:58:32 GMT
Server: nginx/1.16.1
ETag: W/"633af898-37db4"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H/1.1 200
OK addtoany.min.css
download-telegram.org/wp-content/plugins/add-to-any/ 1 KB
817 B 124ms
66ms Stylesheet
text/css 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 19:42:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 May 2023 06:25:53 GMT
Server: nginx/1.16.1
ETag: W/"646c5c71-5ef"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 93ms
48ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92545ae7b38b727089c99033d3557a18ee913a608fe8b26fb24973eb8660f17d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 33194
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 09 Aug 2023 10:28:36 GMT
server: cloudflare
etag: W/"c09-6027af130ca25"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 805aa2b58edf39d9-FRA

GET
H/1.1 200
OK jquery.min.js Show response
download-telegram.org/wp-includes/js/jquery/ 88 KB
31 KB 174ms
63ms Script
application/javascript 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 19:42:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 May 2023 06:27:41 GMT
Server: nginx/1.16.1
ETag: W/"646c5cdd-15ed7"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
download-telegram.org/wp-includes/js/jquery/ 13 KB
5 KB 178ms
59ms Script
application/javascript 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 19:42:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 May 2023 06:27:41 GMT
Server: nginx/1.16.1
ETag: W/"646c5cdd-3470"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H/1.1 200
OK addtoany.min.js Show response
download-telegram.org/wp-content/plugins/add-to-any/ 129 B
468 B 61ms
60ms Script
application/javascript 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 19:42:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 May 2023 06:25:53 GMT
Server: nginx/1.16.1
ETag: W/"646c5c71-81"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H/1.1 200
OK wpshop-core.ttf
download-telegram.org/wp-content/themes/download-telegram/assets/fonts/ 57 KB
58 KB 179ms
60ms Font
application/octet-stream 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-content/themes/download-telegram/assets/fonts/wpshop-core.ttf
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 973408bd1a1da181c7eaa9293c0cd095f3836a76b626bc76af21e1cd96b5dcde

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 19:42:46 GMT
Last-Modified: Mon, 03 Oct 2022 14:58:32 GMT
Server: nginx/1.16.1
ETag: "633af898-e52c"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58668

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 307 KB
87 KB 214ms
79ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

cec11d61a467788c1860c280316423d8920bd9a32e310a5738c0bb3a43bd7545

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1694547766754908-17851457112246964024-balancer-l7leveler-kubr-yp-sas-142-BAL-185
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 12 Sep 2023 20:42:46 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 158ms
106ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c0b59a3e2b69a628dc0425d73a64bba1f837625a7bd17dd3cbe5bb08c5df03d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50766
x-xss-protection: 0
server: cafe
etag: 17864613657168435591
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 19:42:46 GMT

GET
H2 200 logo-website-96.png
download-telegram.org/wp-content/uploads/2022/10/ 3 KB
3 KB 188ms
63ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2022/10/logo-website-96.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

106c8edc4d0efd3fa76416d64a5758928d2b68549945c0192058979a881ebd40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 04 Oct 2022 11:59:17 GMT
server: nginx/1.16.1
etag: "633c2015-c66"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3174
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H/1.1 200
OK mSetupWidget Show response
hunterers.com/api/scripts/ 39 KB
9 KB 203ms
124ms Script
text/html 88.208.46.156
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hunterers.com/api/scripts/mSetupWidget?id=212

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

88.208.46.156 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

openresty / PHP/8.0.30

Resource Hash

06514f1804481fd8be676e6d5f4396dbc4e5d3008210680ff44b146a3137012a

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 12 Sep 2023 19:42:46 GMT
Content-Encoding: gzip
Server: openresty
X-Powered-By: PHP/8.0.30
Transfer-Encoding: chunked
X-Frame-Options: DENY
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: max-age=0, private, must-revalidate, private, must-revalidate
Connection: keep-alive
X-Request-Id: 4fb356bc2a52777a03cb342cfac066fd
expires: -1

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
download-telegram.org/wp-includes/js/ 18 KB
5 KB 61ms
60ms Script
application/javascript 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 19:42:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 May 2023 06:27:41 GMT
Server: nginx/1.16.1
ETag: W/"646c5cdd-4904"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 logo-website-32.png
download-telegram.org/wp-content/uploads/2022/10/ 1 KB
2 KB 190ms
65ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2022/10/logo-website-32.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

6b829fb8f86ef0240affa313e529bbd854e648938d97a5c38645f0335205b504

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 04 Oct 2022 11:59:15 GMT
server: nginx/1.16.1
etag: "633c2013-5b6"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1462
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H/1.1 200
OK scripts.min.js Show response
download-telegram.org/wp-content/plugins/expert-review/assets/public/js/ 12 KB
4 KB 64ms
64ms Script
application/javascript 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-content/plugins/expert-review/assets/public/js/scripts.min.js?ver=1.8.0
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 35bb84867821accef04687a4ebf2309214f822456767925836a1c8442118d4b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 19:42:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Mar 2023 08:20:51 GMT
Server: nginx/1.16.1
ETag: W/"64181763-30af"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H/1.1 200
OK scripts.min.js Show response
download-telegram.org/wp-content/themes/download-telegram/assets/js/ 52 KB
10 KB 62ms
61ms Script
application/javascript 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-content/themes/download-telegram/assets/js/scripts.min.js?ver=1.4.9
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 80042a2ba4be8704e8b41ec93c8e81a2c6df1f2b4176b272fefa2611a5af30b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 19:42:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Oct 2022 14:58:32 GMT
Server: nginx/1.16.1
ETag: W/"633af898-d14f"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
DATA 200
OK truncated
/ 969 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 401503518894f575673732c689a7885c78bb615900c0c3f726765eb4ce6aa799

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK icons.svg
installpack.net/wp-content/themes/installpack/images/ 621 B
713 B 249ms
63ms Image
image/svg+xml 176.99.5.252
LOGOL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://installpack.net/wp-content/themes/installpack/images/icons.svg

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

176.99.5.252 , Russian Federation, ASN49352 (LOGOL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

54bc30a4cd8464bb75013d18866ffa4f74e08d1ffe3238e0100770ada8947969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 19:42:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 24 Apr 2018 13:24:09 GMT
Server: nginx
ETag: W/"5adf2ff9-26d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Wed, 11 Sep 2024 19:42:46 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 81ms
22ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7CUbuntu%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 00:09:23 GMT
x-content-type-options: nosniff
age: 156803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Sep 2024 00:09:23 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2
fonts.gstatic.com/s/ubuntu/v20/ 18 KB
18 KB 134ms
76ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7CUbuntu%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caeaf02fa4a8a45438c270767c4e50fc7f3ed5f94a4c90984eaacb87c2e8a693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:28:30 GMT
x-content-type-options: nosniff
age: 440056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18200
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:10:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Sep 2024 17:28:30 GMT

GET
H2 200 4iCs6KVjbNBYlgoKew72j00.woff2
fonts.gstatic.com/s/ubuntu/v20/ 20 KB
20 KB 139ms
80ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7CUbuntu%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:43:37 GMT
x-content-type-options: nosniff
age: 7149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20860
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:15:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Sep 2024 17:43:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 129ms
71ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7CUbuntu%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 19:52:03 GMT
x-content-type-options: nosniff
age: 517843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Sep 2024 19:52:03 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
29 KB 84ms
25ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7CUbuntu%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 01:26:57 GMT
x-content-type-options: nosniff
age: 324949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 01:26:57 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 107ms
49ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7CUbuntu%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 509670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Sep 2024 22:08:16 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
34 KB 117ms
62ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7CUbuntu%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 09:02:56 GMT
x-content-type-options: nosniff
age: 383990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 09:02:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 111ms
56ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7CUbuntu%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 21:26:59 GMT
x-content-type-options: nosniff
age: 252947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 21:26:59 GMT

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame 55B6 677 B
541 B 35ms
34ms Document
text/html 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2257544
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 805aa2b5df5d39d9-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 12 Sep 2023 19:42:46 GMT
etag: W/"2a5-5edb40e6d10d8"
last-modified: Fri, 18 Nov 2022 00:47:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff

GET
H3 200 core.c78901bc.js Show response
static.addtoany.com/menu/modules/ 69 KB
25 KB 79ms
50ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.c78901bc.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05d18955853a018a783dde77bcf072fb4e36df5bffafefb7be0e5e97411ab092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1235178
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 09 Aug 2023 10:28:35 GMT
server: cloudflare
etag: W/"1140a-6027af129c545"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 805aa2b60cd11b36-FRA

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 242ms
115ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

92d967aa9f47d13c45fa328edf25255a86f1b4cabf5673a516166a274da4c235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 07 Sep 2023 11:49:37 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64f98ea1-11420"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70688
expires: Tue, 12 Sep 2023 20:42:46 GMT

GET
H2 200 seksualnyj-nabor-stikery-dlya-telegram-150x150.png
download-telegram.org/wp-content/uploads/2017/01/ 8 KB
9 KB 64ms
60ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2017/01/seksualnyj-nabor-stikery-dlya-telegram-150x150.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

266d747bc2251130403b329830c637ae7aff70c14b8672adaeb3490e6726b4e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:11:29 GMT
server: nginx/1.16.1
etag: "5fdc9c71-21d9"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 8665
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 gay-ok-animirovannye-1-100x100.png
download-telegram.org/wp-content/uploads/2019/12/ 10 KB
10 KB 64ms
60ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2019/12/gay-ok-animirovannye-1-100x100.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

d9f5a7bb86b216f27dfde6db9d0a65689c3bd94e63348d084489791df472533c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:20:19 GMT
server: nginx/1.16.1
etag: "5fdc9e83-27b6"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10166
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 van-pis-8-100x100.png
download-telegram.org/wp-content/uploads/2019/12/ 12 KB
12 KB 122ms
118ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2019/12/van-pis-8-100x100.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

4958607da2a850ef6629c21420710b7c9fec2b0de527bcad62d9d88f54f079a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:33:00 GMT
server: nginx/1.16.1
etag: "5fdca17c-2f8c"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 12172
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 v-rotik-ili-na-zhivotik-6-100x100.png
download-telegram.org/wp-content/uploads/2019/12/ 12 KB
12 KB 123ms
119ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2019/12/v-rotik-ili-na-zhivotik-6-100x100.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

9f3f0ace3076a9187e441c0a7dc34ec29b87b6c673317f0f59e5741a75918b41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:32:49 GMT
server: nginx/1.16.1
etag: "5fdca171-2e97"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 11927
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 braun-i-koni-3-100x100.png
download-telegram.org/wp-content/uploads/2019/12/ 13 KB
13 KB 124ms
120ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2019/12/braun-i-koni-3-100x100.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

b1f798097d6f80c7dfa36878092865f5f88160f9e3f3786f158c78cc37820e14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:18:03 GMT
server: nginx/1.16.1
etag: "5fdc9dfb-3369"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 13161
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 blinchik-i-smetanka-3-100x100.png
download-telegram.org/wp-content/uploads/2019/12/ 12 KB
13 KB 124ms
120ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2019/12/blinchik-i-smetanka-3-100x100.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

380b46f90ddea042fadd02cd90ba8a1c18b7ff302a0c82ee98e0a1aeba4c7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:17:46 GMT
server: nginx/1.16.1
etag: "5fdc9dea-31bc"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 12732
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 telegram-logo1-13-150x150.png
download-telegram.org/wp-content/uploads/2016/02/ 7 KB
7 KB 124ms
121ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2016/02/telegram-logo1-13-150x150.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

ab77eaac8440d50b7b37c5eacace4b577536ad17c5ff562668ce9e8853be66d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:10:17 GMT
server: nginx/1.16.1
etag: "5fdc9c29-1c30"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7216
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 robot-anton-150x150.png
download-telegram.org/wp-content/uploads/2015/10/ 17 KB
17 KB 124ms
121ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2015/10/robot-anton-150x150.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

f71a02c3678fa32960a613b256b1f91f4f4383bc95c24e8faf8771bc849083d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:08:49 GMT
server: nginx/1.16.1
etag: "5fdc9bd1-44da"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 17626
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 telegram-logo1-5-150x150.png
download-telegram.org/wp-content/uploads/2016/03/ 6 KB
6 KB 124ms
121ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2016/03/telegram-logo1-5-150x150.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

3d3ea446b44bd1d64dd9e973c0fbc56c6c50541814b038653a80c723baed86a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:10:38 GMT
server: nginx/1.16.1
etag: "5fdc9c3e-17cd"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6093
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 telegram-logo1-150x150.png
download-telegram.org/wp-content/uploads/2016/02/ 6 KB
6 KB 124ms
121ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2016/02/telegram-logo1-150x150.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

46a9423304c00ed5bddd23e4db997587770ece0e0f30475b091b15da2c733bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:10:18 GMT
server: nginx/1.16.1
etag: "5fdc9c2a-1915"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6421
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 telegram-logo1-19-150x150.png
download-telegram.org/wp-content/uploads/2016/02/ 6 KB
6 KB 125ms
122ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2016/02/telegram-logo1-19-150x150.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

ba08211e0a4669384dee0dc42fae6962587e31a06146a31a2ad5a766a3354eb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:10:18 GMT
server: nginx/1.16.1
etag: "5fdc9c2a-1669"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5737
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 telegram-logo1-3-150x150.png
download-telegram.org/wp-content/uploads/2016/03/ 8 KB
8 KB 125ms
122ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2016/03/telegram-logo1-3-150x150.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

7c0aea7b92e8dc151bd67d1344cf131f0d718598f7ed3371bcd72136458bd76a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:10:38 GMT
server: nginx/1.16.1
etag: "5fdc9c3e-1e13"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7699
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 telegram-logo1-1-150x150.png
download-telegram.org/wp-content/uploads/2016/03/ 6 KB
7 KB 125ms
122ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2016/03/telegram-logo1-1-150x150.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

54b0132a1207a2ecf8ee8b12e208fe7551108d09de8f8aeb6a019b77c22057bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:10:37 GMT
server: nginx/1.16.1
etag: "5fdc9c3d-199b"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6555
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 kak-skryt-nomer-telefona-v-telegram.gif
download-telegram.org/wp-content/uploads/2017/08/ 23 KB
23 KB 125ms
122ms Image
image/gif 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2017/08/kak-skryt-nomer-telefona-v-telegram.gif

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

9a8055e54d37fc509c6e60476b2139f392bd2c8eb4dea39ebb8b371e0cc2b624

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:12:38 GMT
server: nginx/1.16.1
etag: "5fdc9cb6-5b16"
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 23318
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 telegram-logo1-3-150x150.png
download-telegram.org/wp-content/uploads/2016/02/ 6 KB
6 KB 125ms
123ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2016/02/telegram-logo1-3-150x150.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

6d1a7b75f8b04d053dc989b69d2cb2374a8bbc5734f7be357812530ec074a805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:10:19 GMT
server: nginx/1.16.1
etag: "5fdc9c2b-167c"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5756
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 %C2%ABBlueDurov%C2%BB-%D1%82%D0%B5%D0%BC%D0%B0-%D0%B4%D0%BB%D1%8F-Telegram-ava.jpg
download-telegram.org/wp-content/uploads/2018/03/ 15 KB
15 KB 126ms
123ms Image
image/jpeg 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2018/03/%C2%ABBlueDurov%C2%BB-%D1%82%D0%B5%D0%BC%D0%B0-%D0%B4%D0%BB%D1%8F-Telegram-ava.jpg

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

eebf6cc55ea3e4ca212dd3da2673c12739e0e482b5665345bf87d2dea5589d34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:13:26 GMT
server: nginx/1.16.1
etag: "5fdc9ce6-3cb2"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15538
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 blue-ice.jpg
download-telegram.org/wp-content/uploads/2018/03/ 96 KB
96 KB 126ms
124ms Image
image/jpeg 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2018/03/blue-ice.jpg

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

5d1dcfe8737cf39d0592a0c41c3533ebb5e9c5ae69de5f08b90e3dd9afc7fa93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:13:22 GMT
server: nginx/1.16.1
etag: "5fdc9ce2-1802f"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 98351
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 %C2%ABCM-Branco%C2%BB-%D1%82%D0%B5%D0%BC%D0%B0-%D0%B4%D0%BB%D1%8F-Telegram-ava.jpg
download-telegram.org/wp-content/uploads/2018/03/ 15 KB
15 KB 126ms
124ms Image
image/jpeg 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2018/03/%C2%ABCM-Branco%C2%BB-%D1%82%D0%B5%D0%BC%D0%B0-%D0%B4%D0%BB%D1%8F-Telegram-ava.jpg

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

45eb85486762b6f590083f2dbaec645b06706824904b64fe0f55ae3f486bf716

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:13:27 GMT
server: nginx/1.16.1
etag: "5fdc9ce7-3a02"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 14850
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 %C2%ABEpsa%C2%BB-%D1%82%D0%B5%D0%BC%D0%B0-%D0%B4%D0%BB%D1%8F-Telegram-ava.jpg
download-telegram.org/wp-content/uploads/2018/03/ 14 KB
14 KB 126ms
124ms Image
image/jpeg 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2018/03/%C2%ABEpsa%C2%BB-%D1%82%D0%B5%D0%BC%D0%B0-%D0%B4%D0%BB%D1%8F-Telegram-ava.jpg

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

9bfbf9f281853aa93ff0bdb29d5935fdede5b5aefecc87645b26c047d11129bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:13:28 GMT
server: nginx/1.16.1
etag: "5fdc9ce8-365b"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 13915
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 %C2%ABAhri%C2%BB-%D1%82%D0%B5%D0%BC%D0%B0-%D0%B4%D0%BB%D1%8F-Telegram-ava.jpg
download-telegram.org/wp-content/uploads/2018/03/ 17 KB
17 KB 181ms
179ms Image
image/jpeg 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2018/03/%C2%ABAhri%C2%BB-%D1%82%D0%B5%D0%BC%D0%B0-%D0%B4%D0%BB%D1%8F-Telegram-ava.jpg

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

0e5ff0847eadf9d7d6cb7b17033f5e5995e55a4589cad919722369edfa151969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:13:25 GMT
server: nginx/1.16.1
etag: "5fdc9ce5-42f8"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 17144
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 %C2%ABMaterialDark%C2%BB-%D1%82%D0%B5%D0%BC%D0%B0-%D0%B4%D0%BB%D1%8F-Telegram-ava.jpg
download-telegram.org/wp-content/uploads/2018/03/ 16 KB
16 KB 181ms
179ms Image
image/jpeg 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2018/03/%C2%ABMaterialDark%C2%BB-%D1%82%D0%B5%D0%BC%D0%B0-%D0%B4%D0%BB%D1%8F-Telegram-ava.jpg

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

2afb76ffc5374245e6402622fa34fd329aacd836ba1e7c3a865063cd446453ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:13:29 GMT
server: nginx/1.16.1
etag: "5fdc9ce9-3f04"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 16132
expires: Wed, 13 Sep 2023 19:42:46 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ 379 KB
129 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5409240997335254&plah=download-telegram.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8b64bb41a352ab183149ccef01cc3824880ed96192ab575eac8864d8b4f5d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131798
x-xss-protection: 0
server: cafe
etag: 13279272571561386042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 19:42:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/ Frame ADBF 10 KB
5 KB 82ms
20ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 09:36:09 GMT
etag: 8554266389219770021
expires: Tue, 26 Sep 2023 09:36:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 787276.js Show response
dariolunus.com/ 42 KB
17 KB 168ms
72ms Script
application/javascript 88.208.46.60
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dariolunus.com/787276.js
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.60 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5249fdfaed19d57f3207ab33d224c86bcef26a6e8044e60785216eb07e27639b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Sep 2023 19:42:47 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H3 200 telegram.js Show response
static.addtoany.com/menu/svg/icons/ 360 B
527 B 39ms
39ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/telegram.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.c78901bc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
via: e7s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 118393
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
server: cloudflare
etag: W/"168-5edb43f8443f8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000, stale-while-revalidate=30
cf-ray: 805aa2b73ec11b36-FRA

GET
H3 200 vk.js Show response
static.addtoany.com/menu/svg/icons/ 1012 B
837 B 40ms
40ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/vk.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.c78901bc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b65482c4f7f198e9e37a5a600bdda73dc504dbcb0f49454644b171bfded11786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
via: e7s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 118392
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
server: cloudflare
etag: W/"3f4-5edb43f896478"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000, stale-while-revalidate=30
cf-ray: 805aa2b73ec61b36-FRA

GET
H3 200 twitter.js Show response
static.addtoany.com/menu/svg/icons/ 695 B
675 B 38ms
38ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/twitter.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.c78901bc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
via: e7s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 118392
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
server: cloudflare
etag: W/"2b7-5edb43f86f378"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000, stale-while-revalidate=30
cf-ray: 805aa2b73eca1b36-FRA

GET
H3 200 odnoklassniki.js Show response
static.addtoany.com/menu/svg/icons/ 764 B
704 B 43ms
43ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/odnoklassniki.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.c78901bc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

562f74199a50c24bcb7d088e403d9cc7e0b5df53297b4d3a62fede4a4cb89623

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
via: e7s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 118392
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:38 GMT
server: cloudflare
etag: W/"2fc-5edb43f775378"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000, stale-while-revalidate=30
cf-ray: 805aa2b73ecc1b36-FRA

GET
H3 200 whatsapp.js Show response
static.addtoany.com/menu/svg/icons/ 1 KB
912 B 46ms
46ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/whatsapp.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.c78901bc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96840bd7cc7d8edd1d1ffaff60d7f335fd866cd9a6132c8524d620482f4df64a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
via: e7s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 118392
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
server: cloudflare
etag: W/"471-5edb43f896478"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000, stale-while-revalidate=30
cf-ray: 805aa2b73ece1b36-FRA

GET
H3 200 facebook.js Show response
static.addtoany.com/menu/svg/icons/ 318 B
501 B 41ms
39ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.c78901bc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a19ff3554a1e589f756a92be8263726674127c133feb1d333095668b77ba08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
via: e7s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 118392
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:36 GMT
server: cloudflare
etag: W/"13e-5edb43f5ee978"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000, stale-while-revalidate=30
cf-ray: 805aa2b73ed41b36-FRA

GET
H3 200 email.js Show response
static.addtoany.com/menu/svg/icons/ 393 B
545 B 41ms
40ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/email.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.c78901bc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15684309274ca43c5240c88c5be2c9ed2f56ed2b38d0367dc372760f9e287c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:46 GMT
via: e7s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 118392
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:36 GMT
server: cloudflare
etag: W/"189-5edb43f5e5cd8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000, stale-while-revalidate=30
cf-ray: 805aa2b73ed61b36-FRA

GET
H3 200 a2a.js Show response
static.addtoany.com/menu/svg/icons/ 182 B
409 B 136ms
135ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/a2a.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.c78901bc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:47 GMT
via: e7s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:36 GMT
server: cloudflare
etag: W/"b6-5edb43f58ee38"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000, stale-while-revalidate=30
cf-ray: 805aa2b73ed81b36-FRA

GET
H2 200 getslugv3 Show response
msstral.icu/api/ 102 B
694 B 350ms
48ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://msstral.icu/api/getslugv3?pa=a67b7b35dad41141f8bb33b698ac68e3&bl=0&raw=%3Cp%20style%3D%22text-align%3A%20center%3B%22%3ETelegram%3C%2Fp%3E&sourceURL=&sourceName=&sourceIntro=&sourceNote=&priority=source&tag=telegram&rnd=c45f0c3c18660d044bad0cb2d7873836&d=1&utm_content=&err=0&b=1&rfr=http%3A%2F%2Fdownload-telegram.org%2F
Requested by: Host: hunterers.com
URL: https://hunterers.com/api/scripts/mSetupWidget?id=212
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f15944f6f227cf9f6941788e04a4f529f29f1c2b7894c9143a3f751c6830df05

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pe2e171ALhSARKBAYzYKLyjmog4SETRLhRyKbz%2Bk0XrnmydgmFlIykCZE5ZardE3EYW2DF%2F%2BIXosOiRSj5y1vDnFHPRn2i4jfbTyBXtZy%2FJqc%2Bu75suLAmClVpg8kV1cyM4Jac%2FPuYRQxg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
content-type: text/html; charset=UTF-8
cf-ray: 805aa2b92a0a9076-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
alt-svc: h3=":443"; ma=86400

GET
H2 200 218a2762fa1cef8ed0d5.js Show response
yastatic.net/partner-code-bundles/863968/ 14 KB
5 KB 335ms
106ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/863968/218a2762fa1cef8ed0d5.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

70acd0f21e444b41bbd6cca39a449839c6f7c8ace11c94394c06ab17dea4bbe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:47 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4776
last-modified: Mon, 11 Sep 2023 18:35:56 GMT
server: nginx/1.17.9
etag: "080e1731088d70c20c5795c1fbb7432b"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 12 Sep 2053 02:17:31 GMT

GET
H2 200 fb767ae6fc1016c21026.js Show response
yastatic.net/partner-code-bundles/863968/ 24 KB
8 KB 342ms
115ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/863968/fb767ae6fc1016c21026.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1eb69777c7ff28fa45c7721829f998c9427fac094a1f96b55164b48fb1553c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:47 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7950
last-modified: Mon, 11 Sep 2023 18:35:57 GMT
server: nginx/1.17.9
etag: "d9340b638e0f0bde51a78ced0ad2303d"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 12 Sep 2053 02:17:36 GMT

GET
H2 200 70a2b46d58d4db9de829.js Show response
yastatic.net/partner-code-bundles/863968/ 121 KB
26 KB 361ms
134ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/863968/70a2b46d58d4db9de829.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

5298b1e57cb7a787b0bb251c78cc9c33793b95937c66cd0cbaed85287a24355c

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:47 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26267
last-modified: Mon, 11 Sep 2023 18:35:57 GMT
server: nginx/1.17.9
etag: "97ad15a83757b615ac53b77497ee2bc7"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 12 Sep 2053 02:17:31 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 375ms
149ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:47 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 12 Sep 2053 02:18:00 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 272ms
49ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:47 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 168472f1b9a65d38
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 01:31:12 GMT

GET
H2 200 1961151 Show response
yandex.ru/ads/meta/ 70 KB
16 KB 253ms
252ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/1961151?target-ref=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&pcode-test-ids=863691%2C0%2C60%3B844764%2C0%2C45%3B844519%2C0%2C19%3B861980%2C0%2C87%3B859606%2C0%2C28%3B860576%2C0%2C96%3B857150%2C0%2C76%3B859292%2C0%2C95%3B854263%2C0%2C35%3B858418%2C0%2C89%3B856962%2C0%2C71%3B858862%2C0%2C30%3B844350%2C0%2C60%3B863968%2C0%2C37%3B849970%2C0%2C45%3B681845%2C0%2C87&pcode-flags-map=eJy1WNly20YW%2FRc%2Bmw72xW8NoEF2hIVpNCjRKVcXYzGKprRMyXKSscsP84nzR3O6AZEAyDRjJ9EDRYC8B7fvcu65%2FDxbk0Y2y%2FpSkkwWJKGFzGsuWSUTUlWUz978%2BHn26%2Fbu4272ZiZ4S2evZs%2B7D8%2FsGtdB4LpeOPvy7tUBZsXrrE1FI%2BtKrkjbUCNCaMee2yFkrCFJQWVat5WQnGaM01TAE7JamTEcy%2FOcvRd4pCzbQjBeFwXQKqHeUC4viUiXNJOClVTWed5QYcZ1HSs8nI5TwTfqVBUVlzW%2FkJTz2hyf0A%2B8MN4j0EofsEkJXgt2gbctX9MNEC9lRhu2qMxwgRW64RHcX8FAQNIL5H1Tt0I2RY0X9pbKBDnICGe0MYOFke3ZGkwFVWGsONVxP2RgzTJay%2F7zEZxt4W%2BEF7txaJ3BS9o8RzZpuRIbRLFkU9CvRlyvCMv%2Bfg%2FzFu%2B%2FFbVS7fM3e%2FoHmH8pP6cx%2F7kIfGv2VbEvOElkQauFWI6MwB%2FR0CyyIiv0pn0mOEGrrFnTkqKjOkWU9EpQXuFO1phZKrKdwPoGUH2jITmVOSelmU31M7rm5lxRX4NvgEPxQKH4fUUUBLAbjUrajNUy5ZQItj7T6pFnOba%2Fd%2F8lSaIGLzaCcKGYMWccD0qXbXUhc8KKEaI%2FznjkOaFzACRCqJw2X4PomgBxVgyCtGAU06SgC0STVXktL5dMD5lqTfGIrvhVfM6c3reiaDAKqgxFSBIVApIpJNbgRssL5fQlTepz0QwtbzAY0rqUqSA6KwXhizNp9iPHDw5jV%2BhSghcNq8fsHwW2649rW41sV9tuCE5xJXkrs7okbGy5%2B%2F3fQzPfCh03OGkmMbgFZ4nR3LGtwOvNlWVnIklxSTaN0RLyIO5GzCqtM525Bik12%2FiOZY1ERS8m0oYbDWM7jDo3NeN0Eki2FcsZhAOr0Do5SakZI3J61aBGMqc5ynkpi3rBUpNdYEduHyIcEXVfymTzUmmqLsCFCcuMEIiyY4%2FODTHEyUK1QDfpFSM36HhayWZCWEf%2BxLbX%2B0MKVdcvVZ8jCpJpNsKxSEbNToVRHHSlrpRZDlFRZcWmYzOlM6fyzmyfXGiF0hFY173AQP8ktRkl9npmVCgFBRsCoTTaBJEXdOEchG3BMYEhtC5EbfY7CjzbHcZP60XwD0AGeBU0l074ooXmxXxT2jelIGRjWEPb8kL%2Fheq7ShMtr%2Fr0gPeQbbHkdbtYGskktO0XKirI243OqNStNjT7PPt59%2Fz%2Bl3L7dHP7MHtj%2B9ar2f3jT7d3u%2Bb99u724Wb2xvkyQgVHdfFuSsXlP7S0pRhsK5kUauQVbEy5P87ut7d3r58%2Bwrf%2FbB%2Bud7%2Fj%2FXe399ub3YfRrZvtvb5z%2FWn30H19%2B%2Bvt82P39v714OL64ba%2Fq5D3CLjxtP109%2Fjpl%2F7jT0%2Fd%2F49P29cPu98%2BHH3hX9vH%2B1tt%2Bu70ESs9QGVJwdx4zRiRgiyMvIblwumLS7cFRe4xiFMBCj9j6LtWt%2B1ggUEl5gRUhXGHR1dtmVAjw4W%2B7faKSC9ner2CJaZWQtOuI6FGGLjjDExoddUHGsEILBXBLTTlsCwnJ9JrES%2Fz0jyYB8QJ554VZ3Pi4iW1LMehaZw6kFyvZva1HYbx7npueUE891zv53kUbIP5T1tsY0547cQ7f5yGyPfjXuON6GDYZKJu02XXakXd6ON2EoPT7zEXzrQaOtmLTj2hE2zo7kSV9AovuKN1C6uYOLEgHiF7nm%2BPkQdea75jC0kaZLrRvGdEizHs3TORUJhKaWCIHzb%2Bfkk2190J9AFuwRZLyMElLf%2Bsj6Ctlw0WJaQlaq%2FKzACgZecEQN%2BDfwoi9nuIDZ4Ku7Trv6SokUbQOzSioCdqmM%2FZ3PFiGwvD3Abk8NqZXLuTa09fk7njY%2FkJHdgPqziy4sDu9FXOrpAZstLH6bbxdmE6T2RD8HgDrl2AF1ipCOEQGCOAb3vxEUBaV19j37FB3oAIaiwt7Mps4br9cOT0kqtodxOrlz5ETJXsEQCGqzskX1Cn2qHUUCe6BVVRY5ECH1ftGajYsfZcJmiVKr3Uw9rSMRsHbtj50dciZFrJ2lJCeK3ksubsLfyAY6qRz7ZHFFhuvySegUOi1G79FYCDJlElxsuV2lfMxuDiYKQnv2%2FgBBpM6iHBCiY2I4Tnm8fJtmH3U%2B5oz9EnGBmnopgYB%2FHBWBVl2jYCEOuSrPYr6JoU7TgGnjVdNb2wl9YZoteRM8ny%2Bgrjc9UoJjv%2BlfH9w%2FMEw7fjkxgnzf%2F33z%2B0J1mTXawncxqxjiNrEn11Zxj9Tlqo3w9ZtdDPPf5N4KhA48AKhhWlk7D%2FlVaRnEKaToy6FhMP3z%2FfTSrLD0fApMXuvoK6Q01WB2WiWbUxQvnQUtYICtuP9hNyWKCX93x4RvUfAcdO7Bx2MVR%2F1Y9Ts5nnBO7eDJx2ycRS1Vqv7ZSaMAc98uxo2nXo5Fr%2F65bRRrWg2Y0gDpxzKCOE7d0EIYp6BK3oj4vOjYPpzwPqzpd3X%2F4Pt4wGFA%3D%3D&pcode-icookie=ezsvrhBUCuMMt5AcoT4WswB9Tk6eszASPunEG8NuaMIZQEv2RT6KXwpmit3NbfoAlstg2E4oWd8S31jTsF%2BonWNngEs%3D&imp-id=3&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=404620279021570&ad-session-id=8941061694547767090&target-id=4490424&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fdownload-telegram.org&top-ancestor-undetermined=0&pcode-version=863968&pcodever=863968&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22supportHDRBrightness%22%3Afalse%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1100%2C%22h%22%3A0%2C%22width%22%3A1100%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A250%2C%22top%22%3A795%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjJ9ChLjJI0kOQqoyYOVmPuu6KRprXniREazWIossc0yXPnb7u7q9k__lzqCbRvHsbmxa0URyxy2nFiGF6yYt7VL33VbmQ36P-AKo4mO3r52nVNHbgTfdafT6RhJGEkYT68KFUqdXpUXap0-zEJlrvNheSQ-r_sCX-QRe8S-yOf7eD6MRyXpEOTKnDwuFFB0H9eX-vgeiYfwQQp9afexHs7Ax_Z5x-hhDjwCxud6FOxHwfX5HqEv6k8fzxc_nUQeod4wkNMr8rDoaaHIITeq80gTZ_IwS1Jj1yRpmKch5MYKoY4kj6I8Jc_j_s_y_kGi_x_rIHj82B5B9xAe1__IX-gK_aA_KOkdzPMl954Hrz19SPHuNF_4sPOe4vbc0n6r93GWTrEvZeg-TF-6-_6T9jpBX1DCuUL6TBsdv0Lu14OnEV5vX7t0NC7zvTAYDTq9YUatTdSIukZZRBHkRlWiyLtWmZB3UnmZK7S5uozzSJ6kUYY471GmzrVFXKZJmht1enWGuMIYZeFxFy4KWSYvlVlK1n8leZ4-1YU6j8swBzc0fvvf8_8wzl__zwhnlHjLBWNvDTzQ9YZi-vhnbody2XjBkymVHL83RGWWpsc4AzdXm7PVxkWqzlLyQcqBYDvZWNuq9rjesGzkVla2htX9H6JvZXD-A7B_plK36XHuPOkdpDfIdY1eQ4WITi9TVroUeSr7T5XZr0zndhr4uXY3bjiOQeiDdDv89v5dXldYEEGCDPAOr0GmtEPSHcqsNcqLWKMymrOPEk1WKHdykdEUsVYWht_l3YJWlhFgZEWcc_Joslhzm7Je0MDmZ50-LVxoK4osLR8lIy9uRaYz42ZdR-G2Ofs9RfIirTxxrkgQf2fcaT8_QH7NPmJ5JJdAbzhm7qJs1JY_BEV3QZYhInleypMopDiQduSJFrC5JizlBbmNS1VEpUaVKdVxntp5KI07JoB9xf4Zia5Ofs_yfL5tQmjwOQqqeRzO1sPvTt4XbywPngf6vXpFFzh6mIrO-jDWDpfvgXWlwfa0vTEa2Dc5BxFppYBdiW8IpmUtCCrS75DiEV8DWuE6_tqFKrov6jqnhh9BOE4b6fuK1Irds_JB_dq-CfNLOe4n4qtwoq6PwjhJyXUcyfUbbJD2a-6vAL_rS6jBlnnx5vWlj-8RPO_W3c9mEo9wsvvW2as_-G4r8C6TSjZhXUL9pD1wMpgWUveKn9qRwM_jmi8HDfXSgNGM4SGmoLhEvIfU-3zYkxKPEMJ_wMuhmwclX6yIhh9ozjHmycQD4xKTSZR-lPdPw3cY9iUUOJ-8SDaFSScB4z4j6RDESwzPaysdl1OOTzTJFO6_dHu65HMpQsQ4kf98f1AVLEkWHWPnqQnWH-aLr4mvZS4RfkK8lBD4uEv3g5a0SFm0dd9DsBC4IBj_RwT_hu0h2Cli7fF4G-Pz_1yiQSzZSHyJ9Yzh-Mw3fQcw_qXT2P-NB-YRDPs_go1Ht2svQBZMEHqrvIHv8bvCR-aBWePMZxkw9o2Fb4fCg2Vb9ejG31nx9-6hE2ehsOHpXV6j2A0B8W_Jj_Z17_PX9tWjTcNZiZk6b_3ngCqpe5GViLOcVJ7EYUlnnhA0T2LyHpekcSGXL4mwpfgLnQtt_o3zIaaolb3d4L_54SWUvSb3BetIZMowgzAPZfLKERbaC7_Ca4kH-NkxVOt8kM2C-z8gaDHkt__N7PZiD8AfrgePHYoB-vAjuKzKEWlJ3XXgDZS3hx_hND1vb-abU8Z911NxjwUzXU4oi_rEwv8Qgu27H-lAftpsZiLwBeaQPTInXPLKZ3c8fwIYt28DTGgxtL0Y2iKmqLY6XEdVw21nGIbG3FId5Tro7-hnQFB9RMPYkaXqOMnUjP3TJhATsqy4RMrYwc9SdUIa9cb0kSFVFhoypHkcIzrm7-iD8lCGce3Yf4ZHhJbEg7EtvqDMPfZF_qCvVDrEZ0rqEQN0kZn_HNQJngST3MXrW7d8_s0KAky3JAebSS1kYLPs1uObF1Hfh6RH9H3hlzHxOITnNxPvqVPZglZK7sFPCddAe_yR74eJP93ihvu-dGvP3jg_w283EvTmquLtP1zHbQlZyPL3jfWxJUc6amnB3ybhVTo32W4fXDpab9IjsG__PEa4O1T8I75OJRCP6791B15L58S_QII_INhHF-V8yJke3j52WUXgFDvcHyrB8Ad1xY3BEuvN4vi2sobeNHLxZOSgvvuXh2WpJdeUtD2LykiVkJahSqbQpkWmjMowluVGNjRRUEyMUGuQiRdt8uC9XWqKWB11B9T754qCywd0kTjsGsNOWhZppijCnD3sFBTuzRuY2f81YdHCaFtetyPSPGTJk_iZcx026X7K7YK6rV9J-p5HaEn7_BYJk_Qh95XuWpK_DIhmNFP75pnmUTuOGtvvEsWHKOG7ivS2BGrO7JLYs6RDyUDjCxk4IW8Ou8XfgbOEmeca0s832NwgrHH2nXTMt1h4xIzbPRu8boBl7tMBUIwCtAkYv7q2CO1Rqo0Vo36HuEDUISLrE9-yTrfr1wGnbc-AnOm-r5dOCzkhmtMYbM_xEECV3W-p5OeVSy8yh3U5Di1GxCTJsH1nS77CC-ImnwFgRjMjuH3r4jLsay-p9hsYG1M3pGgxF1om58LiC-vT__J3BFDjdAC1QRLCtTb3Mez7AVrMi47ZeZk9NSGHZIy9g2u-uO_NKB-0ZBxAhWMa-_o66sJdJ0hrqh5HUFhtbmg5GkoqWuang-EvmIfkpkYFdNn-ON12cwxc9v68ipY984q9DNfiHs3w9AYVLebv2Sxwl0zPKr7O2Dp_Lp6ksPmbVr_uYipTGycUXX82GGV2RmKHcuyzQ53lDJwJlia2XE8oALqLofwDbya46nb0hguGtZZG8ZC-MRaK3vkj3GL0DplkopT3ANfxmDy0hspm92_2nzXXNA-qBnQ49v9Nn1lrHd7il5IMRbdtO7wAfxZYa04ldB4JLLtz6bzifDZeHoeB3k4bnCnUrs39CaONpI27dIQTsx3uaoXnOzTv_MnI2GsI7TCCuDC748X0U_Se5W6SDWWHr25v3eYtWpmtscnUJZDs2A-zI2imqbGFLMCxDPIrZly1j5xlHZ7NGiwdczM4OyRBsw5-tzN06GzWL9VFTFZSQm-Tvotrhuqs-3ujaVpumN64zaB7luHvnW95GIvvzuUAMOEI0tGyFJ5TM6BkNjrn_KqZBBox9hBeFoK_obopRjewMDZnNyuYS_rWLgfa2rsOJ3EJ13JdobBZBJicFyUtiwNDSY-c6QCAQ_H4esxkOF9JR5eaGFjn-qOXkJmuv2FA8wfP2sHIQMewaKhYHBYNPbPECxQHcxBrjSB4TVH1eDblMF4NJmIXsXvwUOWEpjQdQLx--FR1weK1qeFVJVUxJ57rx-TAi_jQ0LA4EirmnEGATDxP1A4TcRrvRgtzrxinb7GVBKiQ9IjXmzdXW4SeGYoWOYtDY9LiDOu6bXX7Lq2VG-VJKskJ1h0881QrOSTTKxz1QwQV1ph1bkmmvnDqxzIzE9ayEB1TJmVQG2bYYtZJxuVeDCt7dXUx7GyYRah3PuZ5STxK-MxEP6ylKFp6BmrmTFlmoazj_rX7x10b98GNelAjIVuFFxKPsDoi4qm0bmTLrQR3XQE8Qh06FCwOh5qaGh0DAvFPx24ZnKBvpcZ3tYZdBWbTwovqqhCWqwfZzN3OmNgtnyknijWvmBIFOmYFiJ3VaSizjYUIOH1jR5eSZ4aLwryNGnrro98yBI4Kv4XMotdQTR5natYt1cfS2l4Fy72FgQWB3d22ERkKjLvD2klIlbIcMlmcIJ5CLLiCbLpZtLQVoEBJw_0A-os-sHMvQNHk0HQztPRUzMYnpi5R1QZ1jwYBZj2RvX7xRNaEzVHhj-kJlQwEqEg60rhINQm0HAcdDdPqtMH48D6_O-d_ZYBfLRf8xfIfrFx-C0BGEnPTwJgnXDXZ4CPFJiuK42OhknFAKo8KaDoTOkpKdMwEZBf3G7t6PX1ub3jVVU8JfzEBVwPg0crFonVl3GdAgaP0U69hQCUTQaaKM2g6EeTUVExiu99X-0etK02c7eJGD8xR0MD2QD-pMQdXy8HeEKGOYSF5KuKsUEJWxGTQktTQ0LGJd61gJ5CKYZBygqbgJclfumKiDzuXqGhDhNZCeRjGIHZ5MdijPPFsOSXGfJinG7C6EFWLiVctqyZikAs2d5qvvdtWXUYhImX-vVUgYiuq1JhxiiqZbo40U5PnoYXu4ewDkCLOTxSZ4gHjLI9MmZXVffZBWhwUGFtmNtFgjXB_O6_poldVNunq8qyE_akOE3NbpvFYlZdbKtkq9uI4ZjwsTnhZ0_C1wc5Gq5OtVJCpvpdZ81vB2S4Irn2vdcGwfNjolrFpcFaxaTo6rgfYMaNniRlyDNkBKUtl4GLIFkmh6RBBiBFRZnWRoHCIBNibkfkNNgFfDI8fiV0MmbryuZiyhbBQRLKUHAPIFWqMlmlgX_O1SRgmCrOKlKXgJUZdp6WnpXFFHLpdIsEmjLqCzSQrFzsyn4J-1pFfxIlfApONIAIwGPqJKcFecV8bodmCLRh3ca1Mo8UsHnEs3NXhBWuDPR6X3NxajfqTpQsWcB0qR-6rySFtqLf6vNh2IHcPWlgOf2EWQrlCxvIrje2CFcAlGI1dR-kd66EpaYaeoWRPuo68N3EYug_gwWLiUBW2a_ySrKYnwuutJlLlCKXPsohHJHclVAitQFq-CthgjyV0pQ-rRFcT8zO1cPoCxiZNOcYuM1G9wMGM4QKScF6rCY5yWZVnbbKr1VIhXjhE-0sDMvMTgWpqprORFSTl3PDxifuqb_IbjpegxoHTvH-TcwjDqVuOrb-Jpgjb6paeoL1uleSpynbFVg2LVYdrja4SaDuP1_DhJsTfidgP2IzdV4cQr_4zh0lW3hG_zQmvfn4uFO7ogO4322ZPR_ZxbkS1Enl2kU4O0qRJZOkDiEyAPH7YmhetwhIPFrQFRRNV4gynCkyZAA7ILDKEgDQLw5VwYJ0NROo0ITuuNCPLWIQbfFURRsjkchaZQFJocm2SkLHIBNIPzJQss-oLMtEUygzQudGiPbZ4&uniformat=true&callback=Ya%5B8293238527678%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

9376799de16be2c37eb634eb3b6dec5c7e3aef8514df4b9669077cf76fc96636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 12 Sep 2023 19:42:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1694547767176145-7904689154526897849-balancer-l7leveler-kubr-yp-sas-142-BAL-1196
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: VideoCreativeReach
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 12 Sep 2023 19:42:47 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: http://download-telegram.org
uniformat-video-answer: true
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 12 Sep 2023 19:42:47 GMT

GET
H2 200 6b7349065c3d89242e78.js Show response
yastatic.net/partner-code-bundles/863968/ 59 KB
15 KB 229ms
159ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/863968/6b7349065c3d89242e78.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0cfc1f26f4516f7fb08a43e0d0b69f4b5e5a5529eea3e2d80b3d0435c668a740

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:47 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 14850
last-modified: Mon, 11 Sep 2023 18:35:57 GMT
server: nginx/1.17.9
etag: "9c14fd2e5d1e5cffff0ecefab35664b1"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 12 Sep 2053 02:17:31 GMT

GET
H2 200 b1910ba6db87d67932b5.js Show response
yastatic.net/partner-code-bundles/863968/ 642 KB
122 KB 130ms
130ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/863968/b1910ba6db87d67932b5.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d83e92979ff5dd3ed892c60b8534fc3735f6d4206f50db149af2f3dea158bf4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:47 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 123856
last-modified: Mon, 11 Sep 2023 18:35:57 GMT
server: nginx/1.17.9
etag: "12c4484ce8364c566675f37fe620e529"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 12 Sep 2053 02:17:31 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 409 B
611 B 88ms
32ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=download-telegram.org&callback=_gfp_s_&client=ca-pub-5409240997335254

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5409240997335254&plah=download-telegram.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

068bf34fc9c2610d2ddd33ed3a464d19e58c6a66364c31420e427532b52ca927

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BA2C 354 KB
74 KB 781ms
779ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5409240997335254&output=html&adk=1812271804&adf=3025194257&lmt=1694540567&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_r&format=0x0&url=http%3A%2F%2Fdownload-telegram.org%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&dt=1694547766871&bpp=5&bdt=554&idt=350&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=295036319739&frm=20&pv=2&ga_vid=512193337.1694547767&ga_sid=1694547767&ga_hid=2070314423&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077328%2C31077488%2C31077699%2C31076997&oid=2&pvsid=2547987266537031&tmod=1392376339&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=418

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73bc929211defe407628e46df763f74e58f9ac85bf8d4ef7b39ecbee4c7d2359

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 75023
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 19:42:48 GMT
expires: Tue, 12 Sep 2023 19:42:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK 49826 Show response
dariolunus.com/ 5 KB
6 KB 49ms
49ms Fetch
application/json 88.208.46.60
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dariolunus.com/49826
Requested by: Host: dariolunus.com
URL: https://dariolunus.com/787276.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.60 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5b7bba28948fe9974d6eaba0fbcf9356b9fdaeb8991bc5527c9862078c0f2981

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 12 Sep 2023 19:42:47 GMT
Server: nginx
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: http://download-telegram.org
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK jserror Show response
mpraven.org/api/ 14 B
507 B 138ms
39ms XHR
application/json 88.208.5.115
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mpraven.org/api/jserror?data=ZXJyPVR5cGVFcnJvciUzQSUyMENhbm5vdCUyMHJlYWQlMjBwcm9wZXJ0aWVzJTIwb2YlMjBudWxsJTIwKHJlYWRpbmclMjAnYWRkRXZlbnRMaXN0ZW5lcicpJTBBJTIwJTIwJTIwJTIwYXQlMjByZW5kZXJCdG4lMjAoaHR0cHMlM0ElMkYlMkZodW50ZXJlcnMuY29tJTJGYXBpJTJGc2NyaXB0cyUyRm1TZXR1cFdpZGdldCUzRmlkJTNEMjEyJTNBNDI1JTNBMjMpJTBBJTIwJTIwJTIwJTIwYXQlMjBodHRwcyUzQSUyRiUyRmh1bnRlcmVycy5jb20lMkZhcGklMkZzY3JpcHRzJTJGbVNldHVwV2lkZ2V0JTNGaWQlM0QyMTIlM0E3MzYlM0EyOSUwQSUyMCUyMCUyMCUyMGF0JTIwWE1MSHR0cFJlcXVlc3QuJTNDYW5vbnltb3VzJTNFJTIwKGh0dHBzJTNBJTJGJTJGaHVudGVyZXJzLmNvbSUyRmFwaSUyRnNjcmlwdHMlMkZtU2V0dXBXaWRnZXQlM0ZpZCUzRDIxMiUzQTEyMCUzQTMzKSZlcnJNZXNzYWdlPUNhbm5vdCUyMHJlYWQlMjBwcm9wZXJ0aWVzJTIwb2YlMjBudWxsJTIwKHJlYWRpbmclMjAnYWRkRXZlbnRMaXN0ZW5lcicpJnBhcnRuZXJfYXBpa2V5PWE2N2I3YjM1ZGFkNDExNDFmOGJiMzNiNjk4YWM2OGUzJmV4dHJhUGFyYW09NiUzQSUzQSUyMC0mcmZyPWh0dHAlM0ElMkYlMkZkb3dubG9hZC10ZWxlZ3JhbS5vcmclMkY=
Requested by: Host: hunterers.com
URL: https://hunterers.com/api/scripts/mSetupWidget?id=212
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.5.115 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: b46f0c580b3e0c5e10ef63e66e41e0e2e33aed5fb55a82bb7004fb4d8a0059a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 19:42:47 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
DATA 200
OK truncated
/ 477 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d74b7089a68f822f535c265ed9b4faf167417defaeed5985d00f7d1f8d83007

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 26 KB
26 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 07:57:32 GMT
x-content-type-options: nosniff
age: 42315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26240
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Sep 2024 07:57:32 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 02:36:33 GMT
x-content-type-options: nosniff
age: 579974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Sep 2024 02:36:33 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10124.JYKzErttK_35jevyxFeFMX_VJxf4wmGin63fIQ8NyiQDsOG0FLhLb9NbTw5jEkTn.hLxkt9ENwCX5TS30kcPFbSOnV3U%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10124.O7QfoMk-aQ_lFVe3XCsPhZ4Qar3umxi6f07SjdYT778zQ8QbMSKPN_plXdr01nagJypNSPIcwqtFjB-zk4FU11wxgqEn24axMTkc4PzC30VApBTdZvEDPfAZPaUv3-A4TDnBqxqLPU...

43 B
481 B

62ms
62ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10124.O7QfoMk-aQ_lFVe3XCsPhZ4Qar3umxi6f07SjdYT778zQ8QbMSKPN_plXdr01nagJypNSPIcwqtFjB-zk4FU11wxgqEn24axMTkc4PzC30VApBTdZvEDPfAZPaUv3-A4TDnBqxqLPU-nZRpEHUeaNd80OgfL3VR9kIRG3Ryt-q0qEq_olc_EYGe0CHNbrfhsb_jv-EW4wQ1B5G6oHRLmV2VAH3bD-hf9d-CjrHoIO_k%2C.UmqS5Sm2td2Ym1rh4r7nUBU5q1s%2C

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:47 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10124.O7QfoMk-aQ_lFVe3XCsPhZ4Qar3umxi6f07SjdYT778zQ8QbMSKPN_plXdr01nagJypNSPIcwqtFjB-zk4FU11wxgqEn24axMTkc4PzC30VApBTdZvEDPfAZPaUv3-A4TDnBqxqLPU-nZRpEHUeaNd80OgfL3VR9kIRG3Ryt-q0qEq_olc_EYGe0CHNbrfhsb_jv-EW4wQ1B5G6oHRLmV2VAH3bD-hf9d-CjrHoIO_k%2C.UmqS5Sm2td2Ym1rh4r7nUBU5q1s%2C
date: Tue, 12 Sep 2023 19:42:47 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
138 B 57ms
57ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:47 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 07 Sep 2023 11:49:37 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64f98ea1-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 12 Sep 2023 20:42:47 GMT

POST
H/1.1 200
OK set
dariolunus.com/event/ 0
0 39ms
39ms Fetch
text/html 88.208.46.60
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dariolunus.com/event/set
Requested by: Host: dariolunus.com
URL: https://dariolunus.com/787276.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.60 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 12 Sep 2023 19:42:47 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
Access-Control-Allow-Methods: PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://download-telegram.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 186ms
63ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://download-telegram.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://download-telegram.org
access-control-max-age: 1728000
content-encoding: gzip
date: Tue, 12 Sep 2023 19:42:47 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 176ms
63ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 12 Sep 2023 19:42:47 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 12 Sep 2023 19:42:47 GMT

GET
H2 200 2f13f81321e0155b9ca9.js Show response
yastatic.net/partner-code-bundles/863968/ 74 KB
14 KB 45ms
45ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/863968/2f13f81321e0155b9ca9.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

33fd8f3cab06b51f6b8e1ed8ebacd76c42a33d17becd097447878d054068a3f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:47 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 13991
last-modified: Mon, 11 Sep 2023 18:35:56 GMT
server: nginx/1.17.9
etag: "3457fcc65ab4ffa1e5d78482db037e71"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 12 Sep 2053 02:18:02 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame E391 24 KB
7 KB 133ms
44ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Tue, 12 Sep 2023 19:42:47 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Fri, 12 Sep 2053 02:18:02 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H2 200 1961151 Show response
yandex.ru/ads/meta/ 23 KB
11 KB 232ms
232ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/1961151?target-ref=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&pcode-test-ids=863691%2C0%2C60%3B844764%2C0%2C45%3B844519%2C0%2C19%3B861980%2C0%2C87%3B859606%2C0%2C28%3B860576%2C0%2C96%3B857150%2C0%2C76%3B859292%2C0%2C95%3B854263%2C0%2C35%3B858418%2C0%2C89%3B856962%2C0%2C71%3B858862%2C0%2C30%3B844350%2C0%2C60%3B863968%2C0%2C37%3B849970%2C0%2C45%3B681845%2C0%2C87&pcode-flags-map=eJy1WNly20YW%2FRc%2Bmw72xW8NoEF2hIVpNCjRKVcXYzGKprRMyXKSscsP84nzR3O6AZEAyDRjJ9EDRYC8B7fvcu65%2FDxbk0Y2y%2FpSkkwWJKGFzGsuWSUTUlWUz978%2BHn26%2Fbu4272ZiZ4S2evZs%2B7D8%2FsGtdB4LpeOPvy7tUBZsXrrE1FI%2BtKrkjbUCNCaMee2yFkrCFJQWVat5WQnGaM01TAE7JamTEcy%2FOcvRd4pCzbQjBeFwXQKqHeUC4viUiXNJOClVTWed5QYcZ1HSs8nI5TwTfqVBUVlzW%2FkJTz2hyf0A%2B8MN4j0EofsEkJXgt2gbctX9MNEC9lRhu2qMxwgRW64RHcX8FAQNIL5H1Tt0I2RY0X9pbKBDnICGe0MYOFke3ZGkwFVWGsONVxP2RgzTJay%2F7zEZxt4W%2BEF7txaJ3BS9o8RzZpuRIbRLFkU9CvRlyvCMv%2Bfg%2FzFu%2B%2FFbVS7fM3e%2FoHmH8pP6cx%2F7kIfGv2VbEvOElkQauFWI6MwB%2FR0CyyIiv0pn0mOEGrrFnTkqKjOkWU9EpQXuFO1phZKrKdwPoGUH2jITmVOSelmU31M7rm5lxRX4NvgEPxQKH4fUUUBLAbjUrajNUy5ZQItj7T6pFnOba%2Fd%2F8lSaIGLzaCcKGYMWccD0qXbXUhc8KKEaI%2FznjkOaFzACRCqJw2X4PomgBxVgyCtGAU06SgC0STVXktL5dMD5lqTfGIrvhVfM6c3reiaDAKqgxFSBIVApIpJNbgRssL5fQlTepz0QwtbzAY0rqUqSA6KwXhizNp9iPHDw5jV%2BhSghcNq8fsHwW2649rW41sV9tuCE5xJXkrs7okbGy5%2B%2F3fQzPfCh03OGkmMbgFZ4nR3LGtwOvNlWVnIklxSTaN0RLyIO5GzCqtM525Bik12%2FiOZY1ERS8m0oYbDWM7jDo3NeN0Eki2FcsZhAOr0Do5SakZI3J61aBGMqc5ynkpi3rBUpNdYEduHyIcEXVfymTzUmmqLsCFCcuMEIiyY4%2FODTHEyUK1QDfpFSM36HhayWZCWEf%2BxLbX%2B0MKVdcvVZ8jCpJpNsKxSEbNToVRHHSlrpRZDlFRZcWmYzOlM6fyzmyfXGiF0hFY173AQP8ktRkl9npmVCgFBRsCoTTaBJEXdOEchG3BMYEhtC5EbfY7CjzbHcZP60XwD0AGeBU0l074ooXmxXxT2jelIGRjWEPb8kL%2Fheq7ShMtr%2Fr0gPeQbbHkdbtYGskktO0XKirI243OqNStNjT7PPt59%2Fz%2Bl3L7dHP7MHtj%2B9ar2f3jT7d3u%2Bb99u724Wb2xvkyQgVHdfFuSsXlP7S0pRhsK5kUauQVbEy5P87ut7d3r58%2Bwrf%2FbB%2Bud7%2Fj%2FXe399ub3YfRrZvtvb5z%2FWn30H19%2B%2Bvt82P39v714OL64ba%2Fq5D3CLjxtP109%2Fjpl%2F7jT0%2Fd%2F49P29cPu98%2BHH3hX9vH%2B1tt%2Bu70ESs9QGVJwdx4zRiRgiyMvIblwumLS7cFRe4xiFMBCj9j6LtWt%2B1ggUEl5gRUhXGHR1dtmVAjw4W%2B7faKSC9ner2CJaZWQtOuI6FGGLjjDExoddUHGsEILBXBLTTlsCwnJ9JrES%2Fz0jyYB8QJ554VZ3Pi4iW1LMehaZw6kFyvZva1HYbx7npueUE891zv53kUbIP5T1tsY0547cQ7f5yGyPfjXuON6GDYZKJu02XXakXd6ON2EoPT7zEXzrQaOtmLTj2hE2zo7kSV9AovuKN1C6uYOLEgHiF7nm%2BPkQdea75jC0kaZLrRvGdEizHs3TORUJhKaWCIHzb%2Bfkk2190J9AFuwRZLyMElLf%2Bsj6Ctlw0WJaQlaq%2FKzACgZecEQN%2BDfwoi9nuIDZ4Ku7Trv6SokUbQOzSioCdqmM%2FZ3PFiGwvD3Abk8NqZXLuTa09fk7njY%2FkJHdgPqziy4sDu9FXOrpAZstLH6bbxdmE6T2RD8HgDrl2AF1ipCOEQGCOAb3vxEUBaV19j37FB3oAIaiwt7Mps4br9cOT0kqtodxOrlz5ETJXsEQCGqzskX1Cn2qHUUCe6BVVRY5ECH1ftGajYsfZcJmiVKr3Uw9rSMRsHbtj50dciZFrJ2lJCeK3ksubsLfyAY6qRz7ZHFFhuvySegUOi1G79FYCDJlElxsuV2lfMxuDiYKQnv2%2FgBBpM6iHBCiY2I4Tnm8fJtmH3U%2B5oz9EnGBmnopgYB%2FHBWBVl2jYCEOuSrPYr6JoU7TgGnjVdNb2wl9YZoteRM8ny%2Bgrjc9UoJjv%2BlfH9w%2FMEw7fjkxgnzf%2F33z%2B0J1mTXawncxqxjiNrEn11Zxj9Tlqo3w9ZtdDPPf5N4KhA48AKhhWlk7D%2FlVaRnEKaToy6FhMP3z%2FfTSrLD0fApMXuvoK6Q01WB2WiWbUxQvnQUtYICtuP9hNyWKCX93x4RvUfAcdO7Bx2MVR%2F1Y9Ts5nnBO7eDJx2ycRS1Vqv7ZSaMAc98uxo2nXo5Fr%2F65bRRrWg2Y0gDpxzKCOE7d0EIYp6BK3oj4vOjYPpzwPqzpd3X%2F4Pt4wGFA%3D%3D&pcode-icookie=ezsvrhBUCuMMt5AcoT4WswB9Tk6eszASPunEG8NuaMIZQEv2RT6KXwpmit3NbfoAlstg2E4oWd8S31jTsF%2BonWNngEs%3D&duid=MTY5NDU0Nzc2NzExMTc4MDM3&imp-id=4&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=404620279021570&ad-session-id=8941061694547767090&target-id=64777823&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fdownload-telegram.org&top-ancestor-undetermined=0&pcode-version=863968&pcodever=863968&flash-ver=0&skip-token=yabs.NzIwNTc2MDkwMTc5MzcwODc%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22supportHDRBrightness%22%3Afalse%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1100%2C%22h%22%3A0%2C%22width%22%3A1100%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A250%2C%22top%22%3A1845%2C%22ad_no%22%3A0%2C%22req_no%22%3A1%7D&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjJ9ChLjJI0kOQqoyYOVmPuu6KRprXniREazWIossc0yXPnb7u7q9k__lzqCbRvHsbmxa0URyxy2nFiGF6yYt7VL33VbmQ36P-AKo4mO3r52nVNHbgTfdafT6RhJGEkYT68KFUqdXpUXap0-zEJlrvNheSQ-r_sCX-QRe8S-yOf7eD6MRyXpEOTKnDwuFFB0H9eX-vgeiYfwQQp9afexHs7Ax_Z5x-hhDjwCxud6FOxHwfX5HqEv6k8fzxc_nUQeod4wkNMr8rDoaaHIITeq80gTZ_IwS1Jj1yRpmKch5MYKoY4kj6I8Jc_j_s_y_kGi_x_rIHj82B5B9xAe1__IX-gK_aA_KOkdzPMl954Hrz19SPHuNF_4sPOe4vbc0n6r93GWTrEvZeg-TF-6-_6T9jpBX1DCuUL6TBsdv0Lu14OnEV5vX7t0NC7zvTAYDTq9YUatTdSIukZZRBHkRlWiyLtWmZB3UnmZK7S5uozzSJ6kUYY471GmzrVFXKZJmht1enWGuMIYZeFxFy4KWSYvlVlK1n8leZ4-1YU6j8swBzc0fvvf8_8wzl__zwhnlHjLBWNvDTzQ9YZi-vhnbody2XjBkymVHL83RGWWpsc4AzdXm7PVxkWqzlLyQcqBYDvZWNuq9rjesGzkVla2htX9H6JvZXD-A7B_plK36XHuPOkdpDfIdY1eQ4WITi9TVroUeSr7T5XZr0zndhr4uXY3bjiOQeiDdDv89v5dXldYEEGCDPAOr0GmtEPSHcqsNcqLWKMymrOPEk1WKHdykdEUsVYWht_l3YJWlhFgZEWcc_Joslhzm7Je0MDmZ50-LVxoK4osLR8lIy9uRaYz42ZdR-G2Ofs9RfIirTxxrkgQf2fcaT8_QH7NPmJ5JJdAbzhm7qJs1JY_BEV3QZYhInleypMopDiQduSJFrC5JizlBbmNS1VEpUaVKdVxntp5KI07JoB9xf4Zia5Ofs_yfL5tQmjwOQqqeRzO1sPvTt4XbywPngf6vXpFFzh6mIrO-jDWDpfvgXWlwfa0vTEa2Dc5BxFppYBdiW8IpmUtCCrS75DiEV8DWuE6_tqFKrov6jqnhh9BOE4b6fuK1Irds_JB_dq-CfNLOe4n4qtwoq6PwjhJyXUcyfUbbJD2a-6vAL_rS6jBlnnx5vWlj-8RPO_W3c9mEo9wsvvW2as_-G4r8C6TSjZhXUL9pD1wMpgWUveKn9qRwM_jmi8HDfXSgNGM4SGmoLhEvIfU-3zYkxKPEMJ_wMuhmwclX6yIhh9ozjHmycQD4xKTSZR-lPdPw3cY9iUUOJ-8SDaFSScB4z4j6RDESwzPaysdl1OOTzTJFO6_dHu65HMpQsQ4kf98f1AVLEkWHWPnqQnWH-aLr4mvZS4RfkK8lBD4uEv3g5a0SFm0dd9DsBC4IBj_RwT_hu0h2Cli7fF4G-Pz_1yiQSzZSHyJ9Yzh-Mw3fQcw_qXT2P-NB-YRDPs_go1Ht2svQBZMEHqrvIHv8bvCR-aBWePMZxkw9o2Fb4fCg2Vb9ejG31nx9-6hE2ehsOHpXV6j2A0B8W_Jj_Z17_PX9tWjTcNZiZk6b_3ngCqpe5GViLOcVJ7EYUlnnhA0T2LyHpekcSGXL4mwpfgLnQtt_o3zIaaolb3d4L_54SWUvSb3BetIZMowgzAPZfLKERbaC7_Ca4kH-NkxVOt8kM2C-z8gaDHkt__N7PZiD8AfrgePHYoB-vAjuKzKEWlJ3XXgDZS3hx_hND1vb-abU8Z911NxjwUzXU4oi_rEwv8Qgu27H-lAftpsZiLwBeaQPTInXPLKZ3c8fwIYt28DTGgxtL0Y2iKmqLY6XEdVw21nGIbG3FId5Tro7-hnQFB9RMPYkaXqOMnUjP3TJhATsqy4RMrYwc9SdUIa9cb0kSFVFhoypHkcIzrm7-iD8lCGce3Yf4ZHhJbEg7EtvqDMPfZF_qCvVDrEZ0rqEQN0kZn_HNQJngST3MXrW7d8_s0KAky3JAebSS1kYLPs1uObF1Hfh6RH9H3hlzHxOITnNxPvqVPZglZK7sFPCddAe_yR74eJP93ihvu-dGvP3jg_w283EvTmquLtP1zHbQlZyPL3jfWxJUc6amnB3ybhVTo32W4fXDpab9IjsG__PEa4O1T8I75OJRCP6791B15L58S_QII_INhHF-V8yJke3j52WUXgFDvcHyrB8Ad1xY3BEuvN4vi2sobeNHLxZOSgvvuXh2WpJdeUtD2LykiVkJahSqbQpkWmjMowluVGNjRRUEyMUGuQiRdt8uC9XWqKWB11B9T754qCywd0kTjsGsNOWhZppijCnD3sFBTuzRuY2f81YdHCaFtetyPSPGTJk_iZcx026X7K7YK6rV9J-p5HaEn7_BYJk_Qh95XuWpK_DIhmNFP75pnmUTuOGtvvEsWHKOG7ivS2BGrO7JLYs6RDyUDjCxk4IW8Ou8XfgbOEmeca0s832NwgrHH2nXTMt1h4xIzbPRu8boBl7tMBUIwCtAkYv7q2CO1Rqo0Vo36HuEDUISLrE9-yTrfr1wGnbc-AnOm-r5dOCzkhmtMYbM_xEECV3W-p5OeVSy8yh3U5Di1GxCTJsH1nS77CC-ImnwFgRjMjuH3r4jLsay-p9hsYG1M3pGgxF1om58LiC-vT__J3BFDjdAC1QRLCtTb3Mez7AVrMi47ZeZk9NSGHZIy9g2u-uO_NKB-0ZBxAhWMa-_o66sJdJ0hrqh5HUFhtbmg5GkoqWuang-EvmIfkpkYFdNn-ON12cwxc9v68ipY984q9DNfiHs3w9AYVLebv2Sxwl0zPKr7O2Dp_Lp6ksPmbVr_uYipTGycUXX82GGV2RmKHcuyzQ53lDJwJlia2XE8oALqLofwDbya46nb0hguGtZZG8ZC-MRaK3vkj3GL0DplkopT3ANfxmDy0hspm92_2nzXXNA-qBnQ49v9Nn1lrHd7il5IMRbdtO7wAfxZYa04ldB4JLLtz6bzifDZeHoeB3k4bnCnUrs39CaONpI27dIQTsx3uaoXnOzTv_MnI2GsI7TCCuDC748X0U_Se5W6SDWWHr25v3eYtWpmtscnUJZDs2A-zI2imqbGFLMCxDPIrZly1j5xlHZ7NGiwdczM4OyRBsw5-tzN06GzWL9VFTFZSQm-Tvotrhuqs-3ujaVpumN64zaB7luHvnW95GIvvzuUAMOEI0tGyFJ5TM6BkNjrn_KqZBBox9hBeFoK_obopRjewMDZnNyuYS_rWLgfa2rsOJ3EJ13JdobBZBJicFyUtiwNDSY-c6QCAQ_H4esxkOF9JR5eaGFjn-qOXkJmuv2FA8wfP2sHIQMewaKhYHBYNPbPECxQHcxBrjSB4TVH1eDblMF4NJmIXsXvwUOWEpjQdQLx--FR1weK1qeFVJVUxJ57rx-TAi_jQ0LA4EirmnEGATDxP1A4TcRrvRgtzrxinb7GVBKiQ9IjXmzdXW4SeGYoWOYtDY9LiDOu6bXX7Lq2VG-VJKskJ1h0881QrOSTTKxz1QwQV1ph1bkmmvnDqxzIzE9ayEB1TJmVQG2bYYtZJxuVeDCt7dXUx7GyYRah3PuZ5STxK-MxEP6ylKFp6BmrmTFlmoazj_rX7x10b98GNelAjIVuFFxKPsDoi4qm0bmTLrQR3XQE8Qh06FCwOh5qaGh0DAvFPx24ZnKBvpcZ3tYZdBWbTwovqqhCWqwfZzN3OmNgtnyknijWvmBIFOmYFiJ3VaSizjYUIOH1jR5eSZ4aLwryNGnrro98yBI4Kv4XMotdQTR5natYt1cfS2l4Fy72FgQWB3d22ERkKjLvD2klIlbIcMlmcIJ5CLLiCbLpZtLQVoEBJw_0A-os-sHMvQNHk0HQztPRUzMYnpi5R1QZ1jwYBZj2RvX7xRNaEzVHhj-kJlQwEqEg60rhINQm0HAcdDdPqtMH48D6_O-d_ZYBfLRf8xfIfrFx-C0BGEnPTwJgnXDXZ4CPFJiuK42OhknFAKo8KaDoTOkpKdMwEZBf3G7t6PX1ub3jVVU8JfzEBVwPg0crFonVl3GdAgaP0U69hQCUTQaaKM2g6EeTUVExiu99X-0etK02c7eJGD8xR0MD2QD-pMQdXy8HeEKGOYSF5KuKsUEJWxGTQktTQ0LGJd61gJ5CKYZBygqbgJclfumKiDzuXqGhDhNZCeRjGIHZ5MdijPPFsOSXGfJinG7C6EFWLiVctqyZikAs2d5qvvdtWXUYhImX-vVUgYiuq1JhxiiqZbo40U5PnoYXu4ewDkCLOTxSZ4gHjLI9MmZXVffZBWhwUGFtmNtFgjXB_O6_poldVNunq8qyE_akOE3NbpvFYlZdbKtkq9uI4ZjwsTnhZ0_C1wc5Gq5OtVJCpvpdZ81vB2S4Irn2vdcGwfNjolrFpcFaxaTo6rgfYMaNniRlyDNkBKUtl4GLIFkmh6RBBiBFRZnWRoHCIBNibkfkNNgFfDI8fiV0MmbryuZiyhbBQRLKUHAPIFWqMlmlgX_O1SRgmCrOKlKXgJUZdp6WnpXFFHLpdIsEmjLqCzSQrFzsyn4J-1pFfxIlfApONIAIwGPqJKcFecV8bodmCLRh3ca1Mo8UsHnEs3NXhBWuDPR6X3NxajfqTpQsWcB0qR-6rySFtqLf6vNh2IHcPWlgOf2EWQrlCxvIrje2CFcAlGI1dR-kd66EpaYaeoWRPuo68N3EYug_gwWLiUBW2a_ySrKYnwuutJlLlCKXPsohHJHclVAitQFq-CthgjyV0pQ-rRFcT8zO1cPoCxiZNOcYuM1G9wMGM4QKScF6rCY5yWZVnbbKr1VIhXjhE-0sDMvMTgWpqprORFSTl3PDxifuqb_IbjpegxoHTvH-TcwjDqVuOrb-Jpgjb6paeoL1uleSpynbFVg2LVYdrja4SaDuP1_DhJsTfidgP2IzdV4cQr_4zh0lW3hG_zQmvfn4uFO7ogO4322ZPR_ZxbkS1Enl2kU4O0qRJZOkDiEyAPH7YmhetwhIPFrQFRRNV4gynCkyZAA7ILDKEgDQLw5VwYJ0NROo0ITuuNCPLWIQbfFURRsjkchaZQFJocm2SkLHIBNIPzJQss-oLMtEUygzQudGiPbZ4&uniformat=true&callback=Ya%5B8468578103050%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fc25b3bb99d1ccc00675666fca8a8bd60c92836bd2f647f071173ef7d54677f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 12 Sep 2023 19:42:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1694547767546734-5762784289670011099-balancer-l7leveler-kubr-yp-sas-142-BAL-203
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: MediaCreativeReach
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 12 Sep 2023 19:42:47 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 12 Sep 2023 19:42:47 GMT

GET
H2 200 orig
avatars.mds.yandex.net/get-vh/6485035/2a0000018a3b8402649385d5c74c6bb18341/ 14 KB
14 KB 226ms
82ms Image
image/jpeg 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-vh/6485035/2a0000018a3b8402649385d5c74c6bb18341/orig
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: c868fb0a3e20bff3cd594c7d82258e8b6b9c6967ab871f7a54f7dfa11ee4d8cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:47 GMT
last-modified: Mon, 28 Aug 2023 09:40:21 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
content-type: image/jpeg
cache-control: max-age=86400,immutable
timing-allow-origin: *
content-length: 13924
x-request-id: 260d3e9de07c11d6

GET
H/1.1 200
Ok practicum.yandex.ru
favicon.yandex.net/favicon/ 319 B
532 B 194ms
61ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/practicum.yandex.ru?size=32&stub=2

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fed3bd2bbf5b4d3933f0ee54cfd5f649147d9d1e6cb730c089db3341c023acd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 inpage.bundle.js Show response
yastatic.net/vas-bundles/861980/bundles-es2017/ 867 KB
215 KB 46ms
45ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/vas-bundles/861980/bundles-es2017/inpage.bundle.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/863968/6b7349065c3d89242e78.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

88bda51f0c0aa0b427d05aa2754838d4456501044238611d71bc6609d7b3fb4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=946708560; includeSubDomains;

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:47 GMT
content-encoding: br
strict-transport-security: max-age=946708560; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 219302
last-modified: Fri, 08 Sep 2023 08:15:13 GMT
server: nginx/1.17.9
etag: "b2ca3fff6d314fedb521ad0781aa4554"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 12 Sep 2053 02:14:39 GMT

GET
H/1.1

200
OK

cs Show response
dariolunus.com/js/ Frame 42BD
Redirect Chain

https://dariolunus.com/js/cs?uuid=875bcfc1-d293-48ff-b503-b0dc7b25e97c
https://s.uuidksinc.net/match/1165/?remote_uid=875bcfc1-d293-48ff-b503-b0dc7b25e97c&cb_url=https%3A%2F%2Fdariolunus.com%2Fjs%2Fcs%3Fuuid%3D875bcfc1-d293-48ff-b503-b0dc7b25e97c%26oid%3D%5BUID%5D
https://dariolunus.com/js/cs?uuid=875bcfc1-d293-48ff-b503-b0dc7b25e97c&oid=XOaQhCaRBBpayCfAiXW3

43 B
492 B

39ms
39ms

Document
image/gif

88.208.46.60
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dariolunus.com/js/cs?uuid=875bcfc1-d293-48ff-b503-b0dc7b25e97c&oid=XOaQhCaRBBpayCfAiXW3
Requested by: Host: dariolunus.com
URL: https://dariolunus.com/787276.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.60 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Connection: keep-alive
Content-Type: image/gif
Date: Tue, 12 Sep 2023 19:42:47 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

content-length: 0
date: Tue, 12 Sep 2023 19:42:47 GMT
location: https://dariolunus.com/js/cs?uuid=875bcfc1-d293-48ff-b503-b0dc7b25e97c&oid=XOaQhCaRBBpayCfAiXW3
server: nginx/1.23.2

GET
H2

200

1 Show response
mc.yandex.com/watch/1961151/
Redirect Chain

https://mc.yandex.com/watch/1961151?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&nohit=1&charset=utf-8&cnt-class=1&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afu%3A0%...
https://mc.yandex.com/watch/1961151/1?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&nohit=1&charset=utf-8&cnt-class=1&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afu%3A...

256 B
292 B

62ms
61ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1961151/1?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&nohit=1&charset=utf-8&cnt-class=1&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A2%3Adp%3A0%3Als%3A478058975839%3Ahid%3A159105966%3Az%3A120%3Ai%3A20230912214247%3Aet%3A1694547767%3Ac%3A1%3Arn%3A610913842%3Au%3A169454776711178037%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1694547765888%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1694547768%3At%3A%D0%9F%D1%80%D0%BE%20%D0%BC%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20Telegram%3A%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%2C%20%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B&t=mc%28p-1%29clc%280-0-0%29lt%2825000%29aw%281%29ti%282%29

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8914453333ccd41fd693ee306d6fad4b6d387a15345b64471aaa5624e652bb91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:47 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 12-Sep-2023 19:42:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Tue, 12-Sep-2023 19:42:47 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:47 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 12-Sep-2023 19:42:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/1961151/1?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&nohit=1&charset=utf-8&cnt-class=1&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A2%3Adp%3A0%3Als%3A478058975839%3Ahid%3A159105966%3Az%3A120%3Ai%3A20230912214247%3Aet%3A1694547767%3Ac%3A1%3Arn%3A610913842%3Au%3A169454776711178037%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1694547765888%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1694547768%3At%3A%D0%9F%D1%80%D0%BE%20%D0%BC%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20Telegram%3A%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%2C%20%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B&t=mc%28p-1%29clc%280-0-0%29lt%2825000%29aw%281%29ti%282%29
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 12-Sep-2023 19:42:47 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/28975340/
Redirect Chain

https://mc.yandex.com/watch/28975340?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A751%3Afu%3A0%3Aen%3Au...
https://mc.yandex.com/watch/28975340/1?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A751%3Afu%3A0%3Aen%3...

427 B
519 B

58ms
58ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/28975340/1?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A751%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A1025921355167%3Ahid%3A159105966%3Az%3A120%3Ai%3A20230912214247%3Aet%3A1694547767%3Ac%3A1%3Arn%3A667596550%3Arqn%3A1%3Au%3A169454776711178037%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A303%2C59%2C64%2C117%2C0%2C0%2C%2C472%2C7%2C%2C%2C%2C1023%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1694547765888%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1694547768%3At%3A%D0%9F%D1%80%D0%BE%20%D0%BC%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20Telegram%3A%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%2C%20%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4979e0bef137946676a306c45a2f1c04b0b9cae25362677439dff13248c2348b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:47 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 12-Sep-2023 19:42:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Tue, 12-Sep-2023 19:42:47 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:47 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 12-Sep-2023 19:42:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/28975340/1?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A751%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A1025921355167%3Ahid%3A159105966%3Az%3A120%3Ai%3A20230912214247%3Aet%3A1694547767%3Ac%3A1%3Arn%3A667596550%3Arqn%3A1%3Au%3A169454776711178037%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A303%2C59%2C64%2C117%2C0%2C0%2C%2C472%2C7%2C%2C%2C%2C1023%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1694547765888%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1694547768%3At%3A%D0%9F%D1%80%D0%BE%20%D0%BC%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20Telegram%3A%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%2C%20%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 12-Sep-2023 19:42:47 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 64ms
63ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://download-telegram.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://download-telegram.org
access-control-max-age: 1728000
content-encoding: gzip
date: Tue, 12 Sep 2023 19:42:47 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
398 B 163ms
59ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 12 Sep 2023 19:42:47 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 12 Sep 2023 19:42:47 GMT

GET
H2

200

1
mc.yandex.ru/watch/39370120/
Redirect Chain

https://mc.yandex.ru/watch/39370120?vsid=fa56bb3213a6b157e142c0afcb0d3d3abf14751e253bxVASx3968x1694547766
https://mc.yandex.ru/watch/39370120/1?vsid=fa56bb3213a6b157e142c0afcb0d3d3abf14751e253bxVASx3968x1694547766

43 B
84 B

65ms
65ms

Ping
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/39370120/1?vsid=fa56bb3213a6b157e142c0afcb0d3d3abf14751e253bxVASx3968x1694547766

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:47 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 12-Sep-2023 19:42:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 12-Sep-2023 19:42:47 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:47 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 12-Sep-2023 19:42:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/39370120/1?vsid=fa56bb3213a6b157e142c0afcb0d3d3abf14751e253bxVASx3968x1694547766
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 12-Sep-2023 19:42:47 GMT

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame E391 95 B
400 B 238ms
64ms Image
image/png 2a02:6b8::5:114
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 19:42:47 GMT
Strict-Transport-Security: max-age=315360000; includeSubDomains
Server: nginx/1.14.2
X-RT-IH: 0.0001
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Wed, 13 Sep 2023 19:42:47 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 64ms
63ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://download-telegram.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://download-telegram.org
access-control-max-age: 1728000
content-encoding: gzip
date: Tue, 12 Sep 2023 19:42:47 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 60ms
60ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 12 Sep 2023 19:42:47 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 12 Sep 2023 19:42:47 GMT

GET
H2 200 WUuejI_zOoVX2LbN0GKF08FRQIOQbKgbKga4mUIRa1lnvAGyWSAsqwXXfxmSso4lzPsnYITQMbfQMbewEoO94FiSSXwTtj6y-U6F1XJXbm_XvGTlBKZNzc7_y6JcORm0aYM4M5NWgheyYEa1k2QaHFa0gKDQtG1V9GoWurIH3lcue941Yxi5JueQq1aShB_vskX1a...
yandex.ru/an/tracking/ Frame E391 0
307 B 68ms
68ms Image
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yandex.ru/an/tracking/WUuejI_zOoVX2LbN0GKF08FRQIOQbKgbKga4mUIRa1lnvAGyWSAsqwXXfxmSso4lzPsnYITQMbfQMbewEoO94FiSSXwTtj6y-U6F1XJXbm_XvGTlBKZNzc7_y6JcORm0aYM4M5NWgheyYEa1k2QaHFa0gKDQtG1V9GoWurIH3lcue941Yxi5JueQq1aShB_vskX1adDLOOkGKKKuc0dW86QWxsl3U0abtY2szRnf_idNtzuKSnXS5WrZNqDkaXcP5DUCOMh25-vgk3arEdv76C0MHGy4lbLV67G9gXG5dOe0cfqlS2TmkIIlB9WdP0ijxBx9BUunYcolxYr6rtKc9YnsXjoKQLGs_mWXT4O2ABq0Pvu9T5XXa2cBaSd6KD1zumJp1V64HfW9vIOJCqP_Qc6-4dme4vkO8C0PfjiKWfLTp358jAddiv_CxFumXlC7BxlyBotvlHVklbR6oSzse6DfSmmMx1kzUxOWO7MUxEEaJ9Rzs00r8EAi_yQqEQa9UgyH6Gv8bD_IkgvZ8SC1YVBQ6wYhAv-TC6Zrw7Nc30vJ87WiR9EvKgbKMfLsKfkEeVntTukaL2gL0H3yuI01V73XDHSCy2wSxffnJw1E3UL2gMyDzAx8t3UuZ7WX_hFZQIbNA3DfdPT8LU3R222iLm00~2?action-id=11

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Tue, 12 Sep 2023 19:42:47 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1694547767878162-13883266114328097490-balancer-l7leveler-kubr-yp-sas-142-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 12 Sep 2023 19:42:47 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/protected/ Frame A6C1 24 KB
7 KB 53ms
52ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name

Value

Content-Security-Policy

default-src 'none'; media-src storage.mds.yandex.net storage.mdst.yandex.net; img-src blob: data: 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru an.yandex.ru data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net an.yandex.ru mc.yandex.ru yastatic.net; child-src 'none'; frame-src https://yandex.ru https://an.yandex.ru; connect-src data: storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru yandex.ru; style-src 'unsafe-inline' 'self' *.yandex.ru *.yandex.kz *.yandex.ua mc.yandex.ru storage.mds.yandex.net storage.mdst.yandex.net; font-src 'self' *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net data:;

Strict-Transport-Security

max-age=43200000; includeSubDomains;

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-security-policy: default-src 'none'; media-src storage.mds.yandex.net storage.mdst.yandex.net; img-src blob: data: 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru an.yandex.ru data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net an.yandex.ru mc.yandex.ru yastatic.net; child-src 'none'; frame-src https://yandex.ru https://an.yandex.ru; connect-src data: storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru yandex.ru; style-src 'unsafe-inline' 'self' *.yandex.ru *.yandex.kz *.yandex.ua mc.yandex.ru storage.mds.yandex.net storage.mdst.yandex.net; font-src 'self' *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net data:;
content-type: text/html
date: Tue, 12 Sep 2023 19:42:47 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Fri, 12 Sep 2053 02:16:33 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

POST
H2 200 WV4ejI_zOoVX2LbX0HqF05FRQIOQbKgbKga4mUIRa1lnvAGyWSAsqwXXfqp7xP2N-ixOn1CjBIqjBIsT7MS2n3w7d4UdTpHlVlWBeKkG7H_2om_Ucizio8Vz0uyX7iOKcWGzREa1k2OCqLhyx1Mv1_WgOG0TfufqoCS53HX74QpWIL43EeE3zJTV6pr8SgugR14og...
yandex.ru/an/tracking/ 0
162 B 67ms
67ms Ping
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/tracking/WV4ejI_zOoVX2LbX0HqF05FRQIOQbKgbKga4mUIRa1lnvAGyWSAsqwXXfqp7xP2N-ixOn1CjBIqjBIsT7MS2n3w7d4UdTpHlVlWBeKkG7H_2om_Ucizio8Vz0uyX7iOKcWGzREa1k2OCqLhyx1Mv1_WgOG0TfufqoCS53HX74QpWIL43EeE3zJTV6pr8SgugR14ogWW7Cm4Sn0nyfpQCbr3Y3M8xiWcZV_BrjpV570QNHSFOrv2RP6jvH6h64sh254ofuUReP7slqVsP1fmLGCh8eH-X1W4KmUy80zYYw940ezeV1jt3XQy4LOfEn8WycfqlS2TmkwBui60kuGIsiFicjxZ7ABAzkhSONTUPcB3O6N9Jfb7P_2E4454KAxq0vwWO9o5Wa2bhocIRp1WTvYl1Xx8u4pu4ECDqcqAmieiv1easzMfySeQe7tw0weDhdFwtQUHxAPZojJQ0Fzk1ZgND7APmZT6xTvEIilLa7uT4CD6F3JX3OWNflp53lYZ9UgzH7nJRfD_IkgvZwODYc_HQ6ovUAZux0T2BczUPCpXCWU2ni4tcIgLIQLNQIMsQglniGbfmIgLI6H7ywo191N3XDHSSyIwSxfgnJw2M6meNr4n-zhur1DmGtF22q3gUkrw2jje9mZbeVLWcLRZuw8cKNW00~2?action-id=11&adsdk-bundle-version=861980&adsdk-bundle-name=InPage&ad-session-id=8941061694547767090&vsid=fa56bb3213a6b157e142c0afcb0d3d3abf14751e253bxVASx3968x1694547766&top-ancestor=http%3A%2F%2Fdownload-telegram.org&top-ancestor-undetermined=0&client-ts=1694547767875&client-timezone-offset=-120&viewability-undetermined=0&video-volume=50&video-muted=1&pcode-active-testids=861980%2C0%2C87&document-has-focus=true&is-fullscreen=false&ad-pod-id=a34sdf%3B1128248132%3B0%3B0c29e42817b6f64d%3B5341175400116327935%3B195622579%3B1961151%3B3%3B0&product-theme=video-default&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22width%22%3A682%2C%22height%22%3A384%2C%22w%22%3A682%2C%22h%22%3A384%2C%22left%22%3A265%2C%22top%22%3A917%2C%22visible%22%3A1%2C%22req_no%22%3A0%7D

Requested by

Host: yastatic.net
URL: https://yastatic.net/vas-bundles/861980/bundles-es2017/inpage.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1694547767908669-13540593103148736283-balancer-l7leveler-kubr-yp-sas-142-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 12 Sep 2023 19:42:47 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 12 Sep 2023 19:42:47 GMT

POST
H2 200 log
log.strm.yandex.ru/ 0
216 B 245ms
113ms Ping
text/plain 2a02:6b8::28d
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://log.strm.yandex.ru/log?VAS=861980&event=PrioritiseMediaFiles
Requested by: Host: yastatic.net
URL: https://yastatic.net/vas-bundles/861980/bundles-es2017/inpage.bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::28d Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: http://download-telegram.org
date: Tue, 12 Sep 2023 19:42:48 GMT
access-control-expose-headers: Date
access-control-allow-credentials: true
timing-allow-origin: http://download-telegram.org
content-length: 0
x-request-id: 1694547768060093-8152791211859832481

GET
H/1.1 200
Ok practicum.yandex.ru
favicon.yandex.net/favicon/ 319 B
532 B 64ms
63ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/practicum.yandex.ru?size=32&stub=1

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fed3bd2bbf5b4d3933f0ee54cfd5f649147d9d1e6cb730c089db3341c023acd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

POST
H2 200 1
mc.yandex.com/watch/28975340/ 43 B
74 B 62ms
61ms Ping
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/28975340/1?page-url=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&hittoken=1694547767_3520d222fd9357a73298ad0a1d1f61739863d1e795e6ab90fede22ce571dcca8&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A1025921355167%3Ahid%3A159105966%3Az%3A120%3Ai%3A20230912214247%3Aet%3A1694547768%3Ac%3A1%3Arn%3A185151277%3Arqn%3A2%3Au%3A169454776711178037%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1694547765888%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1694547768&t=gdpr(14%2C14)mc(p-2-h-1)clc(0-0-0)rqnt(2)lt(33300)aw(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%228941061694547767090%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:47 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 12-Sep-2023 19:42:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 12-Sep-2023 19:42:47 GMT

POST
H2 200 1
mc.yandex.com/watch/1961151/ 43 B
74 B 62ms
61ms Ping
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1961151/1?page-url=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&cnt-class=1&hittoken=1694547767_72413c2ee6da0c3d6721830e59ba6937432ffb6241ac557cb9481d6b36b73dac&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A751%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A2%3Adp%3A0%3Als%3A478058975839%3Ahid%3A159105966%3Az%3A120%3Ai%3A20230912214247%3Aet%3A1694547768%3Ac%3A1%3Arn%3A900104106%3Arqn%3A1%3Au%3A169454776711178037%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A303%2C59%2C64%2C117%2C0%2C0%2C%2C472%2C7%2C%2C%2C%2C1023%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1694547765888%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1694547768&t=mc(p-2-h-1)clc(0-0-0)rqnt(1)lt(33300)aw(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%228941061694547767090%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:47 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 12-Sep-2023 19:42:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 12-Sep-2023 19:42:47 GMT

GET
H2 200 1961151 Show response
mc.yandex.com/watch/ 43 B
74 B 64ms
64ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1961151?page-url=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&cnt-class=1&hittoken=1694547767_72413c2ee6da0c3d6721830e59ba6937432ffb6241ac557cb9481d6b36b73dac&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A2%3Adp%3A0%3Als%3A478058975839%3Ahid%3A159105966%3Az%3A120%3Ai%3A20230912214247%3Aet%3A1694547768%3Ac%3A1%3Arn%3A291851464%3Arqn%3A2%3Au%3A169454776711178037%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1694547765888%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1694547768%3At%3A%D0%9F%D1%80%D0%BE%20%D0%BC%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20Telegram%3A%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%2C%20%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B&t=mc(p-2-h-1)clc(0-0-0)rqnt(2)lt(33300)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:47 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 12-Sep-2023 19:42:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 12-Sep-2023 19:42:47 GMT

GET
H2

206

VP8_854_480_1800.webm
ext-strm-itt01.strm.yandex.net/vh-canvas-converted/vod-content/2829328631580210543/470ea1f7-9d0e-45c4-8b94-fa9ed01f7057/webm/
Redirect Chain

https://strm.yandex.ru/vh-canvas-converted/vod-content/2829328631580210543/470ea1f7-9d0e-45c4-8b94-fa9ed01f7057/webm/VP8_854_480_1800.webm?vsid=fa56bb3213a6b157e142c0afcb0d3d3abf14751e253bxVASx3968...
https://ext-strm-itt01.strm.yandex.net/vh-canvas-converted/vod-content/2829328631580210543/470ea1f7-9d0e-45c4-8b94-fa9ed01f7057/webm/VP8_854_480_1800.webm?vsid=fa56bb3213a6b157e142c0afcb0d3d3abf147...

2 MB
2 MB

520ms
131ms

Media
video/webm

2001:41a8:104:3::3
SEABONE-NET TELEC...

General

Check archive.org

Show headers Download Go to

Full URL: https://ext-strm-itt01.strm.yandex.net/vh-canvas-converted/vod-content/2829328631580210543/470ea1f7-9d0e-45c4-8b94-fa9ed01f7057/webm/VP8_854_480_1800.webm?vsid=fa56bb3213a6b157e142c0afcb0d3d3abf14751e253bxVASx3968x1694547766&noredir=1&lid=1529
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: H2
Server: 2001:41a8:104:3::3 , Italy, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),
Reverse DNS
Software: nginx /
Resource Hash: 2946c38aa61b15468032bf70031394c07a4e1af09aad4a49c547ce4752b49b2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-server-time-ms: 1694547768612
date: Tue, 12 Sep 2023 19:42:48 GMT
x-estimated-bandwidth: 734080
nel: {"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
Content-Range: bytes 0-2034622/2034623
x_h: strm-ams01.strm.yandex.net
x-strm-request-id: 0d971ef93740f434
x-connection-id: 486415789
Content-Length: 2034623
x-request-id: 0d971ef93740f434
x-estimated-rtt: 71370
last-modified: Mon, 28 Aug 2023 09:40:30 GMT
server: nginx
etag: "6b4b0cb0cd5ea4cee3b1db5b4eb5ac36"
x-strm-log-split: 6
content-type: video/webm
report-to: {"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
access-control-expose-headers: Date, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID, Age, X-Server-Time-Ms, X-Plg-URL
cache-control: max-age=300
access-control-allow-credentials: true
x-robots-tag: noindex, noarchive, nofollow
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Range, X-Client-Timestamp, X-Strm-Session
expires: Tue, 12 Sep 2023 19:47:48 GMT

Redirect headers

date: Tue, 12 Sep 2023 19:42:48 GMT
nel: {"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
x-strm-request-id: 1e7830c50c1c770a
x_h: strm-anycast-ru-net-production-59.vla.yp-c.yandex.net
content-length: 0
x-request-id: 1e7830c50c1c770a
server: nginx
x-strm-log-split: 8
report-to: {"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
location: https://ext-strm-itt01.strm.yandex.net/vh-canvas-converted/vod-content/2829328631580210543/470ea1f7-9d0e-45c4-8b94-fa9ed01f7057/webm/VP8_854_480_1800.webm?vsid=fa56bb3213a6b157e142c0afcb0d3d3abf14751e253bxVASx3968x1694547766&noredir=1&lid=1529
access-control-expose-headers: Date, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID, Age, X-Server-Time-Ms, X-Plg-URL
cache-control: no-cache
access-control-allow-credentials: true
x-plg: host=strm-plgo-production-205.vla.yp-c.yandex.net; version=12302552
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Range, X-Client-Timestamp, X-Strm-Session
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 3ed209be-bdc9-47e7-88b1-1860acaffce3.js Show response
storage.mds.yandex.net/get-bstor/10704183/ Frame A6C1 236 KB
68 KB 619ms
65ms Script
text/javascript 2a02:6b8::158
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.mds.yandex.net/get-bstor/10704183/3ed209be-bdc9-47e7-88b1-1860acaffce3.js
Requested by: Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:48 GMT
content-encoding: br
last-modified: Thu, 31 Aug 2023 11:04:56 GMT
server: nginx
etag: W/"b07a70ef58b40c71dfbb9b37b7c6ebc0"
x-cache-status: hit
content-type: text/javascript
x-data-size: 242057
access-control-allow-origin: *
x-mds-request-id: 15854cea6f87fc69
cache-control: max-age=31536000, immutable
x-robots-tag: noindex, noarchive, nofollow
x-mds-tvm-error: basic_auth

GET
H2 200 index.js Show response
storage.mds.yandex.net/get-canvas-html5/1003119/0a2db477-9070-4823-b4fd-dd918c419c76/ Frame A6C1 110 KB
22 KB 757ms
203ms Script
text/plain 2a02:6b8::158
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.mds.yandex.net/get-canvas-html5/1003119/0a2db477-9070-4823-b4fd-dd918c419c76/index.js
Requested by: Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 25dacfdeeb50184e3da7d86bf1102f38421606cf9ef14a6df9a6cebb130661ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:48 GMT
content-encoding: br
last-modified: Thu, 31 Aug 2023 11:05:16 GMT
server: nginx
etag: W/"255485de9348b763d80ae255967de0ba"
x-cache-status: hit
content-type: text/plain
x-data-size: 112508
access-control-allow-origin: *
x-mds-request-id: 6f864dd4a6e0866f
cache-control: max-age=31536000, immutable
x-robots-tag: noindex, noarchive, nofollow
x-mds-tvm-error: basic_auth

GET
H2 200 1T9smtW10am200000000U9nJD9l_QSc2rrdDXlz5_xhjMYNlPMc-do6L0GWyOIAXfJTpHMFtlv5bI6K4YcV-5vrg3n8lPGRoQgy2YLR6123P2P850YQ6cOo_Co6SXOmtaY6YAnbhL22ilOnllJaPZeBvPnb1Xbnb1Ac-oyWWmy3mbz5bixtpN2OEeCXIfWPs1eQrJ... Show response
yandex.ru/an/rtbcount/ 43 B
224 B 363ms
362ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 12 Sep 2023 19:42:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1694547768296562-13428625746881078222-balancer-l7leveler-kubr-yp-sas-142-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 12 Sep 2023 19:42:48 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 12 Sep 2023 19:42:48 GMT

GET
H2 200 matchx Show response
uuidksinc.net/ Frame 2129 3 KB
2 KB 136ms
37ms Document
text/html 31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://uuidksinc.net/matchx
Requested by: Host: dariolunus.com
URL: https://dariolunus.com/787276.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: fc91ddd457d04b82ded0d62493f7ffe97d6414de0c9f9f6ded5ab64bb470cc08

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 12 Sep 2023 19:42:48 GMT
server: nginx/1.23.2
vary: Accept-Encoding

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ 154 KB
52 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b63a5a62fc7cb754c2ee0ca485c32c16901f7401cc38270dbb10f2e94462560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53662
x-xss-protection: 0
server: cafe
etag: 6531881293753230513
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 19:42:48 GMT

GET
H2

200

/
d.uuidksinc.net/match/216/ Frame 2129
Redirect Chain

https://fcgi4.gnezdo.ru/cookie_matching/kadam/XOaQhCaRBBpayCfAiXW3
https://fcgi4.gnezdo.ru/cookie_matching/kadam/XOaQhCaRBBpayCfAiXW3/?redirect=1
https://d.uuidksinc.net/match/216/?remote_uid=XV9maWUAvzh5HLmea9WqAg==

74 B
141 B

46ms
45ms

Image
image/png

31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.uuidksinc.net/match/216/?remote_uid=XV9maWUAvzh5HLmea9WqAg==
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol: H2
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:48 GMT
server: nginx/1.23.2
content-length: 74
content-type: image/png

Redirect headers

location: https://d.uuidksinc.net/match/216/?remote_uid=XV9maWUAvzh5HLmea9WqAg==
access-control-allow-origin: *
date: Tue, 12 Sep 2023 19:42:48 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With
access-control-allow-methods: GET, POST, HEAD

GET
H2 204 smc
z.cdn.adtarget.me/ Frame 2129 0
41 B 100ms
30ms Image
text/plain 81.171.9.38
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.adtarget.me/smc?s=22&u=XOaQhCaRBBpayCfAiXW3
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 81.171.9.38 Renswoude, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:43:19 GMT
server: nginx

GET
H2

200

/
d.uuidksinc.net/match/354/ Frame 2129
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=44509&callback_url=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F372%2F%3Fremote_uid%3D%24%7BUSER_ID%7D%26cb_url%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fm...
https://ads.betweendigital.com/match?bidder_id=44509&callback_url=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F372%2F%3Fremote_uid%3D%24%7BUSER_ID%7D%26cb_url%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fm...
https://d.uuidksinc.net/match/372/?remote_uid=08ed2758-0bcb-52ff-8cfb-c72ce9fb7814&cb_url=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F354%2F%3Fremote_uid%3D08ed2758-0bcb-52ff-8cfb-c72ce9fb7814%26
https://d.uuidksinc.net/match/354/?remote_uid=08ed2758-0bcb-52ff-8cfb-c72ce9fb7814&

74 B
141 B

37ms
37ms

Image
image/png

31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.uuidksinc.net/match/354/?remote_uid=08ed2758-0bcb-52ff-8cfb-c72ce9fb7814&
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol: H2
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:48 GMT
server: nginx/1.23.2
content-length: 74
content-type: image/png

Redirect headers

location: https://d.uuidksinc.net/match/354/?remote_uid=08ed2758-0bcb-52ff-8cfb-c72ce9fb7814&
date: Tue, 12 Sep 2023 19:42:48 GMT
server: nginx/1.23.2
content-length: 0

GET
H2 200 pixel.gif
dmpprof.com/matching/external/ Frame 2129 43 B
745 B 374ms
62ms Image
image/gif 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmpprof.com/matching/external/pixel.gif?sid=14&uid=XOaQhCaRBBpayCfAiXW3
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:48 GMT
last-modified: Tue, 12 Sep 2023 19:42:48 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type: image/gif
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 204 match
dm-eu.hybrid.ai/ Frame 2129 0
280 B 380ms
68ms Image
text/plain 37.230.131.21
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=158&vid=XOaQhCaRBBpayCfAiXW3

Requested by

Host: uuidksinc.net
URL: https://uuidksinc.net/matchx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.21 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:48 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://uuidksinc.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 511
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

/
d.uuidksinc.net/match/444/ Frame 2129
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https://d.uuidksinc.net/match/444/?remote_uid=${UUID}
https://d.uuidksinc.net/match/444/?remote_uid=43f728eb-c7f0-4754-71b5-ed89ffdf8e8d

74 B
141 B

54ms
38ms

Image
image/png

31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.uuidksinc.net/match/444/?remote_uid=43f728eb-c7f0-4754-71b5-ed89ffdf8e8d
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol: H2
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:48 GMT
server: nginx/1.23.2
content-length: 74
content-type: image/png

Redirect headers

location: https://d.uuidksinc.net/match/444/?remote_uid=43f728eb-c7f0-4754-71b5-ed89ffdf8e8d
date: Tue, 12 Sep 2023 19:42:48 GMT
server: nginx
content-length: 117
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

/
d.uuidksinc.net/match/493/ Frame 2129
Redirect Chain

https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/XOaQhCaRBBpayCfAiXW3
https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/XOaQhCaRBBpayCfAiXW3/?redirect=1
https://d.uuidksinc.net/match/493/?remote_uid=XV9maWUAvzh5HLmea9WqAg==

74 B
141 B

40ms
40ms

Image
image/png

31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.uuidksinc.net/match/493/?remote_uid=XV9maWUAvzh5HLmea9WqAg==
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol: H2
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:48 GMT
server: nginx/1.23.2
content-length: 74
content-type: image/png

Redirect headers

location: https://d.uuidksinc.net/match/493/?remote_uid=XV9maWUAvzh5HLmea9WqAg==
access-control-allow-origin: *
date: Tue, 12 Sep 2023 19:42:48 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With
access-control-allow-methods: GET, POST, HEAD

GET
H2

200

/
d.uuidksinc.net/match/585/ Frame 2129
Redirect Chain

https://match.ohmy.bid/cm?ssp=kadam
https://d.uuidksinc.net/match/585/?remote_uid=9d3a621f-1383-4dae-a9d1-12ae6e587cbe

74 B
141 B

43ms
40ms

Image
image/png

31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.uuidksinc.net/match/585/?remote_uid=9d3a621f-1383-4dae-a9d1-12ae6e587cbe
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol: H2
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:48 GMT
server: nginx/1.23.2
content-length: 74
content-type: image/png

Redirect headers

location: https://d.uuidksinc.net/match/585/?remote_uid=9d3a621f-1383-4dae-a9d1-12ae6e587cbe
date: Tue, 12 Sep 2023 19:42:48 GMT
access-control-allow-credentials: true
server: nginx
bidder: bid-12
content-length: 0

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/6573/i/ Frame 2129
Redirect Chain

https://dmg.digitaltarget.ru/1/6573/i/i?a=662&e=XOaQhCaRBBpayCfAiXW3&i=0.9690168932213177
https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1694547768598&a=662&e=XOaQhCaRBBpayCfAiXW3&i=0.9690168932213177

49 B
523 B

59ms
58ms

Image
image/gif

185.15.175.157
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1694547768598&a=662&e=XOaQhCaRBBpayCfAiXW3&i=0.9690168932213177

Requested by

Host: uuidksinc.net
URL: https://uuidksinc.net/matchx

Protocol

HTTP/1.1

Server

185.15.175.157 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 19:42:48 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 49
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Tue, 12 Sep 2023 19:42:48 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Max-Age: 86400
Location: https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1694547768598&a=662&e=XOaQhCaRBBpayCfAiXW3&i=0.9690168932213177
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/ Frame B967 10 KB
4 KB 35ms
29ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23077
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 13:18:11 GMT
etag: 8554266389219770021
expires: Tue, 26 Sep 2023 13:18:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/ Frame 6C49 10 KB
4 KB 35ms
30ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23077
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 13:18:11 GMT
etag: 8554266389219770021
expires: Tue, 26 Sep 2023 13:18:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/ Frame E878 10 KB
4 KB 35ms
31ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23077
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 13:18:11 GMT
etag: 8554266389219770021
expires: Tue, 26 Sep 2023 13:18:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame B967 4 KB
767 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Sep 2023 19:42:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 19:42:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Sep 2023 19:42:48 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B967 205 B
651 B 250ms
26ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 13:30:10 GMT
x-content-type-options: nosniff
age: 195158
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 09 Sep 2024 13:30:10 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B967 604 B
696 B 250ms
27ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 21:04:39 GMT
x-content-type-options: nosniff
age: 513489
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 05 Sep 2024 21:04:39 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/elements/html/ Frame B967 15 KB
7 KB 242ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 13:56:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20770
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 511223485441000916
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 13:56:38 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/elements/html/ Frame B967 20 KB
8 KB 242ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 13:56:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20770
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 13:56:38 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 2167 86 KB
35 KB 235ms
36ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 90eec26631750771c30336de6715aad19b3adc4d4f271686a477c0edc9042a01

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 12 Sep 2023 19:42:48 GMT
content-encoding: br
last-modified: Fri, 08 Sep 2023 16:51:39 GMT
vary: Accept-Encoding
x-azure-ref: 20230912T194248Z-sbm6dp64st1h1dwcycy018wwaw00000002a000000000sgq0
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 44a1de9d-401e-000b-717b-e24fa9000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 2167 80 KB
27 KB 280ms
82ms Script
application/x-javascript 23.43.60.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.60.179 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-43-60-179.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 19:42:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Wed, 11 Sep 2024 19:42:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame 2167 3 KB
1 KB 244ms
46ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/window_focus_fy2021.js

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 13:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 13:47:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame 2167 20 KB
8 KB 227ms
29ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 13:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 13:47:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2167 181 KB
57 KB 259ms
61ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57894
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694432528947753"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 19:42:48 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 2167
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=6a92c703-c2b5-4f0e-bfc8-569c4307e61a&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=faf0bbdb-1f1d-401d...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=82ead756c48e46e7a79b68263ebb9528&SNR=1&GV=2&med=10

0
548 B

83ms
82ms

Image
text/plain

2a02:26f0:ab00::214:8ea1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=82ead756c48e46e7a79b68263ebb9528&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2a02:26f0:ab00::214:8ea1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0E0A3D25B4FC4FE29EA8C511C14BA98D Ref B: FRA31EDGE0717 Ref C: 2023-09-12T19:42:49Z
x-cdn-traceid: 0.9d8e1402.1694547768.d544263
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Tue, 12 Sep 2023 19:42:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C27CE0BE9D864849B8CD22FC1CA1FB47 Ref B: MIL30EDGE1021 Ref C: 2023-09-12T19:42:48Z
x-cdn-traceid: 0.9d8e1402.1694547768.d5441a4
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=82ead756c48e46e7a79b68263ebb9528&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/ Frame E878 23 KB
9 KB 235ms
46ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 13:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 13:47:05 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E878 8 KB
823 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Sep 2023 19:42:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 18:58:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Sep 2023 19:42:48 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame E878 15 KB
3 KB 212ms
25ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 05:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Sep 2024 05:45:19 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame E878 368 KB
128 KB 213ms
26ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 13:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21954
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130842
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Sep 2024 13:36:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame E878 20 KB
8 KB 227ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 13:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 13:47:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8192 6 KB
706 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Sep 2023 19:42:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 17:44:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Sep 2023 19:42:48 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/9697244555934136908/ Frame 8192 7 KB
7 KB 208ms
60ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9697244555934136908/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8f19f3572bf66995550c7ace5fbb33774f774f245208b599ed2317a94e400ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 16:16:13 GMT
x-content-type-options: nosniff
age: 357995
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6800
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 03:57:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Sep 2024 16:16:13 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame 8192 2 KB
973 B 201ms
59ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 13:49:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 13:49:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/ Frame 8192 23 KB
9 KB 194ms
53ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 13:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 13:47:05 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame 8192 3 KB
1 KB 199ms
58ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 13:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 13:47:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/ Frame 8192 20 KB
8 KB 182ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230911/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 13:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Sep 2023 13:47:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8192 181 KB
57 KB 241ms
101ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57894
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694432528947753"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 19:42:48 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 8192 36 KB
15 KB 168ms
28ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 17:48:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 17:57:26 GMT

POST
H2 200 WV4ejI_zOoVX2LbX0HqF05FRQIOQbKgbKga4mUIRa1lnvAGyWSAsqwXXfqp7xP2N-ixOn1CjBIqjBIsT7MS2n3w7d4UdTpHlVlWBeKkG7H_2om_Ucizio8Vz0uyX7iOKcWGzREa1k2OCqLhyx1Mv1_WgOG0TfufqoCS53HX74QpWIL43EeE3zJTV6pr8SgugR14og...
yandex.ru/an/tracking/ 0
235 B 71ms
70ms Ping
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/tracking/WV4ejI_zOoVX2LbX0HqF05FRQIOQbKgbKga4mUIRa1lnvAGyWSAsqwXXfqp7xP2N-ixOn1CjBIqjBIsT7MS2n3w7d4UdTpHlVlWBeKkG7H_2om_Ucizio8Vz0uyX7iOKcWGzREa1k2OCqLhyx1Mv1_WgOG0TfufqoCS53HX74QpWIL43EeE3zJTV6pr8SgugR14ogWW7Cm4Sn0nyfpQCbr3Y3M8xiWcZV_BrjpV570QNHSFOrv2RP6jvH6h64sh254ofuUReP7slqVsP1fmLGCh8eH-X1W4KmUy80zYYw940ezeV1jt3XQy4LOfEn8WycfqlS2TmkwBui60kuGIsiFicjxZ7ABAzkhSONTUPcB3O6N9Jfb7P_2E4454KAxq0vwWO9o5Wa2bhocIRp1WTvYl1Xx8u4pu4ECDqcqAmieiv1easzMfySeQe7tw0weDhdFwtQUHxAPZojJQ0Fzk1ZgND7APmZT6xTvEIilLa7uT4CD6F3JX3OWNflp53lYZ9UgzH7nJRfD_IkgvZwODYc_HQ6ovUAZux0T2BczUPCpXCWU2ni4tcIgLIQLNQIMsQglniGbfmIgLI6H7ywo191N3XDHSSyIwSxfgnJw2M6meNr4n-zhur1DmGtF22q3gUkrw2jje9mZbeVLWcLRZuw8cKNW00~2?action-id=11&adsdk-bundle-version=861980&adsdk-bundle-name=InPage&ad-session-id=8941061694547767090&vsid=fa56bb3213a6b157e142c0afcb0d3d3abf14751e253bxVASx3968x1694547766&top-ancestor=http%3A%2F%2Fdownload-telegram.org&top-ancestor-undetermined=0&client-ts=1694547768757&client-timezone-offset=-120&viewability-undetermined=0&video-volume=0&video-muted=1&pcode-active-testids=861980%2C0%2C87&document-has-focus=true&is-fullscreen=false&ad-pod-id=unknown&product-theme=video-default&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22width%22%3A682%2C%22height%22%3A384%2C%22w%22%3A682%2C%22h%22%3A384%2C%22left%22%3A265%2C%22top%22%3A917%2C%22visible%22%3A1%2C%22req_no%22%3A1%7D

Requested by

Host: yastatic.net
URL: https://yastatic.net/vas-bundles/861980/bundles-es2017/inpage.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1694547768787787-1538788462580348137-balancer-l7leveler-kubr-yp-sas-142-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 12 Sep 2023 19:42:48 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 12 Sep 2023 19:42:48 GMT

POST
H2 200 1T9smtW10am200000000U9nJD9l_QSc2rrdDXlz5_xhjMYNlPMc-do6L0GWyOIAXfJTpHMFtlv5bI6K4YcV-5vrg3n8lPGRoQgy2YLR6123P2P850YQ6cOo_Co6SXOmtaY6YAnbhL22ilOnllJaPZeBvPnb1Xbnb1Ac-oyWWmy3mbz5bixtpN2OEeCXIfWPs1eQrJ...
yandex.ru/an/rtbcount/ 43 B
143 B 73ms
72ms Ping
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1T9smtW10am200000000U9nJD9l_QSc2rrdDXlz5_xhjMYNlPMc-do6L0GWyOIAXfJTpHMFtlv5bI6K4YcV-5vrg3n8lPGRoQgy2YLR6123P2P850YQ6cOo_Co6SXOmtaY6YAnbhL22ilOnllJaPZeBvPnb1Xbnb1Ac-oyWWmy3mbz5bixtpN2OEeCXIfWPs1eQrJ1OiG9LC_u7W5PD0rdMEhl-YZ0mNNcrVgiVAnl2NYGNa16PM8DdBh0Wafp9p0Scvp4mWQvcP71KOG8PjP3RIZ_UovH2jESaCy_LLPh35p790yYdpvcyhk7yoEpZnGvpESlRH1p1h1mlJ0PR_CC1uamNYZm_s3raEv9oQ999ytVuj2yWt2rWvJx9-LU41IrzWNT3me47X9glPvee73ZlqCh-oWhJ_OkKqj3GrCp8oDRTiODlyTd5i1ri3omIsRVjEBU_wicjhC-CCjYk7WnUmRUgVlUVvYklh4bUomMmvmEPnWetv4HklQPchbRTdGLXsi5EE-Kisc7j-idtHN_nozifFzXFPFx3NRhzf_TP-5ZkRXPcnfPd51dQc7UoC9zZ57x0ldtLnyl8r1s_e_63dMS3n-pBh2euRnnatSFpnsC71U8i38uYV0iElmRwN4-J7gPmWxo_WR61UmRcBQGEds0bEnWkS72yu6G7hVyNa?adsdk-bundle-version=861980&adsdk-bundle-name=InPage&ad-session-id=8941061694547767090&vsid=fa56bb3213a6b157e142c0afcb0d3d3abf14751e253bxVASx3968x1694547766&top-ancestor=http%3A%2F%2Fdownload-telegram.org&top-ancestor-undetermined=0&client-ts=1694547768757&client-timezone-offset=-120&viewability-undetermined=0&video-volume=0&video-muted=1&pcode-active-testids=861980%2C0%2C87&document-has-focus=true&is-fullscreen=false&ad-pod-id=unknown&product-theme=video-default&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22width%22%3A682%2C%22height%22%3A384%2C%22w%22%3A682%2C%22h%22%3A384%2C%22left%22%3A265%2C%22top%22%3A917%2C%22visible%22%3A1%2C%22req_no%22%3A2%7D

Requested by

Host: yastatic.net
URL: https://yastatic.net/vas-bundles/861980/bundles-es2017/inpage.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1694547768788104-14725457144554655755-balancer-l7leveler-kubr-yp-sas-142-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 12 Sep 2023 19:42:48 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 12 Sep 2023 19:42:48 GMT

POST
H2 200 WV4ejI_zOoVX2LbX0HqF05FRQIOQbKgbKga4mUIRa1lnvAGyWSAsqwXXfqp7xP2N-ixOn1CjBIqjBIsT7MS2n3w7d4UdTpHlVlWBeKkG7H_2om_Ucizio8Vz0uyX7iOKcWGzREa1k2OCqLhyx1Mv1_WgOG0TfufqoCS53HX74QpWIL43EeE3zJTV6pr8SgugR14og...
yandex.ru/an/tracking/ 0
111 B 72ms
71ms Ping
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/tracking/WV4ejI_zOoVX2LbX0HqF05FRQIOQbKgbKga4mUIRa1lnvAGyWSAsqwXXfqp7xP2N-ixOn1CjBIqjBIsT7MS2n3w7d4UdTpHlVlWBeKkG7H_2om_Ucizio8Vz0uyX7iOKcWGzREa1k2OCqLhyx1Mv1_WgOG0TfufqoCS53HX74QpWIL43EeE3zJTV6pr8SgugR14ogWW7Cm4Sn0nyfpQCbr3Y3M8xiWcZV_BrjpV570QNHSFOrv2RP6jvH6h64sh254ofuUReP7slqVsP1fmLGCh8eH-X1W4KmUy80zYYw940ezeV1jt3XQy4LOfEn8WycfqlS2TmkwBui60kuGIsiFicjxZ7ABAzkhSONTUPcB3O6N9Jfb7P_2E4454KAxq0vwWO9o5Wa2bhocIRp1WTvYl1Xx8u4pu4ECDqcqAmieiv1easzMfySeQe7tw0weDhdFwtQUHxAPZojJQ0Fzk1ZgND7APmZT6xTvEIilLa7uT4CD6F3JX3OWNflp53lYZ9UgzH7nJRfD_IkgvZwODYc_HQ6ovUAZux0T2BczUPCpXCWU2ni4tcIgLIQLNQIMsQglniGbfmIgLI6H7ywo191N3XDHSSyIwSxfgnJw2M6meNr4n-zhur1DmGtF22q3gUkrw2jje9mZbeVLWcLRZuw8cKNW00~2?action-id=0&adsdk-bundle-version=861980&adsdk-bundle-name=InPage&ad-session-id=8941061694547767090&vsid=fa56bb3213a6b157e142c0afcb0d3d3abf14751e253bxVASx3968x1694547766&top-ancestor=http%3A%2F%2Fdownload-telegram.org&top-ancestor-undetermined=0&client-ts=1694547768759&client-timezone-offset=-120&viewability-undetermined=0&video-volume=0&video-muted=1&pcode-active-testids=861980%2C0%2C87&document-has-focus=true&is-fullscreen=false&ad-pod-id=a34sdf%3B1128248132%3B0%3B0c29e42817b6f64d%3B5341175400116327935%3B195622579%3B1961151%3B3%3B0&product-theme=video-default&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22width%22%3A682%2C%22height%22%3A384%2C%22w%22%3A682%2C%22h%22%3A384%2C%22left%22%3A265%2C%22top%22%3A917%2C%22visible%22%3A1%2C%22req_no%22%3A3%7D

Requested by

Host: yastatic.net
URL: https://yastatic.net/vas-bundles/861980/bundles-es2017/inpage.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1694547768789453-4875741676353461176-balancer-l7leveler-kubr-yp-sas-142-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 12 Sep 2023 19:42:48 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 12 Sep 2023 19:42:48 GMT

GET
H2 200 index_atlas_P_1.png
storage.mds.yandex.net/get-canvas-html5/1003119/0a2db477-9070-4823-b4fd-dd918c419c76/ Frame A6C1 82 KB
82 KB 67ms
66ms Image
image/png 2a02:6b8::158
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.mds.yandex.net/get-canvas-html5/1003119/0a2db477-9070-4823-b4fd-dd918c419c76/index_atlas_P_1.png
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 9b63737f4359b834628a64ee5f00acf5f954ba2f4875ff69360dcdc064d5a9dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:48 GMT
last-modified: Thu, 31 Aug 2023 11:05:16 GMT
server: nginx
etag: "f54852dcd822f9a9cf322fac9cdc59d1"
x-cache-status: hit
content-type: image/png
x-data-size: 84022
access-control-allow-origin: *
x-mds-request-id: fa88fe1a099fbe3f
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
content-length: 84022
x-mds-tvm-error: basic_auth

GET
H2 200 th
www.bing.com/ Frame 2167 6 KB
6 KB 25ms
24ms Image
image/jpeg 2a02:26f0:ab00::214:8ea1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.9964375859822_12OR3K5JFWVWPLCKGF&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=180&h=180&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::214:8ea1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 726e6fccf52b913f76c5356d49ac8447db214dad2643dd7eeb28aefc9011cf40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:48 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.9d8e1402.1694547768.d544247
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 5668
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 2167 0
531 B 120ms
33ms Script
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fdownload-telegram.org&e=wqT_3QLwA-jwAQAAAwDWAAUBCLf-gqgGEO-G6KWEvOKmQxgAKjYJcAVlhNRknT8RKMBX0hWDnD8ZAAAAIFyP8j8hKA0SACkRJAAxARvAheuxPzDb-KYDOLUBQLVeSOMDULqJirYBWMCxPWAAaJ-kVHjF8wWAAQGKAQNVU0SSAQEG8MmYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCHGh0dHA6Ly9kb3dubG9hZC10ZWxlZ3JhbS5vcmeAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFpPbB-qjmxZcLwAUAyQUAAAAAAADwP9IFCQkACQ10ANgFAeAFAfAFjPQO-gUECAAQAJAGAJgGALgGAMEGCSQs8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB8XzBdIHDQkRKAEmCNoHBgFepBgA4AcA6gcCCADwB9GiBIoIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=dc4705d630925cc4efef8708a61342680536b0b5&bdref=http%3A%2F%2Fdownload-telegram.org%2F&bdtop=true&bdifs=2&bstk=http%3A%2F%2Fdownload-telegram.org%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230907%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271804%26client%3Dca-pub-5409240997335254%26fa%3D4%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26xpc%3DqnZun1mjsv%26p%3Dhttp%253A%2F%2Fdownload-telegram.org,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230907%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:49 GMT
an-x-request-uuid: 00aa3bce-3ca2-4bcd-84bc-e8e919e142ce
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.165; 84.19.175.165; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E878 0
54 B 780ms
388ms Ping
image/gif 2a00:1450:4019:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=1~lmgpzmo0&c=7128196974618&slotId=3564098487309&qqid=CPWr7a3qpYEDFRAA-QAdr2sNvg&fb=outstream-lima&sei=44714743%2C44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4019:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E878 9 KB
9 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 21:26:59 GMT
x-content-type-options: nosniff
age: 252950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 21:26:59 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E878 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 509673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Sep 2024 22:08:16 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E878 0
20 B 130ms
129ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C8xsBN78AZbW0GZCA5LcPr9e18Au4vMWyce6BrIi6Ea_bor3AARABIJWN2WVglfrwgYwHyAEFqQKyk_JsigSyPqgDAcgDmwSqBP0BT9Af1p8dkGQuYBmYfKlQJhdiibKaN4h9Wwf9WA7cJ6JuKDWNYCgdN2M-sPDgvaMA_oq47flGRjS1VSK1BOinmLPooZmxEk_1cyKdtn2odFvjSYedPKdsEiMeycK4p5ij0ojZexof-U_jdv0Gh0SbzVLz7KReOC24NHobT7mr_SKPMgKvxNos6nCdiCh35FBh-94LY5Uw1by8sIfo97w5Iai8c7xAftaAX2o6kTFKRKO3qXcTlqO4d4BTz-RhQRJ_mUkxEYtFm5juDXVD6tBbczaB0fxF4lGv0lqLyMEOb4jgDnadR9_uu39QTAG2AMTWUCtbYtJ7r-XBykFxQsAE4feciLwE4AQDiAXni-_aS5AGAaAGdoAH2I7rvgKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBO2w_YTyBPq5ZXjA9ATANgTCogUB9gUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1694547768995&ai=C8xsBN78AZbW0GZCA5LcPr9e18Au4vMWyce6BrIi6Ea_bor3AARABIJWN2WVglfrwgYwHyAEFqQKyk_JsigSyPqgDAcgDmwSqBP0BT9Af1p8dkGQuYBmYfKlQJhdiibKaN4h9Wwf9WA7cJ6JuKDWNYCgdN2M-sPDgvaMA_oq47flGRjS1VSK1BOinmLPooZmxEk_1cyKdtn2odFvjSYedPKdsEiMeycK4p5ij0ojZexof-U_jdv0Gh0SbzVLz7KReOC24NHobT7mr_SKPMgKvxNos6nCdiCh35FBh-94LY5Uw1by8sIfo97w5Iai8c7xAftaAX2o6kTFKRKO3qXcTlqO4d4BTz-RhQRJ_mUkxEYtFm5juDXVD6tBbczaB0fxF4lGv0lqLyMEOb4jgDnadR9_uu39QTAG2AMTWUCtbYtJ7r-XBykFxQsAE4feciLwE4AQDiAXni-_aS5AGAaAGdoAH2I7rvgKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBO2w_YTyBPq5ZXjA9ATANgTCogUB9gUAdAVAfgWAYAXAegXBQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E878 0
54 B 765ms
388ms Ping
image/gif 2a00:1450:4019:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=2~lmgpzmp0&c=7128196974618&slotId=3564098487309&qqid=CPWr7a3qpYEDFRAA-QAdr2sNvg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1bp&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4019:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame E878 29 KB
17 KB 194ms
70ms XHR
text/xml 66.102.1.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CbyHt0eHCJqgxRhwgO5_E_R3qbusQ8cSCzE2hKi0m-cX46OwFGeJhzbZlCjmS1as1UEdbiEVmLDFE_iXpr5xSFYflzsw&cry=1&dbm_d=AKAmf-Ab3Sr_brWsuFH6Q7YJU_QbEq1TKnpKKMM6tNAbhHqLZX_8PX4Pj5FO4Y5KXRtDb0s-x2zWDwsyTQOCyAQfJBB4OvQ6hBp2GjEqVDKpdSvi2ZMRNZzOUYpyFIKLKGRlSFhEJ2GlEvwoZ_bw7d1oahmLDu7lqTDrec7xAZV8yytADn5ZrvNPP0sfHf47XlwTKswQXElz6F_hSuChfqO7Xu-_igpXjU9bwITfUaJz3YPT1kGAOMEnusX90id_ExFmwZHX7bMiVla8LZO5pQhnntQANp1oN6kTP88-G2XlzLPjV7u6g0tUQb7Jr8Bi70gpG-Ryc7-UL3mCo7675ae1CXWcTLj3Dm4Y21oy5CtaUHwMGqm2xBcybYgtBaK4pu9Brg_nJ702PR5qu9UqZY2bX8dzjFjA8YZXjrC2N278XFJBbnZf8hdvL59FZPJO0ZsDNjk748nG4IViK3Zk_JlIIm1GjQIfDq8PDIeudU9M3YYYFUexl8fJYW9sPyeSXwkQM6_NGyJWQr3cz9u7KDcNw_i1r8WlBIUbzJJlns6xopdW02cPuyXtehz6HEWGEnmiFMdrZMgDyfkcmWgCO3tzUPeEX3gNbcmbXuW9_X71NWkWVg1jDjrKwicMu44ycj97OlJJpDkmtt-i2wPY5Iil3nekxny3FxdgRrRctui8unQZcttuGWT7IOxNTwHs3QFqVyECtCu0Xw9YS7TPtyyrSLYAQtD4dL5_QtxXxGQyWUd6MnpSPp_HfCufSLfxF3zWTg8jaBbE1AWYPoU-N_1hLweAxZE-nSx2AX5hc5Po1lfvrzvDVteMSJi20dT4XACwD2s5Qzfmst0llxwzmTGxDSqdTg_jdP4WRprT0K2lRLFgtueodCA4XGOG8I8FAxGj-Qr3lsADoZ5-AjtCIcsApHt1yrSk_LxgClC5kULdHnXiqCz17g5XN9D-I0QLkrMyUZY-bUG-LD5kBD5M3iGEfGYvHI51kKFZE3i6e8UwOdCdrp7m_MZMJjYWvafNqdDE30-phFHhakxGKYlrPhzD30pUwkto8ZVxyeCDufCG6PBds4eI3r79IgRo0mArYlGvJPXcBi7_CxmQzK46Zh-ejuSz_mAIxp0psBVcs_9UFIuAtdqwt7g89lw3p3NUqA0e_fJ74oHs4k66X0OVe-GGvIrGeyeWYigE9iXYcoq9-edm5qJlXFcryFr-XybdoGGGdq__kd8fJfUKDBTEYR0fEaFR8dYVTI1rfmJbfTBen5or5xTduq5bDTKqkDFPRSX8CGB7V9i1GAu1vTzd1aLuOIbkhiK5IcOr8frRqYe0Q-Gq65GhpkiDzHpu9k8VpsIufy7bu-lbZI2xm7mZ-UP_4T51Ct3PTtwy73I7yMKGSjW5mZNLqSTtrBilO7M6kxQpobGAoKUDbcuxCPCyKH-w3fDEWUInMYC4lmaXdWDa5e5mcN4F-ceLu45Qr49vNso2tngnSmT2yq4JqAuGcUWOtGEP99APxc9H8J7bayTLXZmNbzfXdhFoT4qlBYEwomDWmgkYvedclTrRJmVHmnNb8UFKR44RQlknuaRf0VvjWKn8pQ5LGvnIxpIFjE3poPmcAarIK6gZEFSb9ARCm0rS6ft3qI9YNzjEoXIFyRUvXdKWHQjSaGn3RtDzlrCjDI7x34FO-uhMZQIcppeCIINxnCg5HFM2GqKSBvP0v19T0MvhnuLQy0ZA7p-EZ1UHFHTf6TcZ32RoBjCGx29Hj8lWOSsFhGFTpsyP4MfLFovGowzn9pfXGZuO3qHucEzvAHZTvvOPGqpLMrd49FpaWqLiSHn-p96S-TSxioTzSKJq6gCdgraPtXn8yv7uiv7T7jS6ORSpROWVUPwmQHxGEfgIyiK7wHh5-SmmTs1_vmpnBFzmSdwmHL46oyXoduhP2BPOTxWEo-l7wLahgvS_LRFVc5CJ8FOgO_5ao821PrQvZuNQsqvzcN4UsGbV37xV-E9fKR4wVggKA54o2i2UAZLAaOLU2D9z-t8QhsXtZLZ2gxvI5GnNVFMooO8gWxIoyrwdHk7M-qa9TahUNuxRtRARz2s8gcRfiEj-jL4BQcWR9PBA7PK-ZMaSYN2XMdr0UPIEiAHHJV5FrJcrjS4c3BQmFP2yIRCJanuA_IRWsBALJt8a_nokQoV90fUDL96FMMMbdgh-c7C5TwfmBjtqKa4_5LvbkAYvqHjAWIovn9DOdaptrp4JSkIXbSd4c215G9a5HNDUVhV1Du6BAiVO74XTJuvmQmLbke4bvI_T4bPtjwMafCAGgkNwR0Y0ntX_C7cFD0NLk2PDP3pD_IU7yiMwsR3O4a1JZnXUazzb4cgy2YX_lTaRFktYUd7vLXjMFAWsxE2KWf5i4gqRhrJVfe_onUIVD-syd47I13A7oAerB2dIaF3vfbx-n78dywGFhy1SDCEbvnW-sTABxbxAkxBeMwYvzT5z1agFeHeVJLKquIqafmtvd6ZTLmo0AFMd9bgM8QtKYNnCbYd7TKXmPoORLG5FT_44zPWreU69XRzI_aKxSMm7S9OrDNaASSrtTglbluh7E5-PbsN3ujUzufdzM5lDxWRirO1Uy-C-uszmh2L_1Qg_0GZV4Fr4-qdgAgBthwwMOza7bOTOVxa-quW1ALvYkR8bPsE_t3zUKdXAseBkmz5rmuwR2ILMGTa1j6XE1mPak2CJSOfBKX-V179gC_t4NKyoy1oM9jXbbtjYu1hQX0kHabpiqPGAPK62ljFfzvrimS4v7FTn0ri_gfdopLx1JANSW1OmskRao5cBdot9e5w9kTMJH1Iog-QWbkTC-ccaOn8g4x59XfekYdlwUJnzQCFAhLmZQ1uIFIqLyr3cblmQOMuBQb4nSPbWlWan0lXO_ZrRMpe2xMEB3DFbNCggVZKtWI9gJXcVN2Xf3q_BMzUvEqtC2ZcMyFO0-7WkiuIVCKKIz9atBGxVqlPNe-De31813M142k5hKVNIowqzvKFM-H9eHxKYc9TR33FSUpT_o1IHzg8ax68qn9XCXJ9yg6lIwJNBImoMHnd19YqjfmkzsZyqNAG6h5XFkN2YFR4WAzTNp8iVzlzlfQPdPIfR29SG9_f1xBpAoC_KuabQ-r0MkOnSvPTwOFnA0hHwpXDkKkseJ3OY39M_Pm7nsOHZuqJ0BBm7UsDNkgh91rGl48msSnk0yU4XnI8e6djJt3reNR6IRXTygEU9VJoR846AGK-eU0I3aelJfiggbuSRTSjXMFgFScTJp-q1ofqSJP7GtesQncxt-7t0CH_npsXf9sJ1tN2IN74_Xa2VAdiPDABIBirnBPgzdvo_ttiN_VPmcTeJVWDNYqDyxymdDAlKgAfN7Yfb5BDNkJi8Gd-_my4FHhMT2KyBE3nq_lwEL8iyL_qPytDbJNgdh5sXvA-bjhn2z3P3p69p1VL0ME9z0E_1RURuwZvAsW7QblP9gaqA15qvf5MtFH7WoYoKb7CWsN8eoSbPAQxVWt-MzjWEHrYqZf2VCfjRUOaCbepuDf47pb88vJeIaTQMbUdfhPDmgDBKHyI6iJKFJEMEo_yFI82QhCrx8-BFeh6MbGkLIsAapPHtBVMQ0Bs9VxJ-rrQMlbfvalZVsKJ7wJKm9tBoEKMSQFdJmhXEOj4fpe3Vw4-okJScvOX5D_Jhtb_InzVs_SLWCgtefZkClAQD6N37IKyBVlGazAhJUgvJH_MxBb0TR32NBEa2GdrnBJyNcJMPn4hw5baoy_fBqGdIvuYo_eSy3NodYZVINHEneJ9tW7RcbpNw8yYooU1P3pY3yFTL_yv8LrD-FsklyOpameP4d-j76fmDB04SCe_zlhXXJvhiARpgi7L84H3cVTO66cksy5dpUhES3OOwftGioLX27iD7J5w&cid=CAQSGwBpAlJWa30MrBEknl-l2CUegOoFk5lfJTgLYBgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f156.1e100.net

Software

cafe /

Resource Hash

17382519cd5f72a37af1a938f107223a4e091a412c4a4d9a9c13205c8d732344

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16803
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E878 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2c327ca95a833151112b0881d9b13d4d75d7a1db597c0593cc540f2083a0ee2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 WV4ejI_zOoVX2LbX0HqF05FRQIOQbKgbKga4mUIRa1lnvAGyWSAsqwXXfqp7xP2N-ixOn1CjBIqjBIsT7MS2n3w7d4UdTpHlVlWBeKkG7H_2om_Ucizio8Vz0uyX7iOKcWGzREa1k2OCqLhyx1Mv1_WgOG0TfufqoCS53HX74QpWIL43EeE3zJTV6pr8SgugR14og...
yandex.ru/an/tracking/ 0
539 B 69ms
69ms Ping
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/tracking/WV4ejI_zOoVX2LbX0HqF05FRQIOQbKgbKga4mUIRa1lnvAGyWSAsqwXXfqp7xP2N-ixOn1CjBIqjBIsT7MS2n3w7d4UdTpHlVlWBeKkG7H_2om_Ucizio8Vz0uyX7iOKcWGzREa1k2OCqLhyx1Mv1_WgOG0TfufqoCS53HX74QpWIL43EeE3zJTV6pr8SgugR14ogWW7Cm4Sn0nyfpQCbr3Y3M8xiWcZV_BrjpV570QNHSFOrv2RP6jvH6h64sh254ofuUReP7slqVsP1fmLGCh8eH-X1W4KmUy80zYYw940ezeV1jt3XQy4LOfEn8WycfqlS2TmkwBui60kuGIsiFicjxZ7ABAzkhSONTUPcB3O6N9Jfb7P_2E4454KAxq0vwWO9o5Wa2bhocIRp1WTvYl1Xx8u4pu4ECDqcqAmieiv1easzMfySeQe7tw0weDhdFwtQUHxAPZojJQ0Fzk1ZgND7APmZT6xTvEIilLa7uT4CD6F3JX3OWNflp53lYZ9UgzH7nJRfD_IkgvZwODYc_HQ6ovUAZux0T2BczUPCpXCWU2ni4tcIgLIQLNQIMsQglniGbfmIgLI6H7ywo191N3XDHSSyIwSxfgnJw2M6meNr4n-zhur1DmGtF22q3gUkrw2jje9mZbeVLWcLRZuw8cKNW00~2?action-id=7&adsdk-bundle-version=861980&adsdk-bundle-name=InPage&ad-session-id=8941061694547767090&vsid=fa56bb3213a6b157e142c0afcb0d3d3abf14751e253bxVASx3968x1694547766&top-ancestor=http%3A%2F%2Fdownload-telegram.org&top-ancestor-undetermined=0&client-ts=1694547769118&client-timezone-offset=-120&viewability-undetermined=0&video-volume=0&video-muted=1&pcode-active-testids=861980%2C0%2C87&document-has-focus=true&is-fullscreen=false&ad-pod-id=a34sdf%3B1128248132%3B0%3B0c29e42817b6f64d%3B5341175400116327935%3B195622579%3B1961151%3B3%3B0&product-theme=video-default&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22width%22%3A682%2C%22height%22%3A384%2C%22w%22%3A682%2C%22h%22%3A384%2C%22left%22%3A265%2C%22top%22%3A917%2C%22visible%22%3A1%2C%22req_no%22%3A4%7D

Requested by

Host: yastatic.net
URL: https://yastatic.net/vas-bundles/861980/bundles-es2017/inpage.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1694547769152396-16262093698899318324-balancer-l7leveler-kubr-yp-sas-142-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 12 Sep 2023 19:42:49 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 12 Sep 2023 19:42:49 GMT

GET
H3 200 81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js Show response
pagead2.googlesyndication.com/bg/ Frame EF5A 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14745
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 16:08:33 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 2167 0
555 B 30ms
30ms Ping
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fdownload-telegram.org&e=wqT_3QL1Buh1AwAAAwDWAAUBCLf-gqgGEO-G6KWEvOKmQxgAKjYJcAVlhNRknT8RKMBX0hWDnD8ZAAAAIFyP8j8hKA0SACkRJAAxARvAheuxPzDb-KYDOLUBQLVeSOMDULqJirYBWMCxPWAAaJ-kVHjF8wWAAQGKAQNVU0SSAQEG9O8CmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAhxodHRwOi8vZG93bmxvYWQtdGVsZWdyYW0ub3JngAMAiAMBkAMAmAMJoAMBqgOEAwqaAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWZhZjBiYmRiLTFmMWQtNDAxZC05NWViLTUwOTNhNjA3YWEzNyZjbUV4cElkPUxWMiZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPWZhZjBiYmRiLTFmMWQtNDAxZC05NWViLTUwOTNhNjA3YWEzNyZydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD10cWNlY25mZiZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQ4NDk2ODM5NzAwNjY2MTMxMDMiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RJNU5EUTNOelEzTXpjek5qTWpNak16TkRjME5ESXlNakk0T0RVMU1nPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFpPbB-qjmxZcLwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFjPQO-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHxfMF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AfRogSKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=c85349b6a9b31d7708913201237303a5a9f0cee1&type=nv&nvt=5&jm=1003&px=0&py=0&bw=180&bh=180&sid=2514677151169220054&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:49 GMT
an-x-request-uuid: 3d829a50-f06d-4710-8828-4cdf5d8027b8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.165; 84.19.175.165; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E878 0
0 61ms
60ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cedm0N78AZbW0GZCA5LcPr9e18Au4vMWyce6BrIi6Ea_bor3AARABIJWN2WVglfrwgYwHyAEFqQKyk_JsigSyPqgDAaoE-gFP0B_Wnx2QZC5gGZh8qVAmF2KJspo3iH1bB_1YDtwnom4oNY1gKB03Yz6w8OC9owD-irjt-UZGNLVVIrUE6KeYs-ihmbEST_VzIp22fah0W-NJh508p2wSIx7JwrinmKPSiNl7Gh_5T-N2_QaHRJvNUvPspF44Lbg0ehtPuav9Io8yAq_E2izqcJ2IKHfkUGH73gtjlTDVvLywh-j3vDkhqLxzvEB-1oBfajqRMUpEo7epdxOWo7h3gFOX5fu0ge3f28SIJm4oNbKummh0P2WZu7g7WUrEWwzYc5NdDJtWYk-iWrNfX1BMVM6Bqpos3CH8nnDRirgPNqdLwATh95yIvATgBAOIBeeL79pLkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAfYjuu-AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEImgAxj3vvLvAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGwE7bD9hPIE-rlleMD0BMA2BMKiBQH2BQB0BUBgBcBshccChoIABIUcHViLTU0MDkyNDA5OTczMzUyNTQYAOgXBQ&sigh=RF_1orcmFQ4&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWa30MrBEknl-l2CUegOoFk5lfJTgLYBgB&vt=10&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Sep 2023 19:42:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 118ms
76ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230907&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2154436416c542f3c7ed80b91ff50beff8a43f43076e8658533c8ed4e7bdfdd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11875
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame E878 0
234 B 547ms
387ms Ping
image/gif 2a00:1450:4019:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=3~lmgpzmpe&c=7128196974618&slotId=3564098487309&qqid=CPWr7a3qpYEDFRAA-QAdr2sNvg&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4019:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame E878 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 07:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128870
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Sep 2024 07:54:59 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726083769/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame E878
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726083769/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726083769/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

209ms
22ms

Fetch
video/mp4

2a00:1450:401e:28::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726083769/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4939D18CE94FC18F28EBC4E71ABEAFBEF941ADCA.49AAA00F7A519AA3CF3B3642EE70C89C2F1A104E/key/cms1/cms_redirect/yes/mh/C5/mip/2001:1b60:1010:2:1011:f87c:8169:34a/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1694547413/mv/m/mvi/2/pl/29/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:401e:28::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 19:42:49 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2208368
Last-Modified: Wed, 05 Jul 2023 13:14:40 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 12 Sep 2023 19:42:49 GMT

Redirect headers

date: Tue, 12 Sep 2023 19:42:49 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726083769/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4939D18CE94FC18F28EBC4E71ABEAFBEF941ADCA.49AAA00F7A519AA3CF3B3642EE70C89C2F1A104E/key/cms1/cms_redirect/yes/mh/C5/mip/2001:1b60:1010:2:1011:f87c:8169:34a/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1694547413/mv/m/mvi/2/pl/29/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E878 0
54 B 532ms
388ms Ping
image/gif 2a00:1450:4019:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=4~lmgpzmvg&c=7128196974618&slotId=3564098487309&qqid=CPWr7a3qpYEDFRAA-QAdr2sNvg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=976&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1i0~videopreviewvisible.1i9&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4019:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2167 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e297d43a72fb1dabda5aa50289e20db2f9577a47970126203e6ea78132136f51

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 12 Sep 2023 19:42:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2167 0
19 B 158ms
157ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxpXzN78AZbS0GZCA5LcPr9e18AvS4Nfgbo-ktpOTCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01NDA5MjQwOTk3MzM1MjU0yAEJqAMByAMCqgTLAU_QTFR_Rkm4PiO-Lw25hfR-hyUnvT7Z7BETpFax7u4WVGoYH5hTbOZZRCd8m8c2ELyFZsEI5VnjRqThOJsjBzKzlMYCJhs7YLHExhcDglqm0vTazZWJK84FipHOn4MaESHBV1wtPZ8O6p3t_-b1nLBhQnvTCr4N3OukOZPOlx2XeZTv_A_YtYiHEvxF7MaFPaFOGVTRydlY2S7YcEHwLP1UAgi2mYZ7HjTWjOt1Jjr8Yyl1CMkti0rkATT8Qo7ZADBeOmu-zoVdUwG6gAa_kPvAseDKiOMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU0MDkyNDA5OTczMzUyNTQYAA&sigh=o0xnwlrmkE8&uach_m=[UACH]&cid=CAQSGwBpAlJWa30MrBEknl-l2CUegOoFk5lfJTgLYBgB&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Sep 2023 19:42:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 2167 0
531 B 32ms
31ms Image
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=http%3A%2F%2Fdownload-telegram.org&e=wqT_3QL1Buh1AwAAAwDWAAUBCLf-gqgGEO-G6KWEvOKmQxgAKjYJcAVlhNRknT8RKMBX0hWDnD8ZAAAAIFyP8j8hKA0SACkRJAAxARvAheuxPzDb-KYDOLUBQLVeSOMDULqJirYBWMCxPWAAaJ-kVHjF8wWAAQGKAQNVU0SSAQEG9O8CmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAhxodHRwOi8vZG93bmxvYWQtdGVsZWdyYW0ub3JngAMAiAMBkAMAmAMJoAMBqgOEAwqaAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWZhZjBiYmRiLTFmMWQtNDAxZC05NWViLTUwOTNhNjA3YWEzNyZjbUV4cElkPUxWMiZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPWZhZjBiYmRiLTFmMWQtNDAxZC05NWViLTUwOTNhNjA3YWEzNyZydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD10cWNlY25mZiZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQ4NDk2ODM5NzAwNjY2MTMxMDMiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RJNU5EUTNOelEzTXpjek5qTWpNak16TkRjME5ESXlNakk0T0RVMU1nPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFpPbB-qjmxZcLwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFjPQO-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHxfMF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AfRogSKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=c85349b6a9b31d7708913201237303a5a9f0cee1&pp=ZQC_NwAGWjQA-QAQAA1rr5ZA2QDArr7PHx4Xbg&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1zdsN78AZbS0GZCA5LcPr9e18AvS4Nfgbo-ktpOTCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01NDA5MjQwOTk3MzM1MjU0yAEJqAMByAMCqgTOAU_QTFR_Rkm4PiO-Lw25hfR-hyUnvT7Z7BETpFax7u4WVGoYH5hTbOZZRCd8m8c2ELyFZsEI5VnjRqThOJsjBzKzlMYCJhs7YLHExhcDglqm0vTazZWJK84FipHOn4MaESHBV1wtPZ8O6p3t_-b1nLBhQnvTCr4N3OukOZPOlx2XeZTv_A_YtYiHEvxF7MaFPaFOGVTRydlY2S7YcEHwLP1UAgi2mcR5P6YUKBEYssCI1rcsjH8pqEBgCBrkmyxfWbTiukGS1kXcsWwunMkSgAa_kPvAseDKiOMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0H4twhzwEajQhl5p6CAWRKRgUZVA%26client%3Dca-pub-5409240997335254%26adurl%3D&cbvp=2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:49 GMT
an-x-request-uuid: 7ec59521-48dd-485a-845d-ed08d3c6ce23
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.165; 84.19.175.165; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 2A40 23 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 88890
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 19:01:19 GMT
expires: Tue, 10 Sep 2024 19:01:19 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3BFA 13 KB
5 KB 85ms
81ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 47175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 06:36:34 GMT
expires: Wed, 11 Sep 2024 06:36:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4ED0 829 B
1 KB 160ms
34ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7250acf17124fa22ef57bb02f29470efee8c2035eac0249149a4ee9703070749

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MR7wkG3UwBdyc7CQnTrVgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-MR7wkG3UwBdyc7CQnTrVgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 12 Sep 2023 19:42:49 GMT
expires: Tue, 12 Sep 2023 19:42:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A40 37 KB
14 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 06:51:06 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame E391 102 KB
35 KB 67ms
67ms Script
application/x-javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

6faf9b3930c127b8bf7d97f22a50832b6cf0ac678e16ba6fa412e0a5ec06dc2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:49 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
last-modified: Tue, 18 Jul 2023 19:47:42 GMT
server: nginx/1.17.9
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: W/"fad15dadf56fc1d71be6b240cc30b915"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 0be3286b3b5c2b7f
timing-allow-origin: *
expires: Fri, 15 Sep 2023 07:42:05 GMT

GET
H3 206 file.mp4
r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726083769/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame E878 2 MB
2 MB 48ms
24ms Media
video/mp4 2a00:1450:401e:28::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:401e:28::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5fd4bbea2602c84b40359b83d69eb7f838f205f824ab387ce389185437fbaf12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 12 Sep 2023 19:42:49 GMT
date: Tue, 12 Sep 2023 19:42:49 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2208367/2208368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2208368
last-modified: Wed, 05 Jul 2023 13:14:40 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame E391 153 KB
54 KB 114ms
114ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f0f2fc153daf5d3ef66c6e26f9b8d244212b12c27e725e237b5d2afc2bd35afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 07 Sep 2023 11:49:37 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64f98ea1-d821"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 55329
expires: Tue, 12 Sep 2023 20:42:49 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame E391 362 B
676 B 81ms
80ms Fetch
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=http%3A%2F%2Fdownload-telegram.org%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1b21be50822c8f1e162a563f05543e3d8b2f97a91e6ebcb8064ebbe13c6037e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1694547769690987-6338510761579701933-balancer-l7leveler-kubr-yp-sas-142-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H3 200 81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3BFA 37 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14745
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Sep 2024 16:08:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4ED0 0
0 123ms
122ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230907&jk=2547987266537031&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

GET
H2 200 dc_oe=ChMIktzXruqlgQMVvy0GAB3VBg1rEAAYACCsjoBdOhoIgJyQvwIQ4feciLwEGOrlleMDIO6BrIi6EUITCPWr7a3qpYEDFRAA-QAdr2sNvg;dc_rmcid=CAQSGwBpAlJWa30MrBEknl-l2CUegOoFk5lfJTgLYBgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf...
ade.googlesyndication.com/ddm/activity/ Frame E878 42 B
401 B 218ms
128ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIktzXruqlgQMVvy0GAB3VBg1rEAAYACCsjoBdOhoIgJyQvwIQ4feciLwEGOrlleMDIO6BrIi6EUITCPWr7a3qpYEDFRAA-QAdr2sNvg;dc_rmcid=CAQSGwBpAlJWa30MrBEknl-l2CUegOoFk5lfJTgLYBgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15061%26vmtime%3D31%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D492037456%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1694547769847;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E878 42 B
64 B 63ms
62ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C8xsBN78AZbW0GZCA5LcPr9e18Au4vMWyce6BrIi6Ea_bor3AARABIJWN2WVglfrwgYwHyAEFqQKyk_JsigSyPqgDAcgDmwSqBP0BT9Af1p8dkGQuYBmYfKlQJhdiibKaN4h9Wwf9WA7cJ6JuKDWNYCgdN2M-sPDgvaMA_oq47flGRjS1VSK1BOinmLPooZmxEk_1cyKdtn2odFvjSYedPKdsEiMeycK4p5ij0ojZexof-U_jdv0Gh0SbzVLz7KReOC24NHobT7mr_SKPMgKvxNos6nCdiCh35FBh-94LY5Uw1by8sIfo97w5Iai8c7xAftaAX2o6kTFKRKO3qXcTlqO4d4BTz-RhQRJ_mUkxEYtFm5juDXVD6tBbczaB0fxF4lGv0lqLyMEOb4jgDnadR9_uu39QTAG2AMTWUCtbYtJ7r-XBykFxQsAE4feciLwE4AQDiAXni-_aS5AGAaAGdoAH2I7rvgKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBO2w_YTyBPq5ZXjA9ATANgTCogUB9gUAdAVAfgWAYAXAegXBQ&sigh=MXervD7ZXmk&label=part2viewed&ad_mt=32&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15061%26vmtime%3D31%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D492037456%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1694547769847

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E878 0
557 B 163ms
79ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1Ri6c9VG1vv1vK_DJd7xXLtkhlv1_zgKmwZMspfRbcnkYkk48V0u0T6GbmNNlCq99iQ8QWRgwcjIxCKtRTJlZeTnX6QaaZGiYzQCGNtaovtsYAnWk7toEhBK6KyPfA_SebAes9HYtyUeGS24tXtdDbFRkSOFL-X9Dp5tskJMx-RXUl5pYq7aDk7ZHApIUlBpbHxaUxXxRbL4RZIezmuHIucjagoYLYI9Rt8bq-KO4JuhAfHpNnKtl2gDRdzkogR5ATvq5Y7jBJYuH7GoBb-Go4YchZ0UTOBjqujCTSxyX5OMIy3YjxaVc4_rPf8VajW2YGTsxD4rQoNenfO5hs_qhoBiJkyAzqhLHxz4hVpsb5-KA_NISbuRgd6XjVGBMjhGAfGFAF-6vkhSWtzQp8g4_GcITpZuKFsfkonzyYlrXfzyZDFDTTBbrEyjXMknXDleFV8ebbsfidCMiqGhhxHb1Y1AFoXQCYwC-bxUzxAtArr4hql8aAJlE6nHU-ysqJjdTZejr5ULiS4dpnvxd6nW9eUg57fiXo9iUFtPcaoqm9hchG4a-9htWnbOOuvMu_JeBTyorlOjnG-pRvsmKzMFum8Vjqi92J-8jGUA36WPIS_dD0bbLdEp2hPikkmoIBTDqAMCE9WzVACVWOjC4NutRnUc-m-3BR5OUHluKNPXnE6W2TqxOby3WcXdJ5Kr9VpZKp-7pKQsYFVuKCBDsOBBIR-_ieqbfGN0borbrLwZNd6YEC5RbQ2z51l1C4qmjKHw0RmT1iISiqjgX6GI9zuS-bv-9NP6_GD5v8SOq1YfHm92ylZark06GAmFVgY6ZPUgIPw6SiVCyYYoIKR5gbL-TG_TJzkUn4Rg3YCD2jBHP9K4E6yZ_6U-oiAqiwEcFFGCmg1M9bdDHmyJ39OE590Ni1KUZmjmXcc0Cl5MB62v7L8tZCCEBsI7H3IfOdfJtnku6dBtmgywTNMAyp_Ar5ym5WHfYHHr3k4NlcVf6hd3P1TtXHz7bHTH-BRPhacNes0MwCcWUhwI4q_rb5iubSrlFP-5TJpAafGpjwHGhxKEHOen6zwYs2W3qO9kGuN6vjGf1CIrbbjQq1QBt2Z6qxPmPj1mSUhcAgbb1SRiL1KeEZ-zoLhhn_gOFgN7KjjPSxSwVFezutcqAIxGAPHZh3bEwB7vLYJVdesGsVTIYsMGEroca5CJ5rYIgB4gD9GnfsPxi&sai=AMfl-YSzd1LWT5m92aXMgczW12Nhf07JcMWYljyI5Wq1S5rHduyduAeNbUA-qPeh7GtOXcOy4HCiV7u6Thdi9YQaypmBy-stNJpZx7ZgnOWlQpMW1CYCs4xXer5WsdahjPV3kKHTgSQRW0NlsS18LA6-PiiYd6Uf4ThalgwHWdjTgg4xCnhID-Y&sig=Cg0ArKJSzCljfpYqobUHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Sep 2023 19:42:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E878
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj-qgIQgJyQvwIY977y7wEgATAB&v=APEucNUND-nUcP5-wEzjgQgfol5it8B5W2vIYD9NgdVTj5etTpFf0fYbf2GQTE9felZvrPr85VAwged-eGOqxPoUGY64XhWHIg
https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgyMDYyNDEwMDcwNTAzODE2OA%3D%3D

170 B
409 B

108ms
34ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgyMDYyNDEwMDcwNTAzODE2OA%3D%3D

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:50 GMT
an-x-request-uuid: 0e660e2c-aea1-40a2-8888-1a73d0aeaaed
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgyMDYyNDEwMDcwNTAzODE2OA%3D%3D
x-proxy-origin: 84.19.175.165; 84.19.175.165; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E878 0
20 B 122ms
121ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E878 42 B
64 B 127ms
126ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9VRPcwowwDV_fZ7-CBE9-_7UF-mRJykeW-KeNkqb9hNoq5mD1PLqOgL2nzisNXwtDiKIsr476MtHi3bEfBwe2v-MonGnHLRmAgE5FjzvxOHskKwhZ_X0N-jLlKaCFYCA&sai=AMfl-YQ59uBwG2YtP91O4m2RCP__-r0v2xYg6m6FeRPA7vQ_2Sk9wZhvghuIQWQPM5o2V7Ud6Cu7zvAXFRgF&sig=Cg0ArKJSzMRFrH_EB-J9EAE&cid=CAQSGwBpAlJWa30MrBEknl-l2CUegOoFk5lfJTgLYBgB&id=lidarv&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15061%26vmtime%3D31%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D492037456%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1694547769847&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E878 42 B
64 B 63ms
62ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C8xsBN78AZbW0GZCA5LcPr9e18Au4vMWyce6BrIi6Ea_bor3AARABIJWN2WVglfrwgYwHyAEFqQKyk_JsigSyPqgDAcgDmwSqBP0BT9Af1p8dkGQuYBmYfKlQJhdiibKaN4h9Wwf9WA7cJ6JuKDWNYCgdN2M-sPDgvaMA_oq47flGRjS1VSK1BOinmLPooZmxEk_1cyKdtn2odFvjSYedPKdsEiMeycK4p5ij0ojZexof-U_jdv0Gh0SbzVLz7KReOC24NHobT7mr_SKPMgKvxNos6nCdiCh35FBh-94LY5Uw1by8sIfo97w5Iai8c7xAftaAX2o6kTFKRKO3qXcTlqO4d4BTz-RhQRJ_mUkxEYtFm5juDXVD6tBbczaB0fxF4lGv0lqLyMEOb4jgDnadR9_uu39QTAG2AMTWUCtbYtJ7r-XBykFxQsAE4feciLwE4AQDiAXni-_aS5AGAaAGdoAH2I7rvgKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBO2w_YTyBPq5ZXjA9ATANgTCogUB9gUAdAVAfgWAYAXAegXBQ&sigh=MXervD7ZXmk&label=vast_creativeview&ad_mt=32&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15061%26vmtime%3D31%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D492037456%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1694547769847

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E878 0
54 B 257ms
256ms Ping
image/gif 2a00:1450:4019:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=5~lmgpzmvv&c=7128196974618&slotId=3564098487309&qqid=CPWr7a3qpYEDFRAA-QAdr2sNvg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=976&mt=video%2Fmp4&vs=640x360&dm=15000&ple=1&umsem=0&event_name=first_play&asset_bytes=194603&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.1z0~ff.1zd~videopreviewstarted.1zg
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4019:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame E391 256 B
352 B 66ms
66ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3wcjej5lmwx5238tghrt8yj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A1403933652762%3Ahid%3A400331381%3Az%3A120%3Ai%3A20230912214249%3Aet%3A1694547770%3Ac%3A1%3Arn%3A1016302434%3Arqn%3A1%3Au%3A1694547770767231033%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C89%2C44%2C4%2C0%2C0%2C%2C13%2C0%2C151%2C151%2C0%2C151%3Aco%3A0%3Acpf%3A1%3Ans%3A1694547767508%3Ast%3A1694547770&t=clc(0-0-0)rqnt(1)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0c2194d5f2ff6bc3fbd67966b5c0861f1465ad1eb3433dd0fb20e4ab460ab07b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 12-Sep-2023 19:42:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Tue, 12-Sep-2023 19:42:49 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame E391 43 B
102 B 59ms
59ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:49 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 07 Sep 2023 11:49:37 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64f98ea1-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 12 Sep 2023 20:42:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A40 0
20 B 127ms
127ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B1UkZOb8AZdLbCb_bmLAP1Y202AYAAAAAOAHgBAI&bg=!4OOl46zNAAa6D61Rmg87ADQBe5WfOEcb-WO2pVMcDV1Ruudt9c6n9D2Oh-i2kusDGi8WBP__67JM7Wekbzg1Kzfl9AQWAgAAAkVSAAAAF2gBB5kC4sZg5G_bQV8TmtODPq-Z9pwT1wtVswPWZlSo0N17G_yVYqT_TTz3QvU85pyQBdVQoiWiF5mbnMfxAeCrSyzIrP94X4pFVllAbm42Cr3Vqdst__n9uL3Xmhotso3slyYMK4_PJxGUMewCFAUeQeVYn-BynzVWrR1PKBhnmx2-dnSGlyhXqG2Hnyv81ijpzioOTSDgad-bbXyjVnxlrfSrJzms8elokVEpALq5pBCUnc0zzW5O0Yg9Nmc7XbQgzdd-mbtpwMOeLrWjHHOBHr-5EC3lGs9T6_h8ZOgMsZHwrImd5zbqBu4ms4r-wWeWYhSQsMuUOLMg0Bg7RMkD4pY96jwGZvoJKyQIeSoreq_rOWlJbKsdHr4xfAe17xLBsZVGHrCgDILZGcPSc7uxEPCCnFrNiud6xiCwjDPBKLvBWCBLFCUePf3WJ45RhRogPjqqRmSzCiPnX5EAoLFj59jeV2jELPsym2Xo4Whgws2edHt9PJpTuhKxVBiFMbZ0-TOs3_eXv1H6he40sVLQH_j9EhTXsVfma61ZqeM2aFRLmuBvMTUzxAPHeffzG9JGJOovE2snOQjWhc_g4BdI_6zMNCP8jfFknJM5XIZzNdkCpZ155r51W_4JbgXwU7wHSD1_5cslKTeCQ36IGSC17dmEMOLUZOpVcHDFxbJNUElaEykD01ildzXCN_s4EOSszfqTzkiWw8Wf76G7MQdPoFwVquw8YyGLA2qrGCEco5-9nGOojGU4SJ4wj7WBb9QTDSrqNslvYxPJ_461-pUnay1D3ilNHrNstFx7CK2GWIec4BWul2fWlIcFzadQOzsQ7Wl1NsqdIsR8uDzCRkePHLNSj1-ttyASym0bEkScbQcam9dlf78swqk4p_lye5CGdkP5RbPu89riipNLmpEF2jX0-iEEeZQiR-7eZK5MVIJ8WaVs__zzRBLFfJ82UFo9RukmuUwLkZqpfZtjmCrhPaPZk_SRfA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3BFA 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ptwa2g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 19:42:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 csi
csi.gstatic.com/ Frame E878 0
17 B 257ms
257ms Ping
image/gif 2a00:1450:4019:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=6~lmgpznd2&c=7128196974618&slotId=3564098487309&qqid=CPWr7a3qpYEDFRAA-QAdr2sNvg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=976&mt=video%2Fmp4&vs=640x360&dm=15000&met.4=vfl.24i
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4019:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:50 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 2167
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=6a92c703-c2b5-4f0e-bfc8-569c4307e61a&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=faf0bbdb-1f1d-401d...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=82ead756c48e46e7a79b68263ebb9528&tids=15000&med=10

0
18 B

223ms
223ms

Image
text/plain

2a02:26f0:ab00::214:8ea1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=82ead756c48e46e7a79b68263ebb9528&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:ab00::214:8ea1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5413FCD831744F8FB125AC8FFA3E7111 Ref B: FRA31EDGE0715 Ref C: 2023-09-12T19:42:50Z
x-cdn-traceid: 0.9d8e1402.1694547770.d544c5b
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Tue, 12 Sep 2023 19:42:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DA365BB977B3471EAA92A93DA229F242 Ref B: MIL30EDGE1205 Ref C: 2023-09-12T19:42:50Z
x-cdn-traceid: 0.9d8e1402.1694547770.d544b36
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=82ead756c48e46e7a79b68263ebb9528&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 2167 0
669 B 34ms
27ms Ping
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fdownload-telegram.org&e=wqT_3QL1Buh1AwAAAwDWAAUBCLf-gqgGEO-G6KWEvOKmQxgAKjYJcAVlhNRknT8RKMBX0hWDnD8ZAAAAIFyP8j8hKA0SACkRJAAxARvAheuxPzDb-KYDOLUBQLVeSOMDULqJirYBWMCxPWAAaJ-kVHjF8wWAAQGKAQNVU0SSAQEG9O8CmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAhxodHRwOi8vZG93bmxvYWQtdGVsZWdyYW0ub3JngAMAiAMBkAMAmAMJoAMBqgOEAwqaAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWZhZjBiYmRiLTFmMWQtNDAxZC05NWViLTUwOTNhNjA3YWEzNyZjbUV4cElkPUxWMiZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPWZhZjBiYmRiLTFmMWQtNDAxZC05NWViLTUwOTNhNjA3YWEzNyZydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD10cWNlY25mZiZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQ4NDk2ODM5NzAwNjY2MTMxMDMiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RJNU5EUTNOelEzTXpjek5qTWpNak16TkRjME5ESXlNakk0T0RVMU1nPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFpPbB-qjmxZcLwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFjPQO-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHxfMF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AfRogSKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=c85349b6a9b31d7708913201237303a5a9f0cee1&type=pv&jm=1003&px=0&py=0&bw=180&bh=180&sf=1&sid=2514677151169220054&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:50 GMT
an-x-request-uuid: 5d7166ba-9b83-4dff-bd6f-1bab3a00020f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.165; 84.19.175.165; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2167 42 B
64 B 131ms
131ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvftsbyzPd6IOVmBhB5wpfZ2o6WYBS6eZc5pGw7MJmOVfjLnahJlKLNonVbvHZQW_737LE3knqFee9Uhq1oqCNeKheMKA7xZuQBi90X&sig=Cg0ArKJSzGp5aLpOFB3HEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230911&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1694547768607&rpt=561&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame E391 439 B
547 B 63ms
59ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&site-info=%7B%22b%22%3A%22%22%2C%22browser%22%3A%22chrome%22%2C%22extensions%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22fromCancel%22%3A%22false%22%2C%22fromGoogle%22%3A%22false%22%2C%22infected%22%3A%22%22%2C%22loyal%22%3A%220%22%2C%22old%22%3A%22actual%22%2C%22os%22%3A%22windows%22%2C%22p%22%3A%22%22%2C%22sbscrb%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22winxp%22%3A%22false%22%7D&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3wcjej5lmwx5238tghrt8yj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A2%3Adp%3A0%3Als%3A1037174847046%3Ahid%3A400331381%3Aphid%3A159105966%3Az%3A120%3Ai%3A20230912214250%3Aet%3A1694547770%3Ac%3A1%3Arn%3A936067789%3Arqn%3A1%3Au%3A1694547770767231033%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C89%2C44%2C4%2C0%2C0%2C%2C13%2C0%2C151%2C151%2C0%2C151%3Aco%3A0%3Acpf%3A1%3Ans%3A1694547767508%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1694547770%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)lt(24200)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0c7fb59243168c0f34ca78dd71b3120d916678c9cbb4137e74f9d1951d48b93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 12-Sep-2023 19:42:50 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Tue, 12-Sep-2023 19:42:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 131ms
130ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230907&jk=2547987266537031&bg=!PD-lP3DNAAa6D61Rmg87ADQBe5WfOPdJEj9rp10UoTmrddUG9Ke6TYod4oM1n3lJXeMwGx5P3UTndU_ZTxaSwLg4uFCDAgAAActSAAAATmgBB5kCwUAv13dnWiw6yIrGXqcvNVWCl8LpXidFJUSURqt4g8RP9xiI9P8hqMFiZfua4EK802ezw3_JNDz3oWslZbmdZNNBfNXDkLuZNErjFrgn09fQq9bnK1A-N6SNtJwso-IpkhMEOkgMxRTVKAJp__b1SaILS70fLir2DbBo4WrP8QeGzPtdQ41jJAy-IVFEEs1XzeEr-8SCUlb_zTKBssxSW-2uQSCkkvO-jyEeX5K_BsvrbH9ZwkR36YBRgeXoFWPbGVPlwoNINlCE2NvaxGFoFmigJf0s37fXfqpjuAFvigDRuQ9aunKJD425z5sYpkiyZFWqqAM4n95kYxELtUJzKaPfEEKChEH5IYfdfdNC9fkg5smelemSBKIqSCLmiLLU7avvN2PULU23EuEUsKOMrT5oi6r534vOyRvjRnSXWMhVhKR6z7i3Ys1c0pWMPvJMXa2OEXH-3Eg27I1bXk76zQBVOctohZKSbJn4xvB2cmQAmZAaNqgkubql6JANKjHaLM_wSlKT-wAqtF7BoYlaL2j4bdTOOtCShnVu_KEOqVyCl7rHKwZQdLvJ9wENeuQoU1nL4HXIEOS4304VYNnJLmNzsLrL229tovCDiIgD3Z-z6Fa5yRf2T5YmpLCwL0L-sTNjjsb4N8otRFppJ1hzcMW5YZWNIKlrw3xUinjTT6p8pCCt8IRCh_aSOE50VrX1KCwBpKva2gsX6UsvTNnrmssfviHBR0MEew3k-Cm9qppzAd7uWE_Lp59lJC1LXbhIeVe5jEO2B2zYvdwaUfZzKJ6DinhsgLim4kf-qV3QtdQFoKFbyaNO5cUp47cgqnWJnHIej3TX1sBmwTo-IJ2xMMSL3h2HjbhDlVKurjGHKLd4A_csOUfW6B4Q6n21gx4u0PKsY9tDP4yuXjJVikWv0QKlhrP13TT6Zg_OYH196isbYw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

POST
H2 200 28975340 Show response
mc.yandex.com/webvisor/ 43 B
207 B 285ms
115ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/28975340?wv-part=1&wmode=0&wv-hit=159105966&page-url=http%3A%2F%2Fdownload-telegram.org%2F&rn=609260058&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1694547771%3Aw%3A1600x1200%3Av%3A1111%3Az%3A120%3Ai%3A20230912214251%3Au%3A169454776711178037%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Ast%3A1694547771&t=gdpr(14%2C14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:51 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 12-Sep-2023 19:42:51 GMT
content-type: image/gif
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 12-Sep-2023 19:42:51 GMT

POST
H2 200 28975340 Show response
mc.yandex.com/webvisor/ 43 B
73 B 61ms
60ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/28975340?wv-part=1&wmode=0&wv-hit=159105966&page-url=http%3A%2F%2Fdownload-telegram.org%2F&rn=1014959291&wv-type=3&browser-info=we%3A1%3Aet%3A1694547772%3Aw%3A1600x1200%3Av%3A1111%3Az%3A120%3Ai%3A20230912214251%3Au%3A169454776711178037%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Ast%3A1694547772&t=gdpr(14%2C14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:51 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 12-Sep-2023 19:42:51 GMT
content-type: image/gif
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 12-Sep-2023 19:42:51 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E878 42 B
64 B 127ms
127ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9VRPcwowwDV_fZ7-CBE9-_7UF-mRJykeW-KeNkqb9hNoq5mD1PLqOgL2nzisNXwtDiKIsr476MtHi3bEfBwe2v-MonGnHLRmAgE5FjzvxOHskKwhZ_X0N-jLlKaCFYCA&sai=AMfl-YQ59uBwG2YtP91O4m2RCP__-r0v2xYg6m6FeRPA7vQ_2Sk9wZhvghuIQWQPM5o2V7Ud6Cu7zvAXFRgF&sig=Cg0ArKJSzMRFrH_EB-J9EAE&cid=CAQSGwBpAlJWa30MrBEknl-l2CUegOoFk5lfJTgLYBgB&id=lidarv&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,164,119,373%26tos%3D2032,0,0,0,0%26mtos%3D2032,2032,2032,2032,2032%26amtos%3D0,0,0,0,0%26mcvt%3D2032%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2289%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D1%26pst%3D257%26dur%3D15061%26vmtime%3D2322%26dtos%3D2032%26dtoss%3D1%26dvs%3D2032%26dfvs%3D2032%26dvpt%3D2289%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D492037456%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2032&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1694547769847

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 28975340 Show response
mc.yandex.com/webvisor/ 43 B
218 B 61ms
61ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/28975340?wv-part=2&wmode=0&wv-hit=159105966&page-url=http%3A%2F%2Fdownload-telegram.org%2F&rn=50453549&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1694547772%3Aw%3A1600x1200%3Av%3A1111%3Az%3A120%3Ai%3A20230912214252%3Au%3A169454776711178037%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Ast%3A1694547772&t=gdpr(14%2C14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:52 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 12-Sep-2023 19:42:52 GMT
content-type: image/gif
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 12-Sep-2023 19:42:52 GMT

GET
H2 200 dc_oe=ChMIktzXruqlgQMVvy0GAB3VBg1rEAAYACCsjoBdOhoIgJyQvwIQ4feciLwEGOrlleMDIO6BrIi6EUITCPWr7a3qpYEDFRAA-QAdr2sNvg;dc_rmcid=CAQSGwBpAlJWa30MrBEknl-l2CUegOoFk5lfJTgLYBgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf...
ade.googlesyndication.com/ddm/activity/ Frame E878 42 B
107 B 223ms
221ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIktzXruqlgQMVvy0GAB3VBg1rEAAYACCsjoBdOhoIgJyQvwIQ4feciLwEGOrlleMDIO6BrIi6EUITCPWr7a3qpYEDFRAA-QAdr2sNvg;dc_rmcid=CAQSGwBpAlJWa30MrBEknl-l2CUegOoFk5lfJTgLYBgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,164,119,373%26tos%3D3644,0,0,0,0%26mtos%3D3644,3644,3644,3644,3644%26amtos%3D0,0,0,0,0%26mcvt%3D3644%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3901%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D2%26pst%3D257%26dur%3D15061%26vmtime%3D3935%26dtos%3D1612%26dtoss%3D2%26dvs%3D1612%26dfvs%3D1612%26dvpt%3D1612%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3644,3644,3644,3644,3644%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D492037456%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3644;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1694547769847;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E878 42 B
64 B 62ms
61ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C8xsBN78AZbW0GZCA5LcPr9e18Au4vMWyce6BrIi6Ea_bor3AARABIJWN2WVglfrwgYwHyAEFqQKyk_JsigSyPqgDAcgDmwSqBP0BT9Af1p8dkGQuYBmYfKlQJhdiibKaN4h9Wwf9WA7cJ6JuKDWNYCgdN2M-sPDgvaMA_oq47flGRjS1VSK1BOinmLPooZmxEk_1cyKdtn2odFvjSYedPKdsEiMeycK4p5ij0ojZexof-U_jdv0Gh0SbzVLz7KReOC24NHobT7mr_SKPMgKvxNos6nCdiCh35FBh-94LY5Uw1by8sIfo97w5Iai8c7xAftaAX2o6kTFKRKO3qXcTlqO4d4BTz-RhQRJ_mUkxEYtFm5juDXVD6tBbczaB0fxF4lGv0lqLyMEOb4jgDnadR9_uu39QTAG2AMTWUCtbYtJ7r-XBykFxQsAE4feciLwE4AQDiAXni-_aS5AGAaAGdoAH2I7rvgKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBO2w_YTyBPq5ZXjA9ATANgTCogUB9gUAdAVAfgWAYAXAegXBQ&sigh=MXervD7ZXmk&label=videoplaytime25&ad_mt=3935&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,164,119,373%26tos%3D3644,0,0,0,0%26mtos%3D3644,3644,3644,3644,3644%26amtos%3D0,0,0,0,0%26mcvt%3D3644%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3901%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D2%26pst%3D257%26dur%3D15061%26vmtime%3D3935%26dtos%3D1612%26dtoss%3D2%26dvs%3D1612%26dfvs%3D1612%26dvpt%3D1612%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3644,3644,3644,3644,3644%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D492037456%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3644&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1694547769847

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Sep 2023 19:42:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 14:43:54	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 14:43:54	Name: pcs3 Value: 1
.yandex.ru/	1970-01-21 00:18:27	Name: i Value: uOpn5/vh0pWc+CtU5phNzX6aV6EHZZjLu2ScwkfROrqPmItycIGoB74EVZRJ0Ho7fonvImeezcXkCzH9PZVezxfkwn8=
.yandex.ru/	1970-01-20 23:28:03	Name: yandexuid Value: 9469640241694547766
dariolunus.com/	1970-01-21 00:18:27	Name: userid Value: 875bcfc1-d293-48ff-b503-b0dc7b25e97c
.download-telegram.org/	1970-01-20 23:28:03	Name: _ym_uid Value: 169454776711178037
.download-telegram.org/	1970-01-20 23:28:03	Name: _ym_d Value: 1694547767
.download-telegram.org/	1970-01-21 00:04:03	Name: __gads Value: ID=8d15a175d715b0a0-221cc2466fde007a:T=1694547767:RT=1694547767:S=ALNI_MYTy4AEvqkCrVSras2whQnWwsrOQQ
.mc.yandex.com/	1970-01-20 14:42:28	Name: sync_cookie_csrf Value: 3691266745fake
.download-telegram.org/	1970-01-21 00:04:03	Name: __gpi Value: UID=00000d921bef3da0:T=1694547767:RT=1694547767:S=ALNI_MYasz1Pm9AtgNE0j6uKwmHDReQsmA
.download-telegram.org/	1970-01-20 23:28:03	Name: pmvid Value: 875bcfc1-d293-48ff-b503-b0dc7b25e97c
.download-telegram.org/	1970-01-20 14:43:39	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 14:42:28	Name: sync_cookie_csrf Value: 3532925392fake
.yandex.com/	1970-01-20 23:28:03	Name: yandexuid Value: 9469640241694547766
.yandex.com/	1970-01-20 23:28:03	Name: yuidss Value: 9469640241694547766
.yandex.com/	1970-01-21 00:18:27	Name: i Value: uOpn5/vh0pWc+CtU5phNzX6aV6EHZZjLu2ScwkfROrqPmItycIGoB74EVZRJ0Ho7fonvImeezcXkCzH9PZVezxfkwn8=
.mc.yandex.com/	1970-01-20 14:43:54	Name: sync_cookie_ok Value: synced
.dariolunus.com/	1970-01-20 15:25:39	Name: uuid Value: 875bcfc1-d293-48ff-b503-b0dc7b25e97c
.yandex.com/	1970-01-20 23:28:03	Name: ymex Value: 1726083767.yrts.1694547767
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2144652001694547767
.uuidksinc.net/	1970-01-20 23:28:03	Name: jcsuuid Value: XOaQhCaRBBpayCfAiXW3
.dariolunus.com/	1970-01-20 15:25:39	Name: oid Value: XOaQhCaRBBpayCfAiXW3
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1206261741694547767
.yandex.ru/	1970-01-20 23:28:03	Name: yuidss Value: 9469640241694547766
.yandex.ru/	1970-01-20 23:28:03	Name: ymex Value: 1726083767.yrts.1694547767
.download-telegram.org/	1970-01-20 14:42:29	Name: _ym_visorc Value: w
.betweendigital.com/	1970-01-20 23:28:03	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 23:28:03	Name: tuuid Value: 08ed2758-0bcb-52ff-8cfb-c72ce9fb7814
.betweendigital.com/	1970-01-20 23:28:03	Name: ss Value: 1
.betweendigital.com/	1970-01-20 23:28:03	Name: ut Value: ZQC_OAAG2egeUwkMhLIPuPuRCl5XMx_YNa_bzA==
.ohmy.bid/	1970-01-20 15:25:39	Name: uid Value: 9d3a621f-1383-4dae-a9d1-12ae6e587cbe.6500bf38.e456638d303f82a5
.gnezdo.ru/	1970-01-21 00:18:27	Name: uid Value: XV9maWUAvzh5HLmea9WqAg==
.dmg.digitaltarget.ru/	1970-01-21 00:18:27	Name: viuserid Value: EbC8aEcaEfJjkh-7mQ5P
dmpprof.com/	1970-01-20 14:43:10	Name: nmatch Value: 14_XOaQhCaRBBpayCfAiXW3
dmpprof.com/	1970-01-21 00:18:27	Name: uid Value: ecf205b7-3ba7-4e10-8b27-6fa960f37ed2
.bing.com/	1970-01-21 00:04:03	Name: MUID Value: 30D399B042386D4015788A3A43E56CFF
.doubleclick.net/	1970-01-21 00:04:03	Name: IDE Value: AHWqTUlYkHOEQn4de0SWXdKiq1LkruvIq_sLPIpBpDg7dp2sABewqm0jE7oLq3DdIYE
.doubleclick.net/	1970-01-20 19:01:39	Name: APC Value: AfxxVi6Wn3DsALRCjMEkD-K40ENa-QQBYSg0VIMB0XQfbZekC6fARA
.yandex.ru/	1970-01-21 00:18:27	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-21 00:18:27	Name: is_gdpr_b Value: COj6IhCGzgEYAQ==
.adnxs.com/	1970-01-20 16:52:03	Name: uuid2 Value: 4820624100705038168

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1 Message: The resource https://tpc.googlesyndication.com/simgad/9697244555934136908/14763004658117789537?w=600&h=314 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
ads.betweendigital.com
adsdk.microsoft.com
ams3-ib.adnxs.com
an.yandex.ru
avatars.mds.yandex.net
bid.g.doubleclick.net
cdn.adnxs.com
cm.g.doubleclick.net
csi.gstatic.com
d.uuidksinc.net
dariolunus.com
dm-eu.hybrid.ai
dmg.digitaltarget.ru
dmpprof.com
download-telegram.org
exchange.buzzoola.com
ext-strm-itt01.strm.yandex.net
favicon.yandex.net
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hunterers.com
ib.adnxs.com
imasdk.googleapis.com
installpack.net
log.strm.yandex.ru
match.ohmy.bid
mc.yandex.com
mc.yandex.ru
mpraven.org
msstral.icu
pagead2.googlesyndication.com
partner.googleadservices.com
r2---sn-4g5ednsr.c.2mdn.net
s.uuidksinc.net
static.addtoany.com
storage.mds.yandex.net
strm.yandex.ru
tpc.googlesyndication.com
uuidksinc.net
www.bing.com
www.google.com
www.googletagservices.com
www.gstatic.com
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
z.cdn.adtarget.me
138.201.34.238
142.250.186.130
167.235.14.51
172.217.18.98
176.99.5.252
185.15.175.157
185.89.210.244
185.98.54.153
188.42.191.196
2001:41a8:104:3::3
23.43.60.179
2606:4700:10::6816:46c5
2620:1ec:bdf::45
2a00:1450:4001:800::200a
2a00:1450:4001:802::2004
2a00:1450:4001:803::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4019:808::2003
2a00:1450:401e:28::7
2a01:230:2::21f
2a02:26f0:ab00::214:8ea1
2a02:6b8:20::215
2a02:6b8::158
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::28d
2a02:6b8::36
2a02:6b8::487
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
2a06:98c1:3120::3
31.220.27.134
37.230.131.21
66.102.1.156
81.171.9.38
85.192.12.174
88.208.46.156
88.208.46.60
88.208.5.115
93.95.102.105
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
05d18955853a018a783dde77bcf072fb4e36df5bffafefb7be0e5e97411ab092
06514f1804481fd8be676e6d5f4396dbc4e5d3008210680ff44b146a3137012a
068bf34fc9c2610d2ddd33ed3a464d19e58c6a66364c31420e427532b52ca927
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2194d5f2ff6bc3fbd67966b5c0861f1465ad1eb3433dd0fb20e4ab460ab07b
0c7fb59243168c0f34ca78dd71b3120d916678c9cbb4137e74f9d1951d48b93a
0cfc1f26f4516f7fb08a43e0d0b69f4b5e5a5529eea3e2d80b3d0435c668a740
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
0e5ff0847eadf9d7d6cb7b17033f5e5995e55a4589cad919722369edfa151969
106c8edc4d0efd3fa76416d64a5758928d2b68549945c0192058979a881ebd40
15684309274ca43c5240c88c5be2c9ed2f56ed2b38d0367dc372760f9e287c50
17382519cd5f72a37af1a938f107223a4e091a412c4a4d9a9c13205c8d732344
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
1b21be50822c8f1e162a563f05543e3d8b2f97a91e6ebcb8064ebbe13c6037e4
1c0b59a3e2b69a628dc0425d73a64bba1f837625a7bd17dd3cbe5bb08c5df03d
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1eb69777c7ff28fa45c7721829f998c9427fac094a1f96b55164b48fb1553c78
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2154436416c542f3c7ed80b91ff50beff8a43f43076e8658533c8ed4e7bdfdd0
25dacfdeeb50184e3da7d86bf1102f38421606cf9ef14a6df9a6cebb130661ce
266d747bc2251130403b329830c637ae7aff70c14b8672adaeb3490e6726b4e2
2946c38aa61b15468032bf70031394c07a4e1af09aad4a49c547ce4752b49b2b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2afb76ffc5374245e6402622fa34fd329aacd836ba1e7c3a865063cd446453ea
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33fd8f3cab06b51f6b8e1ed8ebacd76c42a33d17becd097447878d054068a3f3
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
35bb84867821accef04687a4ebf2309214f822456767925836a1c8442118d4b5
380b46f90ddea042fadd02cd90ba8a1c18b7ff302a0c82ee98e0a1aeba4c7fa6
3a19ff3554a1e589f756a92be8263726674127c133feb1d333095668b77ba08c
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d3ea446b44bd1d64dd9e973c0fbc56c6c50541814b038653a80c723baed86a2
3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43
401503518894f575673732c689a7885c78bb615900c0c3f726765eb4ce6aa799
45eb85486762b6f590083f2dbaec645b06706824904b64fe0f55ae3f486bf716
46a9423304c00ed5bddd23e4db997587770ece0e0f30475b091b15da2c733bbf
4958607da2a850ef6629c21420710b7c9fec2b0de527bcad62d9d88f54f079a1
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4979e0bef137946676a306c45a2f1c04b0b9cae25362677439dff13248c2348b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
50811b95697b8a5fedd7fb29d16f2738005b5de2c35c13d6556bbfaff5f1d262
5249fdfaed19d57f3207ab33d224c86bcef26a6e8044e60785216eb07e27639b
5298b1e57cb7a787b0bb251c78cc9c33793b95937c66cd0cbaed85287a24355c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b0132a1207a2ecf8ee8b12e208fe7551108d09de8f8aeb6a019b77c22057bf
54bc30a4cd8464bb75013d18866ffa4f74e08d1ffe3238e0100770ada8947969
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562f74199a50c24bcb7d088e403d9cc7e0b5df53297b4d3a62fede4a4cb89623
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5b7bba28948fe9974d6eaba0fbcf9356b9fdaeb8991bc5527c9862078c0f2981
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d1dcfe8737cf39d0592a0c41c3533ebb5e9c5ae69de5f08b90e3dd9afc7fa93
5fd4bbea2602c84b40359b83d69eb7f838f205f824ab387ce389185437fbaf12
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b63a5a62fc7cb754c2ee0ca485c32c16901f7401cc38270dbb10f2e94462560
6b829fb8f86ef0240affa313e529bbd854e648938d97a5c38645f0335205b504
6d1a7b75f8b04d053dc989b69d2cb2374a8bbc5734f7be357812530ec074a805
6f82a27bc12d72baa63167352a41b5452b402fba4f7c6d95a1710744f74c86b8
6faf9b3930c127b8bf7d97f22a50832b6cf0ac678e16ba6fa412e0a5ec06dc2b
70acd0f21e444b41bbd6cca39a449839c6f7c8ace11c94394c06ab17dea4bbe2
7250acf17124fa22ef57bb02f29470efee8c2035eac0249149a4ee9703070749
726e6fccf52b913f76c5356d49ac8447db214dad2643dd7eeb28aefc9011cf40
73bc929211defe407628e46df763f74e58f9ac85bf8d4ef7b39ecbee4c7d2359
74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7c0aea7b92e8dc151bd67d1344cf131f0d718598f7ed3371bcd72136458bd76a
7d718af4f11881bb2d7887d9e910209de6606a1bb7db1609876ce988683d7b5f
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
80042a2ba4be8704e8b41ec93c8e81a2c6df1f2b4176b272fefa2611a5af30b5
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88bda51f0c0aa0b427d05aa2754838d4456501044238611d71bc6609d7b3fb4a
8914453333ccd41fd693ee306d6fad4b6d387a15345b64471aaa5624e652bb91
8d74b7089a68f822f535c265ed9b4faf167417defaeed5985d00f7d1f8d83007
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
90eec26631750771c30336de6715aad19b3adc4d4f271686a477c0edc9042a01
92545ae7b38b727089c99033d3557a18ee913a608fe8b26fb24973eb8660f17d
92d967aa9f47d13c45fa328edf25255a86f1b4cabf5673a516166a274da4c235
9376799de16be2c37eb634eb3b6dec5c7e3aef8514df4b9669077cf76fc96636
96840bd7cc7d8edd1d1ffaff60d7f335fd866cd9a6132c8524d620482f4df64a
973408bd1a1da181c7eaa9293c0cd095f3836a76b626bc76af21e1cd96b5dcde
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a8055e54d37fc509c6e60476b2139f392bd2c8eb4dea39ebb8b371e0cc2b624
9b63737f4359b834628a64ee5f00acf5f954ba2f4875ff69360dcdc064d5a9dc
9bfbf9f281853aa93ff0bdb29d5935fdede5b5aefecc87645b26c047d11129bd
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9f3f0ace3076a9187e441c0a7dc34ec29b87b6c673317f0f59e5741a75918b41
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
ab77eaac8440d50b7b37c5eacace4b577536ad17c5ff562668ce9e8853be66d7
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f798097d6f80c7dfa36878092865f5f88160f9e3f3786f158c78cc37820e14
b46f0c580b3e0c5e10ef63e66e41e0e2e33aed5fb55a82bb7004fb4d8a0059a8
b65482c4f7f198e9e37a5a600bdda73dc504dbcb0f49454644b171bfded11786
ba08211e0a4669384dee0dc42fae6962587e31a06146a31a2ad5a766a3354eb8
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
c2c327ca95a833151112b0881d9b13d4d75d7a1db597c0593cc540f2083a0ee2
c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48
c868fb0a3e20bff3cd594c7d82258e8b6b9c6967ab871f7a54f7dfa11ee4d8cb
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
caeaf02fa4a8a45438c270767c4e50fc7f3ed5f94a4c90984eaacb87c2e8a693
cec11d61a467788c1860c280316423d8920bd9a32e310a5738c0bb3a43bd7545
d83e92979ff5dd3ed892c60b8534fc3735f6d4206f50db149af2f3dea158bf4a
d9f5a7bb86b216f27dfde6db9d0a65689c3bd94e63348d084489791df472533c
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e297d43a72fb1dabda5aa50289e20db2f9577a47970126203e6ea78132136f51
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e7932922a7a128ab9286f9bdf0bdbbd73a0643a98554759f269fa14e029cf159
e8f19f3572bf66995550c7ace5fbb33774f774f245208b599ed2317a94e400ef
eebf6cc55ea3e4ca212dd3da2673c12739e0e482b5665345bf87d2dea5589d34
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f2fc153daf5d3ef66c6e26f9b8d244212b12c27e725e237b5d2afc2bd35afe
f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76
f15944f6f227cf9f6941788e04a4f529f29f1c2b7894c9143a3f751c6830df05
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f71a02c3678fa32960a613b256b1f91f4f4383bc95c24e8faf8771bc849083d0
f8b64bb41a352ab183149ccef01cc3824880ed96192ab575eac8864d8b4f5d8b
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
fc25b3bb99d1ccc00675666fca8a8bd60c92836bd2f647f071173ef7d54677f6
fc91ddd457d04b82ded0d62493f7ffe97d6414de0c9f9f6ded5ab64bb470cc08
fed3bd2bbf5b4d3933f0ee54cfd5f649147d9d1e6cb730c089db3341c023acd7

download-telegram.org Open in urlscan Pro 2a01:230:2::21f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

207 Requests

86 %HTTPS

60 %IPv6

31 Domains

52 Subdomains

42 IPs

7 Countries

6785 kBTransfer

11405 kBSize

41 Cookies

3 Outgoing links

Redirected requests

207 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

download-telegram.org Open in urlscan Pro
2a01:230:2::21f Public Scan

Screenshot
Live screenshot

Full Image

207
Requests

86 %
HTTPS

60 %
IPv6

31
Domains

52
Subdomains

42
IPs

7
Countries

6785 kB
Transfer

11405 kB
Size

41
Cookies

207 HTTP transactions
4 data transactions