telegraf.by Open in urlscan Pro
2606:4700:3030::6815:6e8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://telegraf.by/
Effective URL:
https://telegraf.by/
Submission Tags: tranco_l324
Submission: On November 03 via api (November 3rd 2021, 2:10:59 am UTC) from DE — Scanned from DE

Summary HTTP 232 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 36 IPs in 5 countries across 26 domains to perform 232 HTTP transactions. The main IP is 2606:4700:3030::6815:6e8, located in United States and belongs to CLOUDFLARENET, US. The main domain is telegraf.by.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 12th 2021. Valid for: a year.

This is the only time telegraf.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 50	2606:4700:303... 2606:4700:3030::6815:6e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:6b8:a::a 2a02:6b8:a::a	208722 (YNDX) (YNDX)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
3 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
2	87.240.190.78 87.240.190.78	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
5	2a02:6b8:20::215 2a02:6b8:20::215	208722 (YNDX) (YNDX)
3	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
9	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
10	77.88.21.179 77.88.21.179	13238 (YANDEX) (YANDEX)
4	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
16	2a02:26f0:6c0... 2a02:26f0:6c00:286::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6 8	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3 7	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
4 6	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
2	3.124.136.236 3.124.136.236	16509 (AMAZON-02) (AMAZON-02)
8	213.254.244.21 213.254.244.21	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
1	2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
2	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
12	63.251.109.127 63.251.109.127	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
4	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
232	36

50 2606:4700:3030::6815:6e8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

telegraf.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.240.190.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv78-190-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 77.88.21.179 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
PTR: adfox-external-l3-engine.stable.qloud-b.yandex.net

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:26f0:6c00:286::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.226 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.220.243 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.136.236 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-136-236.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 213.254.244.21 (United States)

ASN36062 (DOUBLE-VERIFY, US)

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20518.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20519.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:5:face:b00c:0:8c (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

ad.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 63.251.109.127 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps11008.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps11019.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps11025.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps11062.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	telegraf.by 1 redirects telegraf.by	715 KB
49	googlesyndication.com pagead2.googlesyndication.com a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com 21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com tpc.googlesyndication.com	298 KB
36	doubleverify.com cdn.doubleverify.com cdn3.doubleverify.com rtb0.doubleverify.com tps20518.doubleverify.com tps20519.doubleverify.com tps.doubleverify.com tps11008.doubleverify.com tps11019.doubleverify.com tps11025.doubleverify.com tps11062.doubleverify.com	439 KB
23	doubleclick.net 6 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	335 KB
11	addthis.com s7.addthis.com m.addthis.com api-public.addthis.com	222 KB
10	adfox.ru ads.adfox.ru	488 B
9	googletagservices.com www.googletagservices.com	208 KB
8	yandex.com 2 redirects mc.yandex.com	3 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com	6 KB
6	adnxs.com 4 redirects ib.adnxs.com	6 KB
6	yandex.ru 1 redirects yandex.ru mc.yandex.ru an.yandex.ru	157 KB
5	yastatic.net yastatic.net	220 KB
4	google.com adservice.google.com www.google.com	2 KB
4	fontawesome.com use.fontawesome.com	174 KB
4	cloudflare.com cdnjs.cloudflare.com	60 KB
2	2mdn.net s0.2mdn.net	197 KB
2	agkn.com d.agkn.com	1 KB
2	google.de adservice.google.de	957 B
2	vk.com vk.com	959 B
2	google-analytics.com www.google-analytics.com	20 KB
1	atdmt.com ad.atdmt.com
1	addthisedge.com v1.addthisedge.com	1 KB
1	moatads.com z.moatads.com	1 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
1	jsdelivr.net cdn.jsdelivr.net	8 KB
1	googleapis.com fonts.googleapis.com	1 KB
232	26

	Domain	Requested by
50	telegraf.by	1 redirects telegraf.by
28	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com googleads.g.doubleclick.net telegraf.by ad.doubleclick.net pagead2.googlesyndication.com 21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com www.googletagservices.com
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com googleads.g.doubleclick.net telegraf.by ad.doubleclick.net pagead2.googlesyndication.com
14	cdn.doubleverify.com	a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com telegraf.by cdn.doubleverify.com ad.doubleclick.net
10	ads.adfox.ru
9	www.googletagservices.com	yandex.ru a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com telegraf.by cdn.doubleverify.com www.googletagservices.com ad.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	mc.yandex.com	2 redirects mc.yandex.ru
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	s7.addthis.com	telegraf.by s7.addthis.com
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	yastatic.net	yandex.ru
4	googleads4.g.doubleclick.net	ad.doubleclick.net
4	tps.doubleverify.com	cdn.doubleverify.com
4	googleads.g.doubleclick.net	a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com telegraf.by
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
4	use.fontawesome.com	telegraf.by use.fontawesome.com
4	cdnjs.cloudflare.com	telegraf.by
3	tps20519.doubleverify.com	cdn.doubleverify.com
3	tps20518.doubleverify.com	cdn.doubleverify.com
3	an.yandex.ru	yandex.ru
3	api-public.addthis.com	s7.addthis.com
2	tps11062.doubleverify.com	cdn.doubleverify.com
2	tps11025.doubleverify.com	cdn.doubleverify.com
2	tps11019.doubleverify.com	cdn.doubleverify.com
2	tps11008.doubleverify.com	cdn.doubleverify.com
2	s0.2mdn.net	21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com ad.doubleclick.net
2	ad.doubleclick.net	www.googletagservices.com
2	rtb0.doubleverify.com	cdn.doubleverify.com
2	cdn3.doubleverify.com	cdn.doubleverify.com
2	d.agkn.com	a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com 21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com
2	www.google.com	tpc.googlesyndication.com a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com
2	21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	vk.com	s7.addthis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	mc.yandex.ru	1 redirects telegraf.by
1	ad.atdmt.com	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	www.googletagmanager.com	telegraf.by
1	yandex.ru	telegraf.by
1	cdn.jsdelivr.net	telegraf.by
1	fonts.googleapis.com	telegraf.by
232	48

This site contains links to these domains. Also see Links.

Domain
telegraf.plus
vk.com
www.facebook.com
www.addthis.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-12` - `2022-08-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
yandex.ru Yandex CA	`2021-08-30` - `2022-02-28`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
*.yastatic.net Yandex CA	`2021-08-18` - `2022-02-16`	6 months	crt.sh
bs.yandex.ru Yandex CA	`2021-05-31` - `2021-11-29`	6 months	crt.sh
*.adfox.ru Yandex CA	`2021-07-27` - `2022-01-06`	5 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2021-08-12` - `2021-11-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 29 frames:

Primary Page: https://telegraf.by/
Frame ID: 2D41989C68BF9ED186EB850998BBD405
Requests: 104 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: E3217914552693A25E9CC7FC6AE335A3
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: D00E62A42AEF8B8B08D36F77ACDBC171
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 475E0F6A7573C3912C4C7831F718C01A
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 3FC3914F6304CE2428CC80BC9F9FCF4D
Requests: 8 HTTP requests in this frame

Frame: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 3D3920D4A6D25B4D2E19FA7EE90E7E4A
Requests: 1 HTTP requests in this frame

Frame: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: C8475DB9AA0738B3B51DB35381DF7088
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5FDB5E7F86D84C90E6A05BB7C29B6E4C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C9C8DE77183AF9C0B48952C8D424B136
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9913019746A2C3662EA0B96FFBE855A0
Requests: 2 HTTP requests in this frame

Frame: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 93F871BC914D248E00EEFE1464EA2A27
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhiQ5YScATAB&v=APEucNWQswFuOcDOy_84nkIqCRng3d7myEXzO9ePKTXJ_1GE6dPXutIKq1QCunyu4d7UKDKXyqkh8W_A98B-opu3SCuZXc1uJKqXmRFIzOM-oYO4IB2sW2AVWe4hVuj7z3Yxmm-shw9eorNwNiLlf8-1ikgwOr0hKkNJV4Iatne8zh1QdqT2Vqj5dSy_5yE6TC5VJh64dbfuCjsrsgyle6JhNS0koA4f8A
Frame ID: D2CF19E858186B9098323E8E7F4BD43A
Requests: 5 HTTP requests in this frame

Frame: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: B0799571209239D4234968A3D3361F1A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhiMvIScATAB&v=APEucNXhBkBqpajSy-5KbMKsWK3aXKT4olvGHbQInfAE2NZBTrqjusJn9R-dLgnUYP4dYJXthN3RaoGYB4Xbt7Wxsrxj-T5Fnbevna6CkC6jB2Ko4jpCtOkAHsUGYxUNH7MhV8sHQ4Ztw4JWNKelk85QQS1BCG1eUB2W3qXjhv9Jl5qnesOjCLsjEe7xg-LGTi_c859rwhuOoxMFJYVsScDnynpjKX26Kg
Frame ID: 87333DD90CBC3116B18CD25C78D70D7E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4sgFwpkSTKCM2rjkcYZnOhvJBlKOIAcue42XSqAI9xsVKN4IXoz8H5rQtxZJHEY0KoX5k0cMisKuB6mYF653ML8ImBj5z2Du3cDqSkTk9HHLEY7c0RkWHXR4ZLtg9jKLCNS7meoSHs26UsUYu2-G-B4vyYA&dbm_d=AKAmf-DfZKM6xfLWKw9TOwP1Aiyv6YuuRHv-c0PH_4ONN9QOoaz4jr2DcfxJFxsHSAJvXLEsutQFNbSnt19VB-asPGpwkWgByHJA_4zYgbFUCWIVAY7fI11a4wy-GJKSpFqjkFy7eVYYzCKzYmr6Nvy1Y1FHyjusdpB0KGjFSH03AqWCuAqQDnZUipnENZFWVvYyrpUctC4u6Kn5rGR9_GMRIRdQ2L3Tk4Jb_LgMFczwWHmMHsa9IQCKW4yjdiGnBwkI2iK8zRc2pwtwfUWvPQWepsSLci4atfKG4Zd9WLvtUdK6gLoCiB8NXjmb0I0WQZT66a7hjlq0V9Ul2lzu2BwoF6rFc-CecSLqpJLEl_lvjiOSJhgoiDWRkf6gEA-RclJAux1HiIbXGW3CnEf6tCk1sqBM6o7XuJ4F7VTBEjLv7AtyNGVR0sKbf2gX-_okCxfgkRsFw3rOlINsxreQULIXMmQDHnOF7ptzwsFvwXm94LezGhxZZTyy5tvKbTka13WwLpyOYKMHPJDfugKNsdzU61Wng9n0K0j869Fu-ZCuaYhlrzT7iSkbKmF-7YgxxXi5_9RSONNnoOSZbhxd639BxWWeK8ZXLhHLRca9O19kslX1vLUC_Olhb_U2uwbOil8KXqMwDoB_xaB-XHEM-3fu3H3KWo08WFrjmnUJpq1mjpAnkQdaTzar6DDrH0ZcsiPSIgVpthVgmMIC-oXMHyQZ1HAPa4772Q78apWRvzqWROAq2k6_dtW_Tvu1kbzRPdkLhGoji2CzvUT3pZ5zYs7P9MZEHSeDjnHYTco59Vo-FwXDz9a5KDg9lkp-GLmtPe_xuI_lBYEgtOUneHligB48cULL89_l1uo7vB2YnChTXouykWm9bwQffAuSRgDKl2dM1wb3RcddW8LVV87QsZYUbc4fb3toj5Tlmwij4gCfON6u3xbHVoVVRduRv7CG1iGfk32F5effKNqj1rTdDONsPKm8xr4tmLp_gX6QtAct549swvuyky2Y9gG1UvmphO35hl7CJUs0vTCMqtm48gGu1CWAwMnNSaGlfbOs09yK1uf3nMh4Arviu-HwLahndvYFNMXGuJuR-u8sKCj3k5qDVx7oq8d5DP85CbJoWNFw1aiYPmsG6jifOF33tJ7HopO1xe9HDp7zR6WWz4uryr94ypYN0dyUAxq81aKYSbzXEFelSj7qXZ9mYDYLq-3m7nAcMbTmgTtZtGTJb4MAfMtdwZFbDeM-Bfvj21v3jH3heL4BYUW8yXoEocIeEU3qJPsTtgZn5qGzMgM0g4dBx32F9iCdbzC4B-tBiLLuPcDO1llTTaFnzAN0QX8wbCgq744aQ1I6TDhT0Pz1CNBYOpUyoPlT3k0TCy7-HeGKtKmRiYWQoHU-0WutnP-92Tp_TamQadkkAWJA-08ah6EFR52fHWOA3VfJAvKWdpn_rfm1Q_zJQj4I6J4HCZWmmm1JmdgINdVYjiZZRGgnUNQUTZPGRgrvMhBY-JtN5Xl6w3k3TCkvPUkHIQ7OSC0i6eRK2AOWktLQhsqEOiMs2-KPpssuOxx36A_cvKF3inKJJxnSBPfYduHz0p3e5ch-Blfz4TCxD8tSWvFX-W6LB1dchYwmIN8BY0pEZ6tsEmaFtOAjwdY4UO38xLUvUhLp1kLnT4FSbgYVAC4IAnaXjkiIocznqPGrj8rrjFcdA5wBrB23EWrxyTjwDRbMfKoM3Xa7Gz1EQlqOK2dI8BC7Qn4Ygf-5vhuCjxRUE5UeHjs0NIHSjHFstoRFZbXSwH2LolyIli48uvSNiFFYEc5D7oVXCM3acSLQvdOTS1YRMxGFS9gYsjLU36RD-HC0QlmaFhlzxjWzZg3LNpvIHN09Ot5r86uLqmgN7TuMRoTN9ox6i7JH087CpWd5GWYP5TQdgIVybGfJs6spWtmTywYDGEV66N9aKF9lEHyunpsBeZc_Akl9Aj0JQGDDYUbMTwE1UKzAuhRg3pq8VOM8QLSqztT4mPduLPagJRRNUnn-S5TIfVet4gT0uBYH-_qZ-OWzlXvcgdf4Xk4zwFHhe8_d27X7rsZlpgAMMJ-puiwh4KEPTAvwwnPVxZ4aFJelJJBz5hFzoyqquREt4dORaU3NHwOFzORxGYfi6Y35GiEGuIB7aZOuX8Pz8R5flG62IXK8xUbM3lJzwMm_QjnnCMFV0gEFUWtGE6KysYJKmO6TMV1EjgJzD1OP3vyXQvoI6tTXu7BPqMUhOrDjycYyj-IFkU4Iov051gYoLmOAnqORJaAd_KJaoz5WPftphjqffcjgl6FvX_pwey-OF9s4UIl7c34u5nvEWf1BLvdjCkjGH7QpNrE5VbAyD2fnUL7JbwNQTSLTjmbuMbtSvMP3e_Ct1NfEKX8-l9L8KCoL2YkpHFvqceUufejsc_edvnpoVsdRR-4OUG8hdBziT2HN6YxBIpK0KV0cnhDdedGhWEcCUMaDZDCcFAhWaaugbE0izT24Z_Ba4S5G4wzXxd9iqU3W7ypoizXNstYfU6YpVM4Enk3ia-OGC18wuuscmnW6mwvKkYJUVp_8AzkwLi05EXAMM-hrGzjY75QKQRepUmpkDvLLw0ssWlDm4ed2fn5RvwdG6AKUnb1T3vTb9dMaaak3nBy_vzHdmeA6Hv8glNQYRCj9AGW6C2zanS32ZtbifPiKwP7Wx-4i0yseKh8xlbiEkTq83De4qaOWHyhmplleEWU_KJZSwN-u3y1pJVJ1ckh1W3WkmP9qh29NPQiNwIQdAUMTbNYWm3J88mvpUBNTM33ZYep907EPuaaGXUyAF0o2KdnmEkb8qbsv_IOwxTA5VBZG6LHy4uiU7qiUb53s8nrQeO_r9-SmT8V26ZFYE3OFwt2YVqKDoC091ihAt4NBQv3R7571GdLpMCVv9Io3leiyaBRUMMlf0mZ0uVfCaWDEsv7bj7rkPVV2GPoY9QvUZyIZkkU3dUXj8qTCDXSOBOg4WGJsLplr2Ao3-OHDSb4w7P7IfS6NfmaB6fdRYsf_uelq0EhHhxz9iFab3OknD-IIIzw0QgVHBk0odDNH4sS_FxZMH14CCAWqhYhfeDHKgp6pnvdWHd9XoP1QFScf53iQAEdbcMy0T_iO8RVNSgYjzzxm6rtWe2R5Qnp3feJxscDf59uFv6nc3GqmvR11wuZa2DnmZrx52O47qR_usgJ2N_QLBgHtwg8uo9_YpU93UFmJnN8ubwlBrLLYdqKg5j8wzzcia6nSjEcJZM7eL-PKSiJAQZp5oCxjN4qD_SEEK21qEkvJiIMJS8Si5CU2XLQ-bkjfJrsh3rBjn53Ra6ChW2XQYO-5r0fauhYwtb3wYxziKgf5N0VUtEee7_MIw4LJJ4F6MKqbSuJ_koSbbzbFvWAWbVo8zQq2EHd-wlsLlPqT3Q0Nim_ojcWH6Ucv1HbYrBTTDNSqm_lTvKx1XhR2LhP-FChjOySmyGEY9Vtj_zePAQ69MVK8cyAspfrXK7bAtcUNA57n4ku9eAQ7dQ8Vw1eCtkTNi1Nc2VmtKs5PZDr-KMHcHcIUM_h9poFEvraxLGO9WIjvlHcKrqSc17vdvmPzxCjMZ14egV1pp4MmU3k_T4OW0Wd64tU5ROHgngVFV_KG_vzN0mWACVh16LkCpXzZN_WREfhS49vUlYqNYQwTJSvENF7GZEkP5n1bO0g3Dus9HzqEI3gx8GmDY9rjMKehyQ_tEdKtLsL1p8lo02eszwWB10Ab0DzWmQ&cid=CAASFeRoVzcm29c4sA4CEU2fHZqU94EHsQ&rfl=3%2Chttps%253A%252F%252Ftelegraf.by%242%2Chttps%253A%252F%252Ftelegraf.by%252F%240
Frame ID: D575E911FC8AD8D4897B14DA24C9E961
Requests: 28 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3BD4C841EC36D0F1D0609A2CCCBFC640
Requests: 3 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: A8C7F164CFF925A4DD5BFA8087849104
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 289AB7114E53A7C205117E171D05803C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 981B45C26282972D094E12C81946C850
Requests: 3 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 1BD3CB0931B1C5ED376C7B3786F9A706
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 74526220F8977AFECEBCC98C3879CA47
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B23901103.271365913;dc_ver=81.235;dc_eid=40004001;sz=970x250;u_sd=1;dc_adk=358260176;ord=73z979;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=2,https%3A%2F%2Ftelegraf.by$2,https%3A%2F%2Ftelegraf.by%2F$0;xdt=1;crlt=fBAUndRZ28;sttr=23;prcl=s
Frame ID: 1BE0A7C10DD31D23B814117D5B401761
Requests: 12 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: FE83521250A773D082D964E1DA8F3CAD
Requests: 4 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: 9508F19593A1DA7819221BDD444F3E10
Requests: 4 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: 80C5E3CD2E1AFFA7BF3CA89BC8B01FB2
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1A6C4173C103F235D1B53681C42D0C17
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: D1BD0F2055A22512D5FEE76BDC981D60
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DA52849B19F76779495DD38B662DC0A6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js
Frame ID: 5A9FE75B805B8AE2F48A95ABF3D79DA5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новости Беларуси и мира сегодня: последние новости часа - Telegraf.byFacebookTelegramViberMessengerVkontakteAddThisFacebookTelegramViberMessengerVkontakteAddThis

Page URL History Show full URLs

http://telegraf.by/ HTTP 301
https://telegraf.by/ Page URL

Page Statistics

232
Requests

95 %
HTTPS

63 %
IPv6

26
Domains

48
Subdomains

36
IPs

5
Countries

3101 kB
Transfer

8770 kB
Size

32
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://telegraf.plus/
Title: Telegraf.plus

Search URL Search Domain Scan URL

URL: https://vk.com/by.telegraf

Search URL Search Domain Scan URL

URL: https://www.facebook.com/by.telegraf

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://telegraf.by/ HTTP 301
https://telegraf.by/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9445.pQdSr6YOC8rxfmWI49fe7KzBEPHi_6uHNwwoTIxCS2w_1ED1pK7dvci3v37ho-SV.TA7KYtIJNzgN99BHvuQu5f0HPw4%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9445.I9R8myrKuqS71TCM6UQiZ6tE8nNJCcISa4fRcxBnzsziOljwDF9T5LowIWCuHQqMK3py5EIJrkdKWHN_kcNqJA%2C%2C.rbv2c8-YB0w6GsaemLIYpWByvUs%2C

Request Chain 90

https://mc.yandex.com/watch/1661897?wmode=7&page-url=https%3A%2F%2Ftelegraf.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwin74n%3Afp%3A364%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A0%3Als%3A221073879832%3Ahid%3A167399804%3Az%3A0%3Ai%3A202111030201052%3Aet%3A1635905453%3Ac%3A1%3Arn%3A641901262%3Arqn%3A1%3Au%3A1635905453347128054%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1635905451923%3Ads%3A0%2C20%2C106%2C41%2C35%2C0%2C%2C179%2C0%2C463%2C463%2C2%2C345%3Adsn%3A0%2C20%2C106%2C41%2C34%2C0%2C%2C139%2C0%2C463%2C463%2C2%2C345%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1635905453%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%3A%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D1%87%D0%B0%D1%81%D0%B0%20-%20Telegraf.by&t=gdpr(14)ti(2) HTTP 302
https://mc.yandex.com/watch/1661897/1?wmode=7&page-url=https%3A%2F%2Ftelegraf.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwin74n%3Afp%3A364%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A0%3Als%3A221073879832%3Ahid%3A167399804%3Az%3A0%3Ai%3A202111030201052%3Aet%3A1635905453%3Ac%3A1%3Arn%3A641901262%3Arqn%3A1%3Au%3A1635905453347128054%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1635905451923%3Ads%3A0%2C20%2C106%2C41%2C35%2C0%2C%2C179%2C0%2C463%2C463%2C2%2C345%3Adsn%3A0%2C20%2C106%2C41%2C34%2C0%2C%2C139%2C0%2C463%2C463%2C2%2C345%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1635905453%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%3A%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D1%87%D0%B0%D1%81%D0%B0%20-%20Telegraf.by&t=gdpr%2814%29ti%282%29

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgUPxO4RTQQxpKCCJk03aI&google_cver=1

Request Chain 131

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYHvrWLl1LS44juKsRzLyQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPc3dBZCj30bd6U1vIfnUEs&google_cver=1

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENG4IYjfc6GXaAInaiQvhAE&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENG4IYjfc6GXaAInaiQvhAE%26google_cver%3D1

Request Chain 133

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg4OTE5ODMwODc4MzI0MjcwMQ%3D%3D

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPc3dBZCj30bd6U1vIfnUEs&google_cver=1

Request Chain 150

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYHvrWLl1LS44juKsRzLyQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPc3dBZCj30bd6U1vIfnUEs&google_cver=1

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEH5fNSQsYvnQTfaWmq6uFUg&google_cver=1

Request Chain 152

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQwOTQ5OTYzMzY1NDI3NTc2MQ%3D%3D

232 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
telegraf.by/
Redirect Chain

http://telegraf.by/
https://telegraf.by/

124 KB
22 KB

126ms
106ms

Document
text/html

2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telegraf.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / W3 Total Cache/2.1.8

Resource Hash

15378e9bbf3bca79dddc657f190f1d105c74e3fdb2029136080b5ab41ad7fb68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-type: text/html
last-modified: Wed, 03 Nov 2021 02:02:59 GMT
expires: Wed, 03 Nov 2021 02:20:52 GMT
cache-control: max-age=600
x-powered-by: W3 Total Cache/2.1.8
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
mainloc: p2
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R65w9258ItXiC8QFnOhKOn1Td%2B8zTLX341pfw98s9pQd3OXdEDVkOfXNa6EGACyRnsfELy0bE%2B%2FRPa06gU2ScGRS1OjaSKZTH0SldFWZJVchr7hzKz%2BHp%2FG2GKhkU4shZ7jnyFmB%2Bv2%2FNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a821192ed85c295-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Wed, 03 Nov 2021 02:10:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 03 Nov 2021 03:10:51 GMT
Location: https://telegraf.by/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9ZVa5CC4yCSrVtnI%2BJT6bbkODhypr9CXIND7RLMW9KM7YJnnF%2BVPF6F42Tvnju3H6mkIlm7hec0ZlGCVveJZh%2FvJx9oBbf%2BTkstdq3Z1NCYKZbcoqF%2FG72jkTY0oyXK2sIay%2BV6d64cqw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6a821192afe86987-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 60ms
32ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400

Requested by

Host: telegraf.by
URL: https://telegraf.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 00:37:49 GMT
server: ESF
date: Wed, 03 Nov 2021 02:10:52 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 03 Nov 2021 02:10:52 GMT

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/css/ 156 KB
18 KB 59ms
31ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/css/bootstrap.min.css

Requested by

Host: telegraf.by
URL: https://telegraf.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4404166
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17437
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-26f1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AoIRK8YMQJ6bqTq4ehQpcIzo8fucmZ8xj3LLsz07ygcuR0Ns%2Fr0OcGLi99pS%2FrkMyB9B%2FgI4ELRx02PGMUru%2BgTbRcNSDcvreuLe3IisMmkd8zL9QbmRL3fxsMkKzft%2FjNTbqkTCdoR6UXjFGH77W93H"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a821193dead7051-FRA
expires: Mon, 24 Oct 2022 02:10:52 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.10.2/css/ 55 KB
13 KB 54ms
34ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.10.2/css/all.css
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10303401
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 18EHTGCZMXAH6FMH
x-amz-id-2: c8mU9rQ6UVtEfBZyzGGXf5VVXZiikP/i6WQL7Cj6HhnShxlrabCYzx9Tu0PrvUSH3MxvM0Lpajc=
last-modified: Wed, 30 Jun 2021 15:36:08 GMT
server: cloudflare
etag: W/"164a58dcca37a5b00c22e06ee8e2fc68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnf96Q235swp4boRaI9e0%2FAAn%2BcZefiXcixB0hPlMQNlHWzDnh%2BeElQY%2Bhts40Lzt62NRWwioDpGZMYZ8PfF9Bth342pyVtKnCnYpjgKvCEVAQ8f60vUYXjBOeW12feCpOC6TF4Ah7WjbHIFNoUevWtm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6a821193cfc66921-FRA

GET
H2 200 style.css
telegraf.by/tel/app/temy/telegrafwpby/ 155 KB
22 KB 33ms
31ms Stylesheet
text/css 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telegraf.by/tel/app/temy/telegrafwpby/style.css?x34917

Requested by

Host: telegraf.by
URL: https://telegraf.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6864668933a4f66335ebc5df248779202e45b69db24e99f738a64847702d7215

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577666
cf-polished: origSize=189333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mW6NFZ9DM575e%2BqZFDS4JGu9WvAOhZja%2FDj91jI57U3W%2Bj4rKqjzTTHV%2BkPAjMrq2Q6x83gO4cA0JJXv9E1OEN4BWGW3SO3XuoIK6G3kVyD8SRAt8geBeTM4RENHbUbBCB%2BDtVotgwYD1g%3D%3D"}],"group":"cf-nel","max_age":604800}
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 05 Aug 2021 11:23:04 GMT
server: cloudflare
etag: W/"610bca18-2e395"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/css
cf-bgj: minify
cache-control: max-age=31536000
cf-ray: 6a821193addcc295-FRA
expires: Thu, 27 Oct 2022 09:43:06 GMT

GET
H2 200 facets-styles.min.css
telegraf.by/tel/app/elasticpress/dist/css/ 3 KB
2 KB 23ms
21ms Stylesheet
text/css 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telegraf.by/tel/app/elasticpress/dist/css/facets-styles.min.css?x34917

Requested by

Host: telegraf.by
URL: https://telegraf.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5c3760ebad493fbb95c0ac2cbcdeca727826c3f9c78719d2964c62abca3c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 510637
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDYjOH3gdGKdfphTJCW6cGQdEuORBaYzAcGqUfcLvxadoWVC9qVXLnHmvo0t%2FCICnqSnkA%2BSz%2FXKa%2FnyzQcdYlLjJO6XaO%2Bl2mfgU9f8FdAyuvg2E6XfWdV3jrmCqFa%2BeN%2FzW%2F0h%2BpZWXw%3D%3D"}],"group":"cf-nel","max_age":604800}
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 07 Mar 2021 07:50:27 GMT
server: cloudflare
etag: W/"604485c3-bab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6a821193adddc295-FRA
expires: Fri, 28 Oct 2022 04:20:15 GMT

GET
H2 200 html5.js Show response
telegraf.by/tel/app/temy/telegrafwpby/inc/assets/js/ 3 KB
2 KB 29ms
27ms Script
application/javascript 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telegraf.by/tel/app/temy/telegrafwpby/inc/assets/js/html5.js?x34917&ver=3.7.0

Requested by

Host: telegraf.by
URL: https://telegraf.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89f280c948d1f1484534a9ddb872db305f19ce14cdf09a380362aac0ddf406de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577666
cf-polished: origSize=2735
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2BcWauLITPDD9rz6Ea2yfPzMhp5Dzru5ALkMwqdBS0uBucMG7fR6C6QVZuTHX3mzu8x188BKF1uVi0%2F1XiBr5MVVhPjLO6sc3paH4MazxLEaiH9qPnei6%2B0kc%2FgGDqWfGLv5u9U9SbbZbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 07 Mar 2021 07:50:26 GMT
server: cloudflare
etag: W/"604485c2-aaf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: application/javascript
cf-bgj: minify
cache-control: max-age=31536000
cf-ray: 6a821193addec295-FRA
expires: Thu, 27 Oct 2022 09:43:06 GMT

GET
H2 200 style.css
telegraf.by/tel/app/temy/telegrafwpby/ 155 KB
22 KB 37ms
36ms Stylesheet
text/css 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telegraf.by/tel/app/temy/telegrafwpby/style.css?x34917&ver=5.3.9

Requested by

Host: telegraf.by
URL: https://telegraf.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6864668933a4f66335ebc5df248779202e45b69db24e99f738a64847702d7215

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577666
cf-polished: origSize=189333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSGLCth1bZbXazXX7rcC4IrXWe%2BV2FS2IL9%2BFjErYDi0DJHrTQIoCW9kqFyUUmJ9cmMpZ1CShghsC0MM5gQo2OWzbCcei%2FzTibggvDTL%2FrCdewvg8mohYc03fNra5XIk%2Fa0%2F1%2FWylM40NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 05 Aug 2021 11:23:04 GMT
server: cloudflare
etag: W/"610bca18-2e395"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/css
cf-bgj: minify
cache-control: max-age=31536000
cf-ray: 6a821193addfc295-FRA
expires: Thu, 27 Oct 2022 09:43:06 GMT

GET
H2 200 facets-styles.min.css
telegraf.by/tel/app/elasticpress/dist/css/ 3 KB
2 KB 28ms
27ms Stylesheet
text/css 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telegraf.by/tel/app/elasticpress/dist/css/facets-styles.min.css?x34917&ver=3.4.1

Requested by

Host: telegraf.by
URL: https://telegraf.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5c3760ebad493fbb95c0ac2cbcdeca727826c3f9c78719d2964c62abca3c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577666
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WoWqKt5DOFCHsMLHzwXZyG1tmr%2BNKxHlwsjB4OvOzEOoFif%2BD%2FwiwRrOZZdbtOO6CEeKdLWQdzmLGtbX9ig%2FwBKZYOpbXCIJje6vlfSdpbLu7R0ZOhJc9JwMu1Kvbo7aj8IgE3rPaGSfdg%3D%3D"}],"group":"cf-nel","max_age":604800}
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 07 Mar 2021 07:50:27 GMT
server: cloudflare
etag: W/"604485c3-bab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6a821193ade0c295-FRA
expires: Thu, 27 Oct 2022 09:43:06 GMT

GET
H2 200 Telegraf-logo.png
telegraf.by/file/2020/01/ 7 KB
8 KB 19ms
17ms Image
image/png 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2020/01/Telegraf-logo.png
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cc24db242eced50ec04836edf1df8c86b08d71f37b521c7f54577bde6ecf60a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577666
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7394
pragma: public
last-modified: Mon, 15 Mar 2021 08:25:30 GMT
server: cloudflare
etag: "604f19fa-1ce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LGtdORrJ%2BIq%2B8MM6MViTqc4ucNecU9%2FZGuD3LgvfFfq8ukUlZVQicaX%2FhUw391qbr8jooFdhb3XIbj8jjU0daK2H65NDViiTLeB6iWu5uXL2kA5zzKk6v6LY8N9zAQs6WXbQs9Sqw3CpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193ade1c295-FRA
expires: Thu, 27 Oct 2022 09:43:06 GMT

GET
H2 200 IMG_20211102_134250.jpg.webp
telegraf.by/file/2021/11/ 14 KB
14 KB 27ms
25ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/IMG_20211102_134250.jpg.webp?w=437&h=252&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 824f7782d42c2159724fc5f1c6dba056619526236c4abe67115832e144f09672

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55632
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13862
pragma: public
last-modified: Tue, 02 Nov 2021 10:43:25 GMT
server: cloudflare
etag: W/"6181164d-b6fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7G9c%2BJP4zLmCVTwrdLXC8ZunJmHXJEtVrdY2Ek%2B1TbQcMzcrZ%2FpHSKxGpNszylIRc56e7PLJDGKyf3o%2BULbCdx1GRSxy3k%2Fu%2BuKzW20AO49anX7qpNQu3%2FE%2BOXksIcMNTDgtnXR%2FMjjlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193ade2c295-FRA
expires: Wed, 02 Nov 2022 10:43:40 GMT

GET
H2 200 IMG_20211102_164253_657.jpg.webp
telegraf.by/file/2021/11/ 12 KB
13 KB 27ms
25ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/IMG_20211102_164253_657.jpg.webp?w=345&h=200&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 630b1fa3b10cdcf9845c1f21dabded6dd54ef28635ea6f3adf28c2f0c27df519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43622
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12408
pragma: public
last-modified: Tue, 02 Nov 2021 13:43:13 GMT
server: cloudflare
etag: W/"61814071-158b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cg9LK0FaOVDvcs6FmVh3orO4rLg%2BlWBkg70zugEbr05UJYTL%2FLPbNEAEGwvhe5ejfAjpeW8UydMuQSJNTJbTbYMS0V7rQz%2BzBBYRnhrFg3EZJhw5edhcB%2F9sFaN6xKfF1CvuLTJy0ovCkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193ade3c295-FRA
expires: Wed, 02 Nov 2022 14:03:50 GMT

GET
H2 200 IMG_20201006_180520_607.jpg.webp
telegraf.by/file/2021/11/ 8 KB
9 KB 28ms
26ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/IMG_20201006_180520_607.jpg.webp?w=345&h=200&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f7d72b56d2b2df7a02581a17515dcaa0ca6761166e129a29cadeb220d5e3c29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45650
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8444
pragma: public
last-modified: Tue, 02 Nov 2021 13:17:48 GMT
server: cloudflare
etag: W/"61813a7c-ddac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APwpdRXsJDEoPUDUT1%2FIO1r7cEnMgWZJAhpzuRGRRiH0W2UI%2BXsnTMAwAYPMcg1Z3GBCM4dWw2W2CY80mxz6YmO5Q8C0G8QigNpdRiFLqaIB%2FDlsT1pP4fifq%2FBr1s%2FMjtR%2BL2977FlHgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193ade4c295-FRA
expires: Wed, 02 Nov 2022 13:30:02 GMT

GET
H2 200 Niveya-na-glavnuyu-1200x560-1.jpg.webp
telegraf.by/file/2021/11/ 9 KB
9 KB 29ms
28ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/Niveya-na-glavnuyu-1200x560-1.jpg.webp?w=345&h=200&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ee1782d47409de204c31b283f5520f472a4899f6af63b30fde26dd73b63078b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50180
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8836
pragma: public
last-modified: Tue, 02 Nov 2021 12:10:46 GMT
server: cloudflare
etag: W/"61812ac6-1273e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LpxkwRnSyV8kZJ6JpFA5gQ5F7vv8fal3pK%2Ba1nENgLUZ3M%2BpmxDnhEGkhd5K%2Fa%2BqagF2aKmcam6bBvzM3KtD%2F01LEreeHtwQZ9LBRp0srWLOCtnHdJOeiESRYmOgkFEszDLDPNrVF8%2FNYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193ade5c295-FRA
expires: Wed, 02 Nov 2022 12:14:32 GMT

GET
H2 200 IMG_20211102_175107_196.jpg.webp
telegraf.by/file/2021/11/ 18 KB
19 KB 25ms
24ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/IMG_20211102_175107_196.jpg.webp?w=437&h=253&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a6d5ddb2d59955c2b3eea63f40da7f159eba49e60cb9670da8a3690e359705b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3709
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18632
pragma: public
last-modified: Tue, 02 Nov 2021 14:51:30 GMT
server: cloudflare
etag: W/"61815072-13dba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8yGV39WzWUVk7ZZiceSIxqNknGRRKERERadY%2B8pAp6sEiIAzRiXONn6Erg2ptyVOkxc1oOe7kAmiul8IjMVb2CUss2xDVWPoiQVVqP37AM%2FhVxJutjOGVMChmwmI0CjWhQ2t2LKzaED2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193ade6c295-FRA
expires: Thu, 03 Nov 2022 01:09:03 GMT

GET
H2 200 Foto-PUT.jpg.webp
telegraf.by/file/2021/11/ 8 KB
8 KB 20ms
19ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/Foto-PUT.jpg.webp?w=437&h=253&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 865a58f575c44c2ccdeabdcce7c3f80d9b62b0e7a7ac91b481e1579773cf3f8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29849
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7808
pragma: public
last-modified: Tue, 02 Nov 2021 13:36:13 GMT
server: cloudflare
etag: W/"61813ecd-101be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94AkoJicH%2BG1h7SriyAwvyesKDyF3%2FfK8AsD%2Fuwg8ZWf%2FJGtCHLtqQ%2BTz46507jnW1LqBn3VIEDDO0VN8TPhj3eRmmpI0xsBnaGYinY5lTdtHuqn4KxaEq1OS94stIYuh4JAwmf1wDJgEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193ade7c295-FRA
expires: Wed, 02 Nov 2022 17:53:22 GMT

GET
H2 200 foto-derevev.jpeg.webp
telegraf.by/file/2021/11/ 25 KB
25 KB 25ms
24ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/foto-derevev.jpeg.webp?w=437&h=253&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0e24c4738e6547e31d8dc472aadd65cf739442e1bd3fc4eb5e78798a2668231

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33315
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 25390
pragma: public
last-modified: Tue, 02 Nov 2021 12:39:32 GMT
server: cloudflare
etag: W/"61813184-17978"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5j%2Br2VjamrRng%2BT7gLKuAoNdyfadbG1VliHxl2ugQG3mlLzCZt1f4vDse2Ud6X0gCn0z8ZyILb9GVKupyfFKgvJUdb%2F7vzOWibxhMb6qmJ2lpPNxBBaE6rGw1uu6LGYWacBeDukRLsz2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193ade8c295-FRA
expires: Wed, 02 Nov 2022 16:55:37 GMT

GET
H2 200 IMG_20211102_160448.jpg.webp
telegraf.by/file/2021/11/ 41 KB
41 KB 20ms
19ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/IMG_20211102_160448.jpg.webp?w=730&h=400&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccbfb499a61ae34892923b98765f91ee9175111e1793d62413ef242c3a603725

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47011
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 41658
pragma: public
last-modified: Tue, 02 Nov 2021 13:05:14 GMT
server: cloudflare
etag: W/"6181378a-129de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcx69T%2Fbdl2jKqpe1A5N4jvbG5tJDIdldZ8UxTXVt6rLe844SJI%2BRcOzjQ3ydp2OSfD%2FzGQok8YdNuzzBzH8mEpCaA0j84eMUTYqsP2EjYxzQAkzQKIp2KY58HV%2BqN5QUcvNRa%2BfzUHI0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193ade9c295-FRA
expires: Wed, 02 Nov 2022 13:07:21 GMT

GET
H2 200 000_1WJ05Z.jpg.webp
telegraf.by/file/2021/11/ 11 KB
12 KB 26ms
25ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/000_1WJ05Z.jpg.webp?w=361&h=399&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c43b1c1468a868dafbd409c72f2e05e3a52d7be6cc9c2deec15b0117befc41a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3709
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11638
pragma: public
last-modified: Tue, 02 Nov 2021 12:31:35 GMT
server: cloudflare
etag: W/"61812fa7-ef26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MecKm%2BgSyG6T2Ffb3QEIWvcTeG9AKCuEY3RsQ6LsP3umWBR%2FU3tN3qwoBUo1m9roM42mUaePj33Y5JMCKtIIRq%2FPLZsFvfsLiOWTfiQlRNpeQ57EaBZw0BJGdgFZ9OSsPN9eHn48uowsSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193adeac295-FRA
expires: Thu, 03 Nov 2022 01:09:03 GMT

GET
H2 200 756218740036434.jpg.webp
telegraf.by/file/2021/11/ 8 KB
8 KB 27ms
26ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/756218740036434.jpg.webp?w=437&h=253&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9a305d79e3bbd4bedd6143bde0a38394a201ea40a38391ed126a18e4451e724

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46012
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8252
pragma: public
last-modified: Tue, 02 Nov 2021 11:39:06 GMT
server: cloudflare
etag: W/"6181235a-67ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lvrGZoj73XKPNE7laBYvCdShvj5%2Br54eIojr1Laajzs5udy2zfsa2fj8wtsFjyZ3quUzQW2WOcsR9AOLgSVgnlHc%2Fq7e6u4q776GDAbJxkiPId2kDixKnYaiAxJoKftLkGdwPiou4OcvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193adebc295-FRA
expires: Wed, 02 Nov 2022 13:24:00 GMT

GET
H2 200 web-TASS_22659740.jpg.webp
telegraf.by/file/2021/11/ 16 KB
16 KB 26ms
26ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/web-TASS_22659740.jpg.webp?w=437&h=253&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65c7f05f26feac375d0ebcbf0096d310e7663511d0dba9d055245c26318180f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47296
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16326
pragma: public
last-modified: Tue, 02 Nov 2021 11:16:25 GMT
server: cloudflare
etag: W/"61811e09-1cb3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MmQpXPo523RAzJkwYVgAOsq%2BUZ1vMl4L%2FEvd56wkdHf4%2Bcuj46umukk4wnzkVIfrwuvHsJg6HQjMHlS%2BZziZo2TIntCH6V8zAkY7dV1pvm27Xpc2hSPAy3qXQn1kBhbJsv%2BogURcwT2JqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193adecc295-FRA
expires: Wed, 02 Nov 2022 13:02:36 GMT

GET
H2 200 85187923916edb91a82fbff64055d6bd.jpeg.webp
telegraf.by/file/2021/11/ 13 KB
13 KB 27ms
25ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/85187923916edb91a82fbff64055d6bd.jpeg.webp?w=437&h=253&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 620f91730b2c17570a072469c405bf526a53ee4fcccf2078f9f7d8a93417a1da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49312
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12990
pragma: public
last-modified: Tue, 02 Nov 2021 11:01:37 GMT
server: cloudflare
etag: W/"61811a91-13b60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvDWivieC2bR3K5ndon06%2FXuSRzfYDV1n9oEDKElzdCqV%2FQqQ3W4fQfTs%2Fesy5Tu2xgqgBFKo5gwE7C8zunTNE0DnGTJwmEZSMAYk0EzhYJv7VdNj1JrYfHkqlNzdOUvjjyKG7SWKWVLng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193bdedc295-FRA
expires: Wed, 02 Nov 2022 12:29:00 GMT

GET
H2 200 latushko-putin.jpeg.webp
telegraf.by/file/2021/11/ 8 KB
8 KB 27ms
25ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/latushko-putin.jpeg.webp?w=361&h=399&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b299ac8986f5ddc1f2714281d8203d005c595f597d835f412867d101175610a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39416
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8234
pragma: public
last-modified: Tue, 02 Nov 2021 10:01:09 GMT
server: cloudflare
etag: W/"61810c65-a836"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hRsiFYIGAPt6yhqKpUHu8pPxohz8c0SKBJ72qIlI6x98N%2FLZXWipMW%2FWFyH5nhoEbWpGNuVAlPrRRzWyslI983GPkKmU6c8GowCfWhb%2BnXDA3bcXVoNZ5JHkkGOFiqWTC%2BDzwS3OfccDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193bdeec295-FRA
expires: Wed, 02 Nov 2022 15:13:56 GMT

GET
H2 200 Tourism.jpg.webp
telegraf.by/file/2021/11/ 42 KB
42 KB 33ms
30ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/Tourism.jpg.webp?w=730&h=400&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03d0582d4320dae2d559c8a9469bf838a56afacb208c107dc421af898975f919

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58520
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 42654
pragma: public
last-modified: Tue, 02 Nov 2021 09:55:13 GMT
server: cloudflare
etag: W/"61810b01-126d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CR23UgY6JB2HLefnXHcopiHBQU0vAJKExVq%2FV3lqEJAM6IBkjWds2Se3v3ykcRy9rPbjn%2Bs5vIf%2BXCI7Tk6%2FTH0roF6%2FjwTLNNFJBOeey3vwG8gnRHHGrQVA6YxnIvEUo5yuETjD2CEfog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193bdefc295-FRA
expires: Wed, 02 Nov 2022 09:55:32 GMT

GET
H2 200 c86RdTy6uJbSwJT4.jpg.webp
telegraf.by/file/2021/11/ 15 KB
15 KB 25ms
23ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/c86RdTy6uJbSwJT4.jpg.webp?w=437&h=253&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1821aae591ab857fbb03ede5b4b2a22f25420bae6564a4a86a1cd6a7efe0142c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52170
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15308
pragma: public
last-modified: Tue, 02 Nov 2021 09:29:45 GMT
server: cloudflare
etag: W/"61810509-e46a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afGy05NPwvVszpt%2FCdxcDw5DUKIjVh3sS1xi%2BiHR7K2Zp1jl%2BwuskNkhf8vOjESstCetFTpPvJbkji%2BbryXLEoL0Tfhgdh%2BjQBZMhimvon%2BpygJ9nYsdRfWhGJybZ1yQB6Ct1UMc%2FpZY0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193bdf0c295-FRA
expires: Wed, 02 Nov 2022 11:41:22 GMT

GET
H2 200 Foto-21.jpg.webp
telegraf.by/file/2021/11/ 8 KB
8 KB 33ms
31ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/Foto-21.jpg.webp?w=437&h=253&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc560ac3003bca8cef669884cd66d9731d6283208632d8a5e4bd85b16abca604

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53772
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8286
pragma: public
last-modified: Tue, 02 Nov 2021 09:32:13 GMT
server: cloudflare
etag: W/"6181059d-dd76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czMKUoOcP9R48lXKMKg3SJM4Z0MfjneV6Eam3ObG0VdmzsYg9%2BgZqxeDEifhTCEBWrwfdo%2FR%2Fm0P7MRMTWH3Z2G2ouVt%2F7bL3skF0TJpG5seQ4omzlJxQmOnmaTfebY1naapxb%2F8baWY5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193bdf1c295-FRA
expires: Wed, 02 Nov 2022 11:14:40 GMT

GET
H2 200 BphotoBy_0020-1.jpg.webp
telegraf.by/file/2021/11/ 11 KB
11 KB 24ms
22ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/BphotoBy_0020-1.jpg.webp?w=437&h=253&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31dc4cd5de1d4ed53f195218040065bdb58228f5fd41cfd4b3ea413246fd53cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53772
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10886
pragma: public
last-modified: Tue, 02 Nov 2021 09:12:31 GMT
server: cloudflare
etag: W/"618100ff-f226"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ux0kNsAXQpgQMi783cbKSt52vEreL%2FTEfVYAHI7k7r2kK6NUuFoPwXPFdoIAUZ0Nx7adW%2Bj4z%2F%2BGF3K7BmPqqDXhOcH5yiaaclzRzSE2wpiqyBUwNRbOQbrMHcxUmxrJJS8uTCvCafC4Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193bdf3c295-FRA
expires: Wed, 02 Nov 2022 11:14:40 GMT

GET
H2 200 salej-ermoshina.jpeg.webp
telegraf.by/file/2021/11/ 13 KB
13 KB 26ms
23ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/salej-ermoshina.jpeg.webp?w=437&h=253&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f092fc5e79c148a7543c37a3d2a4ea0215f6e57d4ed0f571c76f092f9299f54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63026
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12956
pragma: public
last-modified: Tue, 02 Nov 2021 06:42:35 GMT
server: cloudflare
etag: W/"6180dddb-b9d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NSAz4CfUN3Xl%2F%2FqA1nsA3ChDQ4Xk69qvLTmIB15dl8E0YeUOAqQp6I3PcbNqQdUuFPjjY%2BlwtLRRmfpKaniuNSiHlJwTWQWawVJWd3yLYAGuY0lNkB5EEY49eOs40D9ERiiSqGTB59nW%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193bdf4c295-FRA
expires: Wed, 02 Nov 2022 08:40:26 GMT

GET
H2 200 3346.jpg.webp
telegraf.by/file/2021/11/ 31 KB
31 KB 27ms
24ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/3346.jpg.webp?w=437&h=253&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08379d6962481af5cb13ec9caf4f04a6a01aea562afc6ecf3429e79dbe5dc343

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66668
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31316
pragma: public
last-modified: Tue, 02 Nov 2021 05:38:08 GMT
server: cloudflare
etag: W/"6180cec0-3a060"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmmrIvehkaNZdc60Cpu23cs2WeRhOhbVyNriExrk6PlrorayjWMC1Imtt0%2Fky0xtpxxODdYkQZS6nCWWQW021J%2Ft%2FqwYpeIBoJW8a3DuYjxONJts4CesHRNJCpoC72qPrzNz8WRuRAFyTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193bdf7c295-FRA
expires: Wed, 02 Nov 2022 07:39:44 GMT

GET
H2 200 photo.jpeg.webp
telegraf.by/file/2021/11/ 7 KB
7 KB 55ms
53ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/photo.jpeg.webp?w=437&h=253&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f2240b43657f061f4a2672d03bd413c92bf4fba12727f0c61b1792affb59d57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 138519
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7198
pragma: public
last-modified: Mon, 01 Nov 2021 09:12:46 GMT
server: cloudflare
etag: W/"617faf8e-8d22"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m485IRo8gWlAxYPeHJy5lPioC04AUqSE8mcJ3e%2BBtyIHwpTWj6sCdcfqCsAuyo4P%2Fq2nj9khuCG2lv5CldqakkLRPBQBV2AibO5I8oL8j%2FZxMqGm3JE62p%2FvX%2F62wnvs7dIFh1zZvnVeSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193bdf8c295-FRA
expires: Tue, 01 Nov 2022 11:42:13 GMT

GET
H2 200 belorusskie-rubli-dengi.jpg.webp
telegraf.by/file/2021/07/ 20 KB
20 KB 33ms
30ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/07/belorusskie-rubli-dengi.jpg.webp?w=437&h=253&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4f757a8c1635e107c6e3e145cddd32e2f98d41f49808860c2047d5b6b91bb70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142354
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20354
pragma: public
last-modified: Wed, 07 Jul 2021 12:00:22 GMT
server: cloudflare
etag: W/"60e59756-187e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmMV01oDjzfrhmpoj2ZiEltiiHq4%2FGrJi%2Fmb8i14WXoC7OYat4NyYM4jpPVVOKd1nDrerztJReKQ%2Bt9Upkj3gza1doAhjhuCta6MwIS52kI7UdxUdDwZPV8ZIa2%2FR5hSZcpRFE76cLHeBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193bdf9c295-FRA
expires: Tue, 01 Nov 2022 10:38:18 GMT

GET
H2 200 file_81.jpg.webp
telegraf.by/file/2021/11/ 25 KB
26 KB 32ms
30ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/file_81.jpg.webp?w=437&h=253&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b552d5d359a666300d9b3ecc876df85b6d27e6f0aedf8aaef051dc66ad066a5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 147071
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 26052
pragma: public
last-modified: Mon, 01 Nov 2021 07:56:08 GMT
server: cloudflare
etag: W/"617f9d98-1dc56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkPVztHk%2FDbKJ5aVs4zk%2FQEcBYDcr%2Br%2FKCa%2FoJtTIUeGVTqtacWnfGhp74kYePHXFDKQ0ZMfsCwKzg%2BzUCfEMiG3QEYr4kua5s%2B4Yk2gsoH6o4EWLzdFc9AdhPxcZ8OW3ibWadAOz6HYQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193bdfac295-FRA
expires: Tue, 01 Nov 2022 09:19:41 GMT

GET
H2 200 thumbnail-tw-20200713094645-1328.jpg.webp
telegraf.by/file/2021/10/ 17 KB
17 KB 33ms
31ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/10/thumbnail-tw-20200713094645-1328.jpg.webp?w=437&h=253&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0597e52eb3ebfd1a3a87aad1ad5b0014fdae811f5d394438a2d2cf09caa35d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420327
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17194
pragma: public
last-modified: Thu, 28 Oct 2021 18:19:00 GMT
server: cloudflare
etag: W/"617ae994-bc06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wB4ovmg1hLKwxHrs3utLpU6NWT9mr%2Fzh6WxgiEFcfXsXX2KNkGGzqfJ03FguNPcuIUevW%2BDK4ySsh2%2BsLJvdpa%2BIMUd848HNLU6uET%2FxK3OyKL6%2FRXVVz20bkKHnomQ2acw4cxFlT%2Fnp%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193bdfbc295-FRA
expires: Sat, 29 Oct 2022 05:25:25 GMT

GET
H2 200 4-1.jpg.webp
telegraf.by/file/2021/11/ 12 KB
13 KB 55ms
53ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/4-1.jpg.webp?w=437&h=253&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bc2f466272e920dbea78d391f5e540856873a73918a0eab4fd2d649543b0152

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61794
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12726
pragma: public
last-modified: Tue, 02 Nov 2021 07:51:03 GMT
server: cloudflare
etag: W/"6180ede7-cd30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=028pzNDtTEpGLlXPNPSUlIkW4RQpABQ%2B1dWKWhcPcN8xCieWHyQi2F%2BwdVRO1614hN%2Be%2BzC7X6G2xVYJHUXqBAjexbUQXH64X5VK6NlGo3I%2FV2%2FSghZrgAdNtqkP74UA680Ih0XwEdhpnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193bdfcc295-FRA
expires: Wed, 02 Nov 2022 09:00:58 GMT

GET
H2 200 d893b647a449cb6a2c36290ef4d5ffd2.jpg.webp
telegraf.by/file/2021/05/ 13 KB
13 KB 52ms
48ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/05/d893b647a449cb6a2c36290ef4d5ffd2.jpg.webp?w=437&h=253&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9cbc154c03fe0b31af4476aaa6372b1e38ec252c26b886936759cfd339adb76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54549
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13264
pragma: public
last-modified: Wed, 12 May 2021 10:13:02 GMT
server: cloudflare
etag: W/"609baa2e-11170"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2%2FpFko%2BTJkQrcPmj7%2FZwXrSnZkqaLT4%2FidtbYvHZN6Z%2B45xQFohyK4ACzUwx3mpRO%2FtFxIZ4OEFPCi9Jkwjv2abkDezw4Zigi0L37ufXU1OFO6M0gPZ5yXGkH36H7EEdnywE3X3fki8NA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193de0ac295-FRA
expires: Wed, 02 Nov 2022 11:01:43 GMT

GET
H2 200 709a836cdb052cb320f5781435aaac92.jpeg.webp
telegraf.by/file/2021/11/ 2 KB
2 KB 52ms
49ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/709a836cdb052cb320f5781435aaac92.jpeg.webp?w=437&h=253&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4bcf3a8a8bce79a4f0dc55812a1720bc6ec5bf17e1ac7af523adb6f00b403af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62470
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1774
pragma: public
last-modified: Tue, 02 Nov 2021 06:05:36 GMT
server: cloudflare
etag: W/"6180d530-6660"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrjfRhfAdn4EN7JfHEAYadwxl4YlC6zxFa7t%2FPwca6WlsoEGVgk3Z8NCpgnMUn9xVubxPgOAMCCcFL2%2FMhmtW05A5pQIf%2B5ICVrKKTURi1%2FDUhbrG7l04yc4xxwH18J15r7%2FmRZoP8lrNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193de0cc295-FRA
expires: Wed, 02 Nov 2022 08:49:42 GMT

GET
H2 200 2021-10-18_14-10.jpg.webp
telegraf.by/file/2021/10/ 5 KB
6 KB 49ms
46ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/10/2021-10-18_14-10.jpg.webp?w=345&h=200&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96ab1b168a7856f4a1e978ed60e0b477994a3cf18ba4a2a7d86d4a28f0c74264

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577222
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5214
pragma: public
last-modified: Mon, 18 Oct 2021 11:10:55 GMT
server: cloudflare
etag: W/"616d563f-776c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ge1zGVc3VhVGF8ekaUF%2B93HbuqYK7boiPgGunWnmhjxmo1%2Bh56SJ9EycIqe1zJDwieIGV4Exkqr0B6pJfSHT%2FkgKUrS%2FUJEvRKZ98Krsl3xZM8ccMl%2FteLKX0FOWtsGZ7BhHvxInT%2BnjDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193de0dc295-FRA
expires: Thu, 27 Oct 2022 09:50:30 GMT

GET
H2 200 1582874122_koronavirus.jpg.webp
telegraf.by/file/2020/03/ 12 KB
13 KB 56ms
52ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2020/03/1582874122_koronavirus.jpg.webp?w=345&h=200&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14a8d81d6fa95c97db18abc6fcf1734d9d4256b02d0db8ce9fcc9278f6be22a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 434790
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12606
pragma: public
last-modified: Wed, 10 Mar 2021 14:23:16 GMT
server: cloudflare
etag: W/"6048d654-198ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmSAxWJhHcWpCvpXNEYuUKLUrecDjdBFQjm5KpHyF9RGgDBaN%2FtEvsFpzK%2B3TrFUbaDn4K4b3TB2aDw59yJgT92Ks4QY7sU4pWVjFpXi5eviLoRD2yMFKzJQZNlzxtZoJk80HGXDSIZ5pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193de0ec295-FRA
expires: Sat, 29 Oct 2022 01:24:22 GMT

GET
H2 200 zachem-perekapyivat-01-696x464-1.jpg.webp
telegraf.by/file/2021/10/ 20 KB
20 KB 47ms
43ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/10/zachem-perekapyivat-01-696x464-1.jpg.webp?w=345&h=200&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ff5adc72f97bc02d11d10cbb4f5abcd2b35ecfd07dc26ee450c01a1daa6d05b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577222
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20270
pragma: public
last-modified: Fri, 15 Oct 2021 06:42:16 GMT
server: cloudflare
etag: W/"616922c8-18068"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhPiSOJgx30sEILviMUzOggrRwnqTNoLo0tJPSXCanMDvKrQvSMGW0ywKlG7t6bn0WrwKmdl8pnTWjaCg3osJ9reKNDhyDmUjrdC6IFXEJgi2a2ANiPxIniZe136xjTBh14BwsWIlqIKaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193de0fc295-FRA
expires: Thu, 27 Oct 2022 09:50:30 GMT

GET
H2 200 luka-tih.jpeg.webp
telegraf.by/file/2021/10/ 8 KB
9 KB 50ms
47ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/10/luka-tih.jpeg.webp?w=345&h=200&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a326d0339d418588f028a753e26f35c27d8cbff753ac98d8d43625663b10ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577222
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8526
pragma: public
last-modified: Mon, 18 Oct 2021 08:33:55 GMT
server: cloudflare
etag: W/"616d3173-9af0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=raCaR4vBJ2hGpFZmkDdPRCMzDwXtBlyL6l1Zu8CclU3%2B3GIa%2FX0%2FLwe217dX51AiCwrRFxtrqDe1JBCSOg6XSZGw7NCDo%2BwcbWTGTFkF2cb%2F%2BP02Np3CTqWJBqRYPT0hNQCElio3g6XdXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193de11c295-FRA
expires: Thu, 27 Oct 2022 09:50:30 GMT

GET
H2 200 f1adff0b6cd52a218f6a4ba5ec7e67a1asdasdasd5f7c766d257237.78944238-650x433-f1adff0b6cd52a218f6a4ba5ec7e67a1.jpg.webp
telegraf.by/file/2021/09/ 24 KB
24 KB 53ms
50ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/09/f1adff0b6cd52a218f6a4ba5ec7e67a1asdasdasd5f7c766d257237.78944238-650x433-f1adff0b6cd52a218f6a4ba5ec7e67a1.jpg.webp?w=345&h=200&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff835a615190a441a0699ac400e65d2c9866f66b742d3aa3fc85cf624e49e697

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 434790
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24246
pragma: public
last-modified: Tue, 28 Sep 2021 04:16:30 GMT
server: cloudflare
etag: W/"6152971e-24104"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlMlXcgFuYl1gK3YXfu9cJY4paxeov5orO%2Fi830mp2IQ82K2LNyjGedg1n%2BtuZlm%2FNHt8rDrUBSBkKGBZ6M0Uxdx81wPI0t6Dz72NeZGhza7nOg4uHAUJmOI6C5mc%2BfKCNvjknyX16DyOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193de12c295-FRA
expires: Sat, 29 Oct 2022 01:24:22 GMT

GET
H2 200 KMO_120929_01489_1_t218_181013.jpg.webp
telegraf.by/file/2021/09/ 9 KB
9 KB 50ms
48ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/09/KMO_120929_01489_1_t218_181013.jpg.webp?w=345&h=200&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deb353fd464bda93438396f37c023005dd38f0863346c2ada189cbe355a072fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577222
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8994
pragma: public
last-modified: Tue, 28 Sep 2021 07:56:57 GMT
server: cloudflare
etag: W/"6152cac9-ede4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRCxFVjWaCNtY9SrrsBEn7cTUvduXO14sLu9gdbAV%2F58GdNwpd0d4KcNaL0%2Bp1C5raQnb9XsR5C%2FyurHsPxHFqcFVUjkSbYcF5hMVFRnuaanoL%2Ffukwb9W7HcU1AFuDGz5VKsRn8y9XSjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193de13c295-FRA
expires: Thu, 27 Oct 2022 09:50:30 GMT

GET
H2 200 RIAN_6414778.HR-pic905-895x505-57815.jpg.webp
telegraf.by/file/2021/10/ 11 KB
11 KB 56ms
54ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/10/RIAN_6414778.HR-pic905-895x505-57815.jpg.webp?w=345&h=200&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 131e8d7973531c1e3ffe64956ed42d1fa33cc3d589a1ee2779393bb09ede25cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 510602
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11258
pragma: public
last-modified: Mon, 18 Oct 2021 07:32:32 GMT
server: cloudflare
etag: W/"616d2310-13fe8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2F0oNqO0qCU%2FoiPrjCf8jYThTVaLXyuyZT6kvF1NqaLragh6gSAfrL6hzmGmtHAdKpy2NogrER4cxfj7V4OQ7YydGnQiKZLeWvnJZ0qd%2B6zdcSsNsaGpdqxeqsZwWZ9mz8JprqnKzLO%2BHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193de14c295-FRA
expires: Fri, 28 Oct 2022 04:20:50 GMT

GET
H2 200 1f8731d01c.jpg.webp
telegraf.by/file/2021/10/ 13 KB
13 KB 57ms
55ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/10/1f8731d01c.jpg.webp?w=345&h=200&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02eb5708f20d3bb69043b79adc7898694c308a27438651fb3591ab7292b37826

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577222
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13128
pragma: public
last-modified: Thu, 14 Oct 2021 12:44:02 GMT
server: cloudflare
etag: W/"61682612-1ed24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1sRBdBctMdklu3bG46Re48KF%2F%2FyOjkAkKT9E8WrhW8j2ZuXy5k3Dt7AHr8G3XBoJeQs519cgWFy4jQ4nzXc7fE1yEfjhtU9WQ1Wrb%2FkQgWDpDCWB%2FrzdkmGrQEjYMYx5VBg50%2FUmBESqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193de16c295-FRA
expires: Thu, 27 Oct 2022 09:50:30 GMT

GET
H2 200 RIAN_6420770.HR-pic_32ratio_900x600-900x600-14645.jpg.webp
telegraf.by/file/2021/11/ 15 KB
15 KB 60ms
58ms Image
image/webp 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegraf.by/file/2021/11/RIAN_6420770.HR-pic_32ratio_900x600-900x600-14645.jpg.webp?w=400&h=230&crop=1
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d34a6cf2f4f4544de792658d4b774aefd05077e4fbf87b1938ca5c57e4603def

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3709
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14982
pragma: public
last-modified: Tue, 02 Nov 2021 09:18:46 GMT
server: cloudflare
etag: W/"61810276-1a678"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rgm53cmLmUHnoibU%2FwC9iiWL%2FhCbuac6GLI4U%2F5Ajw9hQHrJGaOX21imkZyZRjv6lM%2Bb6ANavJMuweAuJmv9KrI5b51y%2BxjREWo0tvrxiwXuterI0Jphc5OHOy5rAdVzsT%2F4g8KDTKF7Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31600000
accept-ranges: bytes
cf-ray: 6a821193de18c295-FRA
expires: Thu, 03 Nov 2022 01:09:03 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 111ms
12ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: telegraf.by
URL: https://telegraf.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Wed, 03 Nov 2021 02:10:52 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 rocket-loader.min.js Show response
telegraf.by/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 44ms
42ms Script
application/javascript 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telegraf.by/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: telegraf.by
URL: https://telegraf.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 12:26:29 GMT
server: cloudflare
etag: W/"616eb975-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7oiXPG622MhoKVh4egwvJBgluN4V0pBu8eN5BNQOpwGNLBKqKlzIY3GWbhganXdVznyIu%2BJaC2LdAecIA2xjLdKCoLzY2XnYfvH5XkdO2iREEoYjEgdmWVVin3P6VP6z6LHVh%2FDv2coxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a821193de1ac295-FRA
vary: Accept-Encoding
expires: Fri, 05 Nov 2021 02:10:52 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.10.2/webfonts/ 74 KB
75 KB 50ms
18ms Font
font/woff2 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.10.2/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.10.2/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff

Request headers

Referer: https://use.fontawesome.com/releases/v5.10.2/css/all.css
Origin: https://telegraf.by
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4405622
cf-ray: 6a8211947f06701c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 75408
x-amz-id-2: RRhE9G4eoVAH64YiIVLq449h/k3IUFGSKKvPwZyZ3GKExlePCGbfKBnLwUhifseGjHqz73S1FKo=
last-modified: Wed, 30 Jun 2021 15:36:28 GMT
server: cloudflare
etag: "d6d8d5da9214dc7d46b297672a602d55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMLE3MQcv35AkQM6eJo8a4L4niifS42D%2FmW%2BhI79LWGzZxzpEETxyDTuQbdiRHAKjZ5zn32OYAaocHLeZX5hJ8ZxBC62K%2BDZpwTprKaLkxtwi%2B8N8bujFZxmL9kbV3KxjGiWhQAeiCPDqsvpj0Ks0fDu"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: M47SXP6FSBYRBVHQ
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.10.2/webfonts/ 13 KB
14 KB 63ms
32ms Font
font/woff2 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.10.2/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.10.2/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c061a302d3aad80e5d04a7608f20a26cb6ca995f3e36bfb65500e17552debeb

Request headers

Referer: https://use.fontawesome.com/releases/v5.10.2/css/all.css
Origin: https://telegraf.by
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 510636
cf-ray: 6a8211947f0c701c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13584
x-amz-id-2: Wz8b3OuZs4Gr+eObkemO3Dj3JdvG/JMUJj/ZB+09bpF8HZFc7PX4VB4f9EaobbgoIMJdKJy1Xk0=
last-modified: Wed, 30 Jun 2021 15:36:28 GMT
server: cloudflare
etag: "ac21cac3f22cc9642f5af32e0c750797"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZBBTdLF5XQtwbiMEVvH4TT6nCqKmc9J8bWZOUh6FX%2BiZaxl2BqmqpUw1ikBJNPBr7iZzUmuhUyyz8ZqufcFVnCGhf7X9GuMBrgK0z2%2BR3ehlOakyZEW%2BKrkNbL0QIu1hsPbzYlnao%2BiH9FXgCSrgkU0B"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: YAPZPEGV95EVHDBK
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.10.2/webfonts/ 73 KB
73 KB 64ms
33ms Font
font/woff2 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.10.2/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.10.2/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 975714c6cb70ba105bfa87d2415df2fddde4a46c1d3ab9d0cf45465e56cba97d

Request headers

Referer: https://use.fontawesome.com/releases/v5.10.2/css/all.css
Origin: https://telegraf.by
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10303393
cf-ray: 6a8211947f09701c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 74524
x-amz-id-2: jegl8vXLkhCSGC5enMD/Tf2S4Jk04zxb+FIAMAVlMigLs9KJGT0U4y0vydAEyoD6sB01w6bl4o8=
last-modified: Wed, 30 Jun 2021 15:36:28 GMT
server: cloudflare
etag: "3e1b2a654a784ceb385157140b4ccd71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBbs%2FaTgozzs3xe0NHLKAC0UWtkbH0EO5oLj7y7TkDkrcMCCf5b0niYsgLd0qF8I6cI5kpWHXZSqpcvS3IAVVRFHyT25HfIjFKi9VW6PuxwgataoKgTHe5lmSjuAuIodwLIMrEh0LJxoVG5jbSb9XR33"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: CAMH1ARAQNHF1THJ
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 weathericons-regular-webfont.woff2
telegraf.by/tel/app/temy/telegrafwpby/fonts/ 44 KB
44 KB 35ms
35ms Font
application/octet-stream 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://telegraf.by/tel/app/temy/telegrafwpby/fonts/weathericons-regular-webfont.woff2
Requested by: Host: telegraf.by
URL: https://telegraf.by/tel/app/temy/telegrafwpby/style.css?x34917
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9327647771c09df82095dba3591c77cca41a9cedca948ae01e7fb70c690dcbd5

Request headers

Referer: https://telegraf.by/tel/app/temy/telegrafwpby/style.css?x34917
Origin: https://telegraf.by
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4640
mainloc: /tel/app/temy/telegrafwpby/fonts/weathericons-regular-webfont.woff2, p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44720
last-modified: Sun, 07 Mar 2021 07:50:26 GMT
server: cloudflare
etag: "604485c2-aeb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahYhg%2BhA2pP6p%2Bz7OmezgTgHSOTdRIb6poihPS5hkDaxCkuYIe51cQ3AbA1RYXjTsfTFSJ4%2FR%2FQYhFTt%2B1UqCFjkQYgQjL5p1BlBEI6V9aqZ6ssdPU5cZfM%2BtZflK93Wlzz6Tz9mj6WwZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6a8211944e54c295-FRA

GET
H2 200 q2w3-fixed-widget.min.js Show response
telegraf.by/tel/app/q2w3-fixed-widget/js/ 4 KB
2 KB 20ms
15ms Script
application/javascript 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telegraf.by/tel/app/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?x34917

Requested by

Host: telegraf.by
URL: https://telegraf.by/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577663
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snGfc%2FNxxyzgFB9PocZbjnNjDwgqiuIJB%2BOneX0lmqJFuBiKPs63kwLr24DIE54VY3C9EjWl8nztFelWjphC94acavZpNMgYkntK87mmfC5CWtZY9IlMGcGeqxYPuYLmW%2FxbrTRbj35Cnw%3D%3D"}],"group":"cf-nel","max_age":604800}
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 08 Oct 2021 05:33:14 GMT
server: cloudflare
etag: W/"615fd81a-1108"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6a821194be79c295-FRA
expires: Thu, 27 Oct 2022 09:43:09 GMT

GET
H2 200 facets-script.min.js Show response
telegraf.by/tel/app/elasticpress/dist/js/ 126 KB
42 KB 30ms
23ms Script
application/javascript 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telegraf.by/tel/app/elasticpress/dist/js/facets-script.min.js?x34917

Requested by

Host: telegraf.by
URL: https://telegraf.by/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

819f3136b7fa1d732f05ec1d9c773bed9bdcdb09e936fe964ae8fb70f29912f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577663
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06rDRhfazg2KEGfQDL5clvVnLVD0ONqhA3uWUB5C%2FnxEbVP72ha5cc9Uipd%2BT9oIwJBYOMXO3wBbQkF%2BCNUsllbWa0apd3sLk%2BBLRIoU7NqhpXTEV6H9Lj7LSY3UaP1YbldsenbHsvH3Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 07 Mar 2021 07:50:27 GMT
server: cloudflare
etag: W/"604485c3-1f8e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6a821194be7bc295-FRA
expires: Thu, 27 Oct 2022 09:43:09 GMT

GET
H2 200 underscore.min.js Show response
telegraf.by/wp-includes/js/ 16 KB
6 KB 35ms
29ms Script
application/javascript 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telegraf.by/wp-includes/js/underscore.min.js?x34917

Requested by

Host: telegraf.by
URL: https://telegraf.by/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5f5736867880dc34e00e9d915d49094d5aa572c73771e87a082bd721b5a4f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577663
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJViMVdxoMwdHCWoCe2IlqMT8xRcPMvnYZ7t1gUoxJI7QuhgxK6VNUaehiRXBsETIVXg%2BsZoZTb5EbR6rsl1lN9UHyjLpB9dg0z8hEC%2BrgEB1YmZ%2BA0hHAA%2FkRqwvvRFLCvNKPjZcKE0VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 15 Apr 2021 05:04:44 GMT
server: cloudflare
etag: W/"6077c96c-3e8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6a821194be7ec295-FRA
expires: Thu, 27 Oct 2022 09:43:09 GMT

GET
H2 200 theme-script.min.js Show response
telegraf.by/tel/app/temy/telegrafwpby/inc/assets/js/ 3 KB
1 KB 35ms
28ms Script
application/javascript 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telegraf.by/tel/app/temy/telegrafwpby/inc/assets/js/theme-script.min.js?x34917

Requested by

Host: telegraf.by
URL: https://telegraf.by/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6acf90584b80960637e05b65d1b5d7d7c0b7c91b3b3308cf78f59b0cd11de841

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577663
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEfuOjXNAIPLUGLs4UbgAXWOQy4mDhlTlFJi8HDXrp%2FEFIqJlceeS4FJlUxzBphMLlGsO7PbcYyGO8mX99YLO87ickH4N2GDGdPUB9oPIdGwEvIX0DHpddGzHYHnjjYn1ToC59iX1G8a8A%3D%3D"}],"group":"cf-nel","max_age":604800}
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 07 Mar 2021 07:50:25 GMT
server: cloudflare
etag: W/"604485c1-b02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6a821194be7fc295-FRA
expires: Thu, 27 Oct 2022 09:43:09 GMT

GET
H2 200 jquery.unveil.min.js Show response
cdnjs.cloudflare.com/ajax/libs/unveil/1.3.0/ 945 B
794 B 21ms
15ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/unveil/1.3.0/jquery.unveil.min.js

Requested by

Host: telegraf.by
URL: https://telegraf.by/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f441839a30400536a7929981076ef3a81faf302fdfef53922dad563c13e8af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 435078
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 429
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04016-3b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1zxlHJP89IZtBZTyzc3rGbJMD1gjTbRmMv7Z0LH4MHj4H6A0DXG2Zh26K8iAdmaOLOUkuPnMlKEZ5WPeVKnLqkgav19JFItceI%2BL7PdK49duzZv0IYWaCu3K78Svmdl82y2efnVwQ4wfJvXj9tn%2FZyy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a821194bfd27051-FRA
expires: Mon, 24 Oct 2022 02:10:52 GMT

GET
H2 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/js/ 59 KB
14 KB 30ms
24ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/js/bootstrap.min.js

Requested by

Host: telegraf.by
URL: https://telegraf.by/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 433028
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13947
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-ea6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1uYRu%2FmgGVKPI6pMXETcs4lwNZ4iBZKXgh7GlMi6rIwmVaaV5%2BU4kdTK5z7Vyr%2F0RWJ1awydh0XM9Zq38aGXuJCm3LBFQz43df1IobxjFrd5znW8tAj1wbc%2Ft0ruzF1oLQxZXIsufg90WZoxZF1tondi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a821194bfd47051-FRA
expires: Mon, 24 Oct 2022 02:10:52 GMT

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/ 21 KB
8 KB 82ms
32ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js

Requested by

Host: telegraf.by
URL: https://telegraf.by/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 510711
x-jsd-version: 1.16.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19181-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a82119508464ec7-FRA

GET
H2 200 polls-js.js Show response
telegraf.by/tel/app/wp-polls/ 3 KB
993 B 26ms
20ms Script
application/javascript 2606:4700:3030::6815:6e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telegraf.by/tel/app/wp-polls/polls-js.js?x34917

Requested by

Host: telegraf.by
URL: https://telegraf.by/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:6e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577663
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BbnqfW4ggjN4P6T9DGNvr4vBOI6LinAfmRXgmIdwGB5RW%2Fi3xg9lu9rBHbHXnv2zAd8fH8%2Fs%2FofSrAGwl18dV6anob7G1VxuRDY6yDbScGWl%2FKfBfo9xOzmNLTbDSsbVjQ5kTghwFXYJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
mainloc: p2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 07 Mar 2021 07:50:38 GMT
server: cloudflare
etag: W/"604485ce-caa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: application/javascript
cf-bgj: minify
cache-control: max-age=31536000
cf-ray: 6a821194be80c295-FRA
expires: Thu, 27 Oct 2022 09:43:09 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 86 KB
27 KB 21ms
16ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: telegraf.by
URL: https://telegraf.by/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 433046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27748
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15851"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JViIKlubQ7YIxHJZN7td9y0u83O1kATiv%2BUF%2BUAe6Gu8VD8MWwj33yhNneQCyCYJPeIAETAnoRAj%2BHo%2FzlqBUeSdkFjPK0EgwBDa5sd19FHuqYRWWBUGW4LHRpFLfaZosebc1eLQ2b1U4KXYqM%2FE9YED"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a821194bfd57051-FRA
expires: Mon, 24 Oct 2022 02:10:52 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 305 KB
82 KB 201ms
80ms Script
text/javascript 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: telegraf.by
URL: https://telegraf.by/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

895ed770a631ca3fec0b56e9a1d3aa8ef2e65c16b7074aa4296baa3e833c2cb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
etag: 1372260923
x-yandex-req-id: 1635905452406914-16995801458875325245-man1-9558-c7e-man-l7-balancer-8080-BAL-6977
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 03 Nov 2021 03:10:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 76ms
37ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16632131-5

Requested by

Host: telegraf.by
URL: https://telegraf.by/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed7d00064ed5b05623fd0b80726f4687287e8c45bc430fa8800be79452a11c64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35863
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Nov 2021 02:10:52 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 49ms
7ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=24607
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 189 KB
65 KB 195ms
100ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: telegraf.by
URL: https://telegraf.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

a3dcfbd6b446166e10db7767829d5aa85c27e2d1116dc998af3a932d0aaed58f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
last-modified: Tue, 02 Nov 2021 12:32:57 GMT
etag: "618105c9-101d2"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 66002
expires: Wed, 03 Nov 2021 03:10:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 35ms
9ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16632131-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 586
date: Wed, 03 Nov 2021 02:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 03 Nov 2021 04:01:06 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5e009e287ac8b1e1/ 3 KB
1 KB 23ms
16ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5e009e287ac8b1e1/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e2268466e5795917418ee41997f63b80d8dd4adc00ba9996dd8042fab778b652

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: gzip
etag: -1980339542--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=16, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 869

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 191ms
159ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=6181efac7120f176&bkl=0&bl=1&pdt=203&sid=6181efac7120f176&pub=ra-5e009e287ac8b1e1&rev=v8.28.8-wp&ln=ru&pc=wpp&cb=0&ab=-&dp=telegraf.by&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1635905452430&wpv=wpp-6.2.6&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22WordPress%22%2C%22plugin_name%22%3A%22Share%20Buttons%20by%20AddThis%22%2C%22plugin_version%22%3A%226.2.6%22%2C%22plugin_mode%22%3A%22AddThis%22%2C%22anonymous_profile_id%22%3A%22wp-99a89b508d762b15e6f2ed58083ee4a8%22%2C%22page_info%22%3A%7B%22template%22%3A%22home%22%2C%22post_type%22%3A%22%22%7D%2C%22sharing_enabled_on_post_via_metabox%22%3Afalse%7D&jsl=1&uvs=6181efac63bafca0000&skipb=1&callback=addthis.cbs.jsonp__52844200282787530
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bcbd1473c49f13b86e0563ec788577c36001f9f58845843bcb57f9a25cbd3eba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:52 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame E321 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame D00E 71 KB
26 KB 14ms
14ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Wed, 03 Nov 2021 02:10:52 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.ru.min.json Show response
s7.addthis.com/l10n/ 6 KB
2 KB 35ms
11ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.ru.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

fc1cee21376da3a4fdf8f62d3bb1d46c80c763d447da7e7c07112f45eee09d3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-16d7"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Wed, 03 Nov 2021 02:10:52 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 2277

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 14ms
13ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 03 Nov 2021 02:10:52 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
204 B 16ms
15ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=213742536&t=pageview&_s=1&dl=https%3A%2F%2Ftelegraf.by%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%3A%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D1%87%D0%B0%D1%81%D0%B0%20-%20Telegraf.by&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=6376358&gjid=1337161350&cid=1048830621.1635905452&tid=UA-16632131-5&_gid=1374787905.1635905452&_r=1&gtm=uar&did=dZTNiMT&z=221382217

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://telegraf.by/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://telegraf.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 52ms
20ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-16632131-5&cid=1048830621.1635905452&jid=6376358&gjid=1337161350&_gid=1374787905.1635905452&_u=YGBACUAABAAAAC~&z=514316195

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://telegraf.by/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 03 Nov 2021 02:10:52 GMT
content-type: text/plain
access-control-allow-origin: https://telegraf.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 159.1c3fceccbc80f2a3615f.js Show response
s7.addthis.com/static/ 564 B
633 B 11ms
10ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

c02d2e4ee660f561338f717a6dc83745ea23c4ad356a57bdfee60c3643b25b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: "5ed917ff-234"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 03 Nov 2021 02:10:52 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 394

GET
H2 200 147.1581dc34512966c2ddb7.js Show response
s7.addthis.com/static/ 1 KB
917 B 14ms
13ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/147.1581dc34512966c2ddb7.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

0f839003422e5fe9c2dfd0e43d629d2f33a379e98c1558a6f5b7f5ef5cdf99b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-45e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 03 Nov 2021 02:10:52 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 677

GET
H2 200 195.461912c47007775093ae.js Show response
s7.addthis.com/static/ 384 B
538 B 19ms
19ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/195.461912c47007775093ae.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b4fbd6cf87898b005b09546b1c4e82654918b11e5f64ccb8fc32ea0a04e237a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-180"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 03 Nov 2021 02:10:52 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 298

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
249 B 42ms
23ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Ftelegraf.by%2F

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://telegraf.by/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://telegraf.by/
last-modified: Wed, 03 Nov 2021 01:00:00 GMT
server: nginx/1.15.8
date: Wed, 03 Nov 2021 02:10:52 GMT
content-type: application/json
access-control-allow-origin: https://telegraf.by
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 share.php Show response
vk.com/ 21 B
479 B 139ms
47ms Script
text/html 87.240.190.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&index=0&url=https%3A%2F%2Ftelegraf.by%2F

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv78-190-240-87.vk.com

Software

kittenx / KPHP/7.4.109180

Resource Hash

4815fefdde185a719ef71778ced893b546806cf2c5db6f0a3243d899cabc5b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: gzip
x-frontend: front225204
server: kittenx
x-powered-by: KPHP/7.4.109180
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 41

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 37 B
283 B 196ms
179ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Ftelegraf.by%2F&callback=_ate.cbs.rcb_aa7b0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

b74739ae6b59eb7f4dc0248da57b301adea910b98f26a9142c8918bf1f52cc33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: telegraf.by/
last-modified: Wed, 03 Nov 2021 02:10:52 GMT
server: nginx/1.15.8
date: Wed, 03 Nov 2021 02:10:52 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 57

GET
H2 200 share.php Show response
vk.com/ 23 B
480 B 140ms
49ms Script
text/html 87.240.190.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&index=1&url=http%3A%2F%2Ftelegraf.by%2F

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv78-190-240-87.vk.com

Software

kittenx / KPHP/7.4.109180

Resource Hash

5dea5a5c593fcff0f7d1125228a0196dc277292594df32fbd8145e8eff6f2617

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: gzip
x-frontend: front225204
server: kittenx
x-powered-by: KPHP/7.4.109180
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 37 B
283 B 195ms
179ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Ftelegraf.by%2F&callback=_ate.cbs.rcb_les00

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

aa8b74e25f64eafe8bfa0a012b8c04d5d6276e04fade1c0303035a4cca2ad840

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: telegraf.by/
last-modified: Wed, 03 Nov 2021 02:10:52 GMT
server: nginx/1.15.8
date: Wed, 03 Nov 2021 02:10:52 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 57

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 1218b29d29be11b056e4.js Show response
yastatic.net/partner-code-bundles/47201/ 13 KB
5 KB 101ms
32ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/47201/1218b29d29be11b056e4.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

20cf74e6c7e2676b6078c5563d6f97d318c8bd0801b413f7c7b5c998de6c719b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://telegraf.by/
Origin: https://telegraf.by
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4460
last-modified: Tue, 02 Nov 2021 15:53:27 GMT
server: nginx/1.17.9
etag: "7cf3aecf3723bb864344809fbe4cb7e4"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2051 08:42:04 GMT

GET
H2 200 f9e1f81d2a551cad6977.js Show response
yastatic.net/partner-code-bundles/47201/ 81 KB
18 KB 126ms
58ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/47201/f9e1f81d2a551cad6977.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

3eb07e41c91d34126703fca3ff9d593377d2926a06d86b69b5a96e0aaaf031ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://telegraf.by/
Origin: https://telegraf.by
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17482
last-modified: Tue, 02 Nov 2021 15:53:27 GMT
server: nginx/1.17.9
etag: "7476429d761bf05326e58c77c82dd6a1"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2051 08:42:05 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.82/ 33 KB
9 KB 167ms
100ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.82/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://telegraf.by/
Origin: https://telegraf.by
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8879
last-modified: Mon, 28 Jun 2021 10:29:24 GMT
server: nginx/1.17.9
etag: "e4627697ff619d2b610d2b2fee975531"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2051 08:44:28 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/239538/getBulk/ 13 KB
5 KB 363ms
263ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/239538/getBulk/v2?dl=https%3A%2F%2Ftelegraf.by%2F&date=2021-11-03T02%3A10%3A52.610%2B00%3A00&pd=3&pdh=1200&pdw=1600&pr1=2951846694&pr=3598515673&prr=&pv=2&pw=3&extid_loader=&extid_tag_loader=telegraf.by&ylv=0.47201&ybv=0.47201&ytt=53326314211349&is-turbo=0&skip-token=&ad-session-id=4033131635905452616&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1110%2C%22h%22%3A0%2C%22width%22%3A1110%2C%22height%22%3A250%2C%22visible%22%3A1%2C%22left%22%3A245%2C%22top%22%3A51%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=47201&availableWidth=1110&availableHeight=0&p1=cnhpl&p2=y&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=445694%2C0%2C10%3B440126%2C0%2C54%3B445392%2C0%2C16%3B445570%2C0%2C51%3B447099%2C0%2C39%3B436280%2C0%2C54%3B400734%2C0%2C32%3B420775%2C0%2C5%3B444596%2C0%2C38%3B434215%2C0%2C82%3B444618%2C0%2C27%3B447023%2C0%2C62%3B444916%2C0%2C68%3B440492%2C0%2C65&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22444972%22%2C%22testId%22%3A%22446544%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22445452%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22445452%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445452%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22445452%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22IGNORE_DESIRED_BITRATE_INAPP%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445694%22%7D%5D%2C%22SMART_BANNER_HIDEABLE_BUTTONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22440126%22%7D%5D%2C%22COMBO_INPAGE_LOAD_MODULE_DIRECT_REVERSE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22445392%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445570%22%7D%5D%2C%22MBVER%22%3A%5B%7B%22value%22%3A44797%2C%22testId%22%3A%22445570%22%7D%5D%2C%22BANNER_DIRECT_LOADING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22447099%22%7D%5D%2C%22WIDGET_Z_INDEX%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436280%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22BRAKE_POINTS%22%3A%5B%7B%22value%22%3A%7B%22loaderInit%22%3A200%7D%2C%22testId%22%3A%22420775%22%7D%5D%2C%22BRAKE_POINTS_STAT_ID%22%3A%5B%7B%22value%22%3A9992%2C%22testId%22%3A%22420775%22%7D%5D%2C%22BRAKE_POINTS_DOMAINS%22%3A%5B%7B%22value%22%3A%5B%22yandex.ru%2Fpogoda%22%2C%22yandex.ru%2Fvideo%22%2C%22yandex.ru%2Fimages%22%2C%22zen.yandex.ru%22%2C%22ficbook.net%22%2C%22gismeteo.ru%22%2C%22ok.ru%22%2C%22ria.ru%22%2C%22pikabu.ru%22%2C%22drive2.ru%22%2C%22auto.ru%22%2C%22lenta.ru%22%2C%22rambler.ru%22%5D%2C%22testId%22%3A%22420775%22%7D%5D%2C%22BANNER_SURVEY_ID_NUMBER%22%3A%5B%7B%22value%22%3A4%2C%22testId%22%3A%22444596%22%7D%2C%7B%22value%22%3A1%2C%22testId%22%3A%22444618%22%7D%5D%2C%22BANNER_SURVEY_PROBABILITY%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22444596%22%7D%2C%7B%22value%22%3A0.15%2C%22testId%22%3A%22444618%22%7D%5D%2C%22POSTER_COLLECTION%22%3A%5B%7B%22value%22%3A%22exp-icon-2%22%2C%22testId%22%3A%22434215%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2247143%22%2C%22testId%22%3A%22447023%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=BFPpjLR3%2FgKq6qtIjtoph9UduQW5OYI%2Ffko8yo8US2C8Uz7zTuo0Np%2BlYyzHvjqH9mrZ8fX0yynfcZCQnkNYKeKgiI4%3D&grab-orig-len=1936&grab=dNCd0L7QstC-0YHRgtC4INCR0LXQu9Cw0YDRg9GB0Lgg0Lgg0LzQuNGA0LAg0YHQtdCz0L7QtNC90Y86INC_0L7RgdC70LXQtNC90LjQtSDQvdC-0LLQvtGB0YLQuCDRh9Cw0YHQsCAtIFRlbGVncmFmLmJ5CjJHb29nbGUg0LfQsNCx0LvQvtC60LjRgNC-0LLQsNC7INC_0L7Rh9GC0YMg0LggWW91dHViZS3QutCw0L3QsNC7INCh0LvQtdC00YHRgtCy0LXQvdC90L7Qs9C-INC60L7QvNC40YLQtdGC0LAg0JHQtdC70LDRgNGD0YHQuC4g0JrQsNC6INC-0LHRitGP0YHQvdC40Ls_IAoz0JLRiyDQt9Cw0L3QuNC80LDQtdGC0LXRgdGMINGE0LjRgtC90LXRgdC-0Lwg0LjQu9C4INC60LDRh9Cw0LXRgtC10YHRjCDQsiDQutGA0L7RgdGB0L7QstC60LDRhT8g0KfQuNGC0LDQudGC0LUsINC_0L7Rh9C10LzRgyDRjdGC0L4g0L3QtdC_0YDQsNCy0LjQu9GM0L3Qvi4g0Jgg0LrQsNC6INCy0YvQsdGA0LDRgtGMINC_0L7QtNGF0L7QtNGP0YnRg9GOINC-0LHRg9Cy0Ywg0LTQu9GPINGB0L_QvtGA0YLQsCAKM9CT0LXQvdC_0YDQvtC60YPRgNCw0YLRg9GA0LAg0L_QvtGC0YDQtdCx0L7QstCw0LvQsCDQv9GA0LjQt9C90LDRgtGMINGN0LrRgdGC0YDQtdC80LjRgdGC0YHQutC40YUgwqvQutC40LHQtdGALdC_0LDRgNGC0LjQt9Cw0L3CuyDRgtC10YDRgNC-0YDQuNGB0YLQsNC80LguINCt0YLQviDQutCw0Lo_IAoz0JIg0JHQtdC70LDRgNGD0YHRjCDQstC10YDQvdGD0YLRjNGB0Y8gU2tvZGEg0LggTml2ZWE_INCn0YLQviDQuNC30LLQtdGB0YLQvdC-IAoz0JXRgdGC0Ywg0LTQsNC20LUg0YLRgNC10YXRjdGC0LDQttC90YvQuS4g0JPQu9GP0L3Rg9C70LgsINC60LDQutC40LUg0LTQvtC80LAg0YEg0YPQtNC-0LHRgdGC0LLQsNC80Lgg0LzQvtC20L3QviDQutGD0L_QuNGC0Ywg0LIg0JzQuNC90YHQutC1INC00L4gMTAwINGC0YvRgdGP0Ycg0LTQvtC70LvQsNGA0L7QsiAKM9CY0Lcg0JzQvtGB0LrQstGLINCyINCc0LjQvdGB0Log0L_QtdGA0LXRgdGC0LDQu9C4INC70LXRgtCw0YLRjCDRgdCw0LzQvtC70LXRgtGLLiDQmCDQtNC10LvQviDQvdC1INCyINGB0LDQvdC60YbQuNGP0YUgCjPQp9Cw0YHRgtGL0LUg0L_QvtC70L7QvNC60Lgg0L_Qu9Cw0YHRgtC40LrQvtCy0YvRhSDQvtC60L7QvSAKM9Ce0L3Qu9Cw0LnQvS3Qv9C-0LvQutCwINGBINC_0L7Qv9GD0LvRj9GA0L3Ri9C80Lgg0LjRgdGC0L7RgNC40Y_QvNC4INC-INC70Y7QsdCy0LghINCS0L7RgdC10LzRjCDRgtGA0L7Qs9Cw0YLQtdC70YzQvdGL0YUg0L_RgNC-0LjQt9Cy0LXQtNC10L3QuNC5INC-0YIg0JzQotChINCa0L3QuNCz0LggCjPCq9Cf0L7RgdC70LDQsdC70LXQvdC40LUg0YHRgtGD0LvQsMK7INC4INC90LUg0YLQvtC70YzQutC-LiDQmtCw0Log0L_QvtC90Y_RgtGMLCDRh9GC0L4g0YMg0LLQsNGBINGI0YLQsNC80LwgwqvQlNC10LvRjNGC0LDCuyDQutC-0YDQvtC90LDQstC40YDRg9GB0LAgCg%3D%3D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

7f7b4f9e7141aaaba44ebcd6f9fff7bc6c8606453be4fdd48c3b4c540df659d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 02:10:52 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1635905452744164-1146992411881197486000328-production-app-host-man-pcode-126
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://telegraf.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 03 Nov 2021 02:10:52 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/239538/getBulk/ 13 KB
4 KB 457ms
361ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/239538/getBulk/v2?dl=https%3A%2F%2Ftelegraf.by%2F&date=2021-11-03T02%3A10%3A52.621%2B00%3A00&pd=3&pdh=1200&pdw=1600&pr1=339473252&pr=3598515673&prr=&pv=2&pw=3&extid_loader=&extid_tag_loader=telegraf.by&ylv=0.47201&ybv=0.47201&ytt=53326314211349&is-turbo=0&skip-token=&ad-session-id=4033131635905452616&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1110%2C%22h%22%3A0%2C%22width%22%3A1110%2C%22height%22%3A120%2C%22visible%22%3A1%2C%22left%22%3A245%2C%22top%22%3A1015%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=47201&availableWidth=1110&availableHeight=0&p1=cnimm&p2=y&slotNumber=3&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=445694%2C0%2C10%3B440126%2C0%2C54%3B445392%2C0%2C16%3B445570%2C0%2C51%3B447099%2C0%2C39%3B436280%2C0%2C54%3B400734%2C0%2C32%3B420775%2C0%2C5%3B444596%2C0%2C38%3B434215%2C0%2C82%3B444618%2C0%2C27%3B447023%2C0%2C62%3B444916%2C0%2C68%3B440492%2C0%2C65&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22444972%22%2C%22testId%22%3A%22446544%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22445452%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22445452%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445452%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22445452%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22IGNORE_DESIRED_BITRATE_INAPP%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445694%22%7D%5D%2C%22SMART_BANNER_HIDEABLE_BUTTONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22440126%22%7D%5D%2C%22COMBO_INPAGE_LOAD_MODULE_DIRECT_REVERSE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22445392%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445570%22%7D%5D%2C%22MBVER%22%3A%5B%7B%22value%22%3A44797%2C%22testId%22%3A%22445570%22%7D%5D%2C%22BANNER_DIRECT_LOADING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22447099%22%7D%5D%2C%22WIDGET_Z_INDEX%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436280%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22BRAKE_POINTS%22%3A%5B%7B%22value%22%3A%7B%22loaderInit%22%3A200%7D%2C%22testId%22%3A%22420775%22%7D%5D%2C%22BRAKE_POINTS_STAT_ID%22%3A%5B%7B%22value%22%3A9992%2C%22testId%22%3A%22420775%22%7D%5D%2C%22BRAKE_POINTS_DOMAINS%22%3A%5B%7B%22value%22%3A%5B%22yandex.ru%2Fpogoda%22%2C%22yandex.ru%2Fvideo%22%2C%22yandex.ru%2Fimages%22%2C%22zen.yandex.ru%22%2C%22ficbook.net%22%2C%22gismeteo.ru%22%2C%22ok.ru%22%2C%22ria.ru%22%2C%22pikabu.ru%22%2C%22drive2.ru%22%2C%22auto.ru%22%2C%22lenta.ru%22%2C%22rambler.ru%22%5D%2C%22testId%22%3A%22420775%22%7D%5D%2C%22BANNER_SURVEY_ID_NUMBER%22%3A%5B%7B%22value%22%3A4%2C%22testId%22%3A%22444596%22%7D%2C%7B%22value%22%3A1%2C%22testId%22%3A%22444618%22%7D%5D%2C%22BANNER_SURVEY_PROBABILITY%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22444596%22%7D%2C%7B%22value%22%3A0.15%2C%22testId%22%3A%22444618%22%7D%5D%2C%22POSTER_COLLECTION%22%3A%5B%7B%22value%22%3A%22exp-icon-2%22%2C%22testId%22%3A%22434215%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2247143%22%2C%22testId%22%3A%22447023%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=BFPpjLR3%2FgKq6qtIjtoph9UduQW5OYI%2Ffko8yo8US2C8Uz7zTuo0Np%2BlYyzHvjqH9mrZ8fX0yynfcZCQnkNYKeKgiI4%3D&grab-orig-len=1936&grab=dNCd0L7QstC-0YHRgtC4INCR0LXQu9Cw0YDRg9GB0Lgg0Lgg0LzQuNGA0LAg0YHQtdCz0L7QtNC90Y86INC_0L7RgdC70LXQtNC90LjQtSDQvdC-0LLQvtGB0YLQuCDRh9Cw0YHQsCAtIFRlbGVncmFmLmJ5CjJHb29nbGUg0LfQsNCx0LvQvtC60LjRgNC-0LLQsNC7INC_0L7Rh9GC0YMg0LggWW91dHViZS3QutCw0L3QsNC7INCh0LvQtdC00YHRgtCy0LXQvdC90L7Qs9C-INC60L7QvNC40YLQtdGC0LAg0JHQtdC70LDRgNGD0YHQuC4g0JrQsNC6INC-0LHRitGP0YHQvdC40Ls_IAoz0JLRiyDQt9Cw0L3QuNC80LDQtdGC0LXRgdGMINGE0LjRgtC90LXRgdC-0Lwg0LjQu9C4INC60LDRh9Cw0LXRgtC10YHRjCDQsiDQutGA0L7RgdGB0L7QstC60LDRhT8g0KfQuNGC0LDQudGC0LUsINC_0L7Rh9C10LzRgyDRjdGC0L4g0L3QtdC_0YDQsNCy0LjQu9GM0L3Qvi4g0Jgg0LrQsNC6INCy0YvQsdGA0LDRgtGMINC_0L7QtNGF0L7QtNGP0YnRg9GOINC-0LHRg9Cy0Ywg0LTQu9GPINGB0L_QvtGA0YLQsCAKM9CT0LXQvdC_0YDQvtC60YPRgNCw0YLRg9GA0LAg0L_QvtGC0YDQtdCx0L7QstCw0LvQsCDQv9GA0LjQt9C90LDRgtGMINGN0LrRgdGC0YDQtdC80LjRgdGC0YHQutC40YUgwqvQutC40LHQtdGALdC_0LDRgNGC0LjQt9Cw0L3CuyDRgtC10YDRgNC-0YDQuNGB0YLQsNC80LguINCt0YLQviDQutCw0Lo_IAoz0JIg0JHQtdC70LDRgNGD0YHRjCDQstC10YDQvdGD0YLRjNGB0Y8gU2tvZGEg0LggTml2ZWE_INCn0YLQviDQuNC30LLQtdGB0YLQvdC-IAoz0JXRgdGC0Ywg0LTQsNC20LUg0YLRgNC10YXRjdGC0LDQttC90YvQuS4g0JPQu9GP0L3Rg9C70LgsINC60LDQutC40LUg0LTQvtC80LAg0YEg0YPQtNC-0LHRgdGC0LLQsNC80Lgg0LzQvtC20L3QviDQutGD0L_QuNGC0Ywg0LIg0JzQuNC90YHQutC1INC00L4gMTAwINGC0YvRgdGP0Ycg0LTQvtC70LvQsNGA0L7QsiAKM9CY0Lcg0JzQvtGB0LrQstGLINCyINCc0LjQvdGB0Log0L_QtdGA0LXRgdGC0LDQu9C4INC70LXRgtCw0YLRjCDRgdCw0LzQvtC70LXRgtGLLiDQmCDQtNC10LvQviDQvdC1INCyINGB0LDQvdC60YbQuNGP0YUgCjPQp9Cw0YHRgtGL0LUg0L_QvtC70L7QvNC60Lgg0L_Qu9Cw0YHRgtC40LrQvtCy0YvRhSDQvtC60L7QvSAKM9Ce0L3Qu9Cw0LnQvS3Qv9C-0LvQutCwINGBINC_0L7Qv9GD0LvRj9GA0L3Ri9C80Lgg0LjRgdGC0L7RgNC40Y_QvNC4INC-INC70Y7QsdCy0LghINCS0L7RgdC10LzRjCDRgtGA0L7Qs9Cw0YLQtdC70YzQvdGL0YUg0L_RgNC-0LjQt9Cy0LXQtNC10L3QuNC5INC-0YIg0JzQotChINCa0L3QuNCz0LggCjPCq9Cf0L7RgdC70LDQsdC70LXQvdC40LUg0YHRgtGD0LvQsMK7INC4INC90LUg0YLQvtC70YzQutC-LiDQmtCw0Log0L_QvtC90Y_RgtGMLCDRh9GC0L4g0YMg0LLQsNGBINGI0YLQsNC80LwgwqvQlNC10LvRjNGC0LDCuyDQutC-0YDQvtC90LDQstC40YDRg9GB0LAgCg%3D%3D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8d549660d05ce0f98995c6bcfb81de8587ac0d05b0173c2853d47effdd1eee47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:53 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 02:10:53 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1635905452787931-338070221928042222300321-production-app-host-vla-pcode-109
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://telegraf.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 03 Nov 2021 02:10:53 GMT

GET
H2 200 5432531bf215f40cefb6.js Show response
yastatic.net/partner-code-bundles/47201/ 624 KB
126 KB 116ms
70ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/47201/5432531bf215f40cefb6.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e11b0616e2b3c3eac9f4dfb96e103d54c81d3ecb01013196ec799ff4011690d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://telegraf.by/
Origin: https://telegraf.by
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 128696
last-modified: Tue, 02 Nov 2021 15:53:27 GMT
server: nginx/1.17.9
etag: "3b3a595ae8f82ae7cd6510866faec62e"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2051 08:42:05 GMT

GET
H2 200 bae979fe64fe1037cf4f.js Show response
yastatic.net/partner-code-bundles/47201/ 338 KB
62 KB 145ms
100ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/47201/bae979fe64fe1037cf4f.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

8c3511734130f799785ad87b747687b7e907a8221fa8244c79c7997af5d788c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://telegraf.by/
Origin: https://telegraf.by
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 62628
last-modified: Tue, 02 Nov 2021 15:53:27 GMT
server: nginx/1.17.9
etag: "62a38af1e354325d73a1199620acde7f"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2051 08:42:05 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9445.pQdSr6YOC8rxfmWI49fe7KzBEPHi_6uHNwwoTIxCS2w_1ED1pK7dvci3v37ho-SV.TA7KYtIJNzgN99BHvuQu5f0HPw4%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9445.I9R8myrKuqS71TCM6UQiZ6tE8nNJCcISa4fRcxBnzsziOljwDF9T5LowIWCuHQqMK3py5EIJrkdKWHN_kcNqJA%2C%2C.rbv2c8-YB0w6GsaemLIYpWByvUs%2C

75 B
75 B

46ms
46ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9445.I9R8myrKuqS71TCM6UQiZ6tE8nNJCcISa4fRcxBnzsziOljwDF9T5LowIWCuHQqMK3py5EIJrkdKWHN_kcNqJA%2C%2C.rbv2c8-YB0w6GsaemLIYpWByvUs%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9445.I9R8myrKuqS71TCM6UQiZ6tE8nNJCcISa4fRcxBnzsziOljwDF9T5LowIWCuHQqMK3py5EIJrkdKWHN_kcNqJA%2C%2C.rbv2c8-YB0w6GsaemLIYpWByvUs%2C
date: Wed, 03 Nov 2021 02:10:52 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 50ms
46ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif?t=ti(4)

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:52 GMT
last-modified: Tue, 02 Nov 2021 12:32:57 GMT
etag: "618105c9-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 03 Nov 2021 03:10:52 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/1661897/
Redirect Chain

https://mc.yandex.com/watch/1661897?wmode=7&page-url=https%3A%2F%2Ftelegraf.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwin74n%3Afp%3A364%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-...
https://mc.yandex.com/watch/1661897/1?wmode=7&page-url=https%3A%2F%2Ftelegraf.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwin74n%3Afp%3A364%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...

383 B
492 B

46ms
46ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1661897/1?wmode=7&page-url=https%3A%2F%2Ftelegraf.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwin74n%3Afp%3A364%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A0%3Als%3A221073879832%3Ahid%3A167399804%3Az%3A0%3Ai%3A202111030201052%3Aet%3A1635905453%3Ac%3A1%3Arn%3A641901262%3Arqn%3A1%3Au%3A1635905453347128054%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1635905451923%3Ads%3A0%2C20%2C106%2C41%2C35%2C0%2C%2C179%2C0%2C463%2C463%2C2%2C345%3Adsn%3A0%2C20%2C106%2C41%2C34%2C0%2C%2C139%2C0%2C463%2C463%2C2%2C345%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1635905453%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%3A%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D1%87%D0%B0%D1%81%D0%B0%20-%20Telegraf.by&t=gdpr%2814%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d57310a8fc3a69ef0e68e764c92f847e3f455ef80c071984899f6bdc5092cedc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 03-Nov-2021 02:10:52 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://telegraf.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 383
x-xss-protection: 1; mode=block
expires: Wed, 03-Nov-2021 02:10:52 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:52 GMT
last-modified: Wed, 03-Nov-2021 02:10:52 GMT
location: /watch/1661897/1?wmode=7&page-url=https%3A%2F%2Ftelegraf.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwin74n%3Afp%3A364%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A0%3Als%3A221073879832%3Ahid%3A167399804%3Az%3A0%3Ai%3A202111030201052%3Aet%3A1635905453%3Ac%3A1%3Arn%3A641901262%3Arqn%3A1%3Au%3A1635905453347128054%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1635905451923%3Ads%3A0%2C20%2C106%2C41%2C35%2C0%2C%2C179%2C0%2C463%2C463%2C2%2C345%3Adsn%3A0%2C20%2C106%2C41%2C34%2C0%2C%2C139%2C0%2C463%2C463%2C2%2C345%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1635905453%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%3A%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D1%87%D0%B0%D1%81%D0%B0%20-%20Telegraf.by&t=gdpr%2814%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://telegraf.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 03-Nov-2021 02:10:52 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/1661897/ 43 B
73 B 46ms
46ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1661897/1?page-url=https%3A%2F%2Ftelegraf.by%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwin74n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A1%3Als%3A221073879832%3Ahid%3A167399804%3Az%3A0%3Ai%3A202111030201052%3Aet%3A1635905453%3Ac%3A1%3Arn%3A627107611%3Arqn%3A2%3Au%3A1635905453347128054%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1635905451923%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1635905453&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegraf.by/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:52 GMT
last-modified: Wed, 03-Nov-2021 02:10:52 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://telegraf.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Nov-2021 02:10:52 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 475E 80 KB
27 KB 53ms
27ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2601de99d171f4eb71a0dfa4c118703fd889e63fa6eacb00245eadc3fb30686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1032 / 244 of 1000 / last-modified: 1635890752"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27255
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 03 Nov 2021 02:10:53 GMT

GET
H2 204 event
ads.adfox.ru/239538/ 0
230 B 207ms
72ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/239538/event?hash=8abb79d0282dfa24&pm=bmo&pxo=rtlD2fk7bQ7E17cSAWG1kKijPvbOTJUcbqHIwx3I-lUnu5Ct3ny3lI_urp6hPIqalzTVxwbnXVF86pJDy06t2TyfcueAE602bvHT6MaVGnyLN9CKP4mHnbKmf7DH5_shAyRQK-9Kx7DlYNY9BmGTPdTOhFsn5Aydp8NBYFFGfWvoXBU2&p5=fxybz&rand=kkkjgrn&sj=OubdkeMQRnqn0pQYT4D8IrgpYMZZ67TDALjj1J3HCmVcO66p3kO2zIA8wwcmuw%3D%3D&ad-session-id=4033131635905452616&lts=fhrwcmm&ytt=53326314211349&ybv=0.47201&ylv=0.47201&dl=https%3A%2F%2Ftelegraf.by%2F&pr=lqwqiaz&p1=cnhpl&rqs=rDd87Y7sEias74Fh6hRUJrCWqr-Apqbw&rtb-si=b&p2=y

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Nov 2021 02:10:53 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 pubads_impl_2021110101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 475E 350 KB
119 KB 78ms
15ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063401

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

70fedf5fb986e73167530f1acf001c1cfc07af1e0c21c4607513ad3356a8a078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120683
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 08:35:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 03 Nov 2021 02:10:53 GMT

POST
H2 200 jstracer Show response
an.yandex.ru/ 2 B
262 B 153ms
62ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jstracer

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegraf.by/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 3FC3 80 KB
27 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

380a57c5673f7ca35f09c78eef2a80e7f4e52a8481503a96a7f92d55942ad55c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1032 / 428 of 1000 / last-modified: 1635890704"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27276
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 03 Nov 2021 02:10:53 GMT

GET
H2 204 event
ads.adfox.ru/239538/ 0
18 B 115ms
73ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/239538/event?hash=7ec481bfabf80a7b&pm=bmo&pxo=zJlB5a2BoFScoWTJdY_uqb3naaRc76ysFFUowcvFtpDzu2-DW-Gfz6jFORaYbwas1CBDnZUTKDQr7-d4DghAo98TfeWzfn-XO0YZW2M91srBBEhkneOQbXyrsmgYVb1xNwI-HXdwZFOtV8r01kQPACFA7BUuvkDU1K_7TENmA1kDHq9K&p5=fxybz&rand=geeqwba&sj=VT2_yxG1hvzHwrHxEGzctd6L-PbNwtZoB3XbyNNlupfE6QDYfNmN2MNRmHegYQ%3D%3D&ad-session-id=4033131635905452616&lts=fhrwcmm&ytt=53326314211349&ybv=0.47201&ylv=0.47201&dl=https%3A%2F%2Ftelegraf.by%2F&pr=lqwqiaz&p1=cnimm&rqs=rENMp5iBKjSs74FhEIVZ322_Addt7sSB&rtb-si=b&p2=y

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Nov 2021 02:10:53 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 pubads_impl_2021102801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 3FC3 350 KB
118 KB 18ms
18ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

d5b83174b14c8fb07a6cfc17abbc860e726a23b84f724c468049c73e1e8d7cba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120786
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 08:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 03 Nov 2021 02:10:53 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 475E 107 B
792 B 39ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=telegraf.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 02:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 475E 107 B
549 B 39ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=telegraf.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 02:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 475E 16 KB
9 KB 308ms
308ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1807147885826779&correlator=4064751549849641&output=ldjh&impl=fifs&eid=31060838%2C31063334%2C31063401%2C31060890%2C31061166&vrg=2021110101&ptt=17&sc=1&sfv=1-0-38&ecs=20211103&iu_parts=21857590943%3A22569513837%2Ctelegraf__for_dm%2Cdesktop_100x90&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&cust_params=DM_test_UPR%3Dbid_0.39&cookie_enabled=1&cdm=telegraf.by&bc=31&abxe=1&lmt=1635905453&dt=1635905453212&dlt=1635905452995&idt=195&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=2&adxs=315&adys=51&adks=2734954319&ucis=qn081jp01xg9&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Ftelegraf.by%2F&top=https%3A%2F%2Ftelegraf.by%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x-1&ga_vid=1048830621.1635905452&ga_sid=1635905453&ga_hid=611957969&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

9576c7428672952e86208b6269eff0bfa43544702120c7ea4f109e2c441b3525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9161
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://telegraf.by
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 475E 12 KB
10 KB 42ms
18ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee65dd37a0311a7ff95c482b6cb3b7d1d439e052d35fc13cf3732f1065ff4cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 02:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9361
x-xss-protection: 0

GET
H2 200 container.html Show response
a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3D39 6 KB
4 KB 68ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 03 Nov 2021 02:10:53 GMT
expires: Thu, 03 Nov 2022 02:10:53 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3FC3 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=telegraf.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 02:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3FC3 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=telegraf.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 02:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3FC3 20 KB
9 KB 384ms
383ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3687837761430136&correlator=3858648950705088&output=ldjh&impl=fifs&eid=31063280&vrg=2021102801&ptt=17&sc=1&sfv=1-0-38&ecs=20211103&iu_parts=21857590943%3A22569513837%2Ctelegraf__for_dm%2Cdesktop_100x90%2C120_main_middle&enc_prev_ius=%2F0%2F1%2F2%2F%2F3&prev_iu_szs=980x120&cust_params=DM_test_UPR%3Dbid_0.68&cookie_enabled=1&cdm=telegraf.by&bc=31&abxe=1&lmt=1635905453&dt=1635905453265&dlt=1635905453088&idt=162&ea=0&frm=23&biw=1600&bih=1200&isw=980&ish=120&oid=2&adxs=310&adys=1015&adks=3912092229&ucis=hjvlazi3jbru&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Ftelegraf.by%2F&top=https%3A%2F%2Ftelegraf.by%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x120&msz=980x-1&ga_vid=1048830621.1635905452&ga_sid=1635905453&ga_hid=89374819&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

c4d58719b0165ddc44fdad63f14ab18d21547b66dc0fa5785135f8f1c6a8cfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9473
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://telegraf.by
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3FC3 12 KB
9 KB 21ms
20ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc6646558aa82ce8e89ac33e83de30f4f2f3050a7e49a842355dd63e3ba28187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 02:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9203
x-xss-protection: 0

GET
H2 200 container.html Show response
21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C847 6 KB
3 KB 46ms
18ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 03 Nov 2021 02:10:53 GMT
expires: Thu, 03 Nov 2022 02:10:53 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 475E 17 KB
7 KB 40ms
16ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 03 Nov 2021 02:10:53 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3FC3 17 KB
6 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 03 Nov 2021 02:10:53 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5FDB 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 02 Nov 2021 21:29:33 GMT
expires: Wed, 02 Nov 2022 21:29:33 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16880
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C9C8 12 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 02 Nov 2021 21:29:33 GMT
expires: Wed, 02 Nov 2022 21:29:33 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16880
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9913 783 B
1 KB 43ms
19ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9ec40a94bc91d36bc5badadb1740ccdcc084b6003499ffff5be390ba623ec713

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-y78QoJLAUvHgMIJVqvSW7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 03 Nov 2021 02:10:53 GMT
date: Wed, 03 Nov 2021 02:10:53 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-y78QoJLAUvHgMIJVqvSW7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js Show response
pagead2.googlesyndication.com/bg/ Frame 5FDB 35 KB
14 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6292b24f4cc9e6bb52159276bf8a5d01ad441d209fd0da03ffca3ac44cc494c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13471
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 21:11:56 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9913 0
0 37ms
19ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021102801&jk=3687837761430136&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js Show response
pagead2.googlesyndication.com/bg/ Frame C9C8 35 KB
13 KB 29ms
11ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6292b24f4cc9e6bb52159276bf8a5d01ad441d209fd0da03ffca3ac44cc494c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13471
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 21:11:56 GMT

GET
H2 200 container.html Show response
a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 93F8 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 03 Nov 2021 02:10:53 GMT
expires: Thu, 03 Nov 2022 02:10:53 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 event
ads.adfox.ru/239538/ 0
18 B 58ms
58ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/239538/event?hash=9396e0c75a420d41&pm=bmu&pxo=rtlD2fk7bQ7E17cSAWG1kKijPvbOTJUcbqHIwx3I-lUnu5Ct3ny3lI_urp6hPIqalzTVxwbnXVF86pJDy06t2TyfcueAE602bvHT6MaVGnyLN9CKP4mHnbKmf7DH5_shAyRQK-9Kx7DlYNY9BmGTPdTOhFsn5Aydp8NBYFFGfWvoXBU2&p5=fxybz&rand=dmmsapu&sj=OubdkeMQRnqn0pQYT4D8IrgpYMZZ67TDALjj1J3HCmVcO66p3kO2zIA8wwcmuw%3D%3D&ad-session-id=4033131635905452616&lts=fhrwcmm&ytt=53326314211349&ybv=0.47201&ylv=0.47201&dl=https%3A%2F%2Ftelegraf.by%2F&pr=lqwqiaz&p1=cnhpl&rqs=rDd87Y7sEias74Fh6hRUJrCWqr-Apqbw&rtb-si=b&p2=y&resp-time=549

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Nov 2021 02:10:53 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D2CF 624 B
974 B 44ms
19ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhiQ5YScATAB&v=APEucNWQswFuOcDOy_84nkIqCRng3d7myEXzO9ePKTXJ_1GE6dPXutIKq1QCunyu4d7UKDKXyqkh8W_A98B-opu3SCuZXc1uJKqXmRFIzOM-oYO4IB2sW2AVWe4hVuj7z3Yxmm-shw9eorNwNiLlf8-1ikgwOr0hKkNJV4Iatne8zh1QdqT2Vqj5dSy_5yE6TC5VJh64dbfuCjsrsgyle6JhNS0koA4f8A

Requested by

Host: a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com
URL: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 03 Nov 2021 02:10:53 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 03 Nov 2021 02:10:53 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 93F8 30 KB
16 KB 62ms
38ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCf233KVfwEBpxOwOQu7w1-HC8-yaGQAkO8Ttf8o600MoLgi-VdGy_5cxcQufoK30xpLMk7QKwStTCYnvySLPWVvWkkWSsju5vegapgyBisPs7H-QMQ-d7ry2OqXfkWmeQYAvrBZmlJm6K94xtoyXiR9A9bA&dbm_d=AKAmf-AIUXEjjx1SnwdJOB6vjGwMMirUtrFbQzu6YijwcZ2qZSL1afwN5PW8pAOJ9UZzODkM0dFFdVXL5Z2tpH1Th2Rn5VvJyjwXIOvwj114DWWaByA_aP6-4CJIb8TxUkY9--yEFH6va4WDH1ZyhwKBX3iSs2xwflgcq9RZJq369N27I4o6U2r-DCkTOvER00eMx0gxhxv5c7zTASQDSSewdLib21thpmFFYTqJLR6UYt_DDDU7EZ_F_0-9f4Bd7taBzC1GgGUZsCfAdMyVPJndPWZLzRuKkWm8Wc9yYeBk2z42LzXGbZl2-qcvzQ3rRzcZ8oSLhl-mo1cEqxjoxcUkQO9Mg3zS8KACNuLNbHhVsV03mcZZ8n5TFITIICK0_ptO7O_f996snQXrfeHz95CdwZAUuT1QN5-Jkdud7QiJIZiug7LqgD9ilVSF7nQyVhDsMsu1zSjpYkinoseYcT5skm6DmXgkWnX9SyhZYbFWxEJbDoMygc5tm8ovCFU7oZ9MOZ7ZzADLUxzSht_b22QCdCtPnqhU0DvLdp0ZpqWG6paoRGO1cneoXDQ8Fmi7W6YAosU5qljrWWOFI9u24E1LVKqkF6sGWYQNYEXwzfYmUg4tjLmK4eUZI2wczrx_rnr0BnKX1nf-3KSPxfmE6ZyJYjUvX0nlbb0G_y0cxS3qeZ5nxm2TFigfWUIIhGW9Ms9gzmaVGS7nL5zWG2ugRpz9kEUOGxf1i43Urq7w5Kj0svRGkJut6LG7qcANp5n1Ff8r-nolz3xDKUh5C7csyWHebugoJyqdxwO62Zv4JRgr8z_hgYcaUFQy3Wi23JC6OWCtpVQ3iseR-JCcm0x3WRkhDiKpASr0f5de7OHu7almuKSLryOxvN4Wb3rZaWxJHF9KbDqtZqvRSXUAKEMC4R_TT8uSJIsRd0mvXsbiFwO5swvBJ2HBMjaXYf4zFKyiUBEDURioK7CdOsbQI-c1tY_6OboFAPjNP2XCkfFwkZFs8vvh_wxmJkAEZ6gUP6m-aIRaDV3SMN9-6B55NFbnSEM0-uQyng4xkkTnD8pqYBRWytM_GOhnvG6aAXfkpIDvEX3OOihbEOqG0mYJXsB6VG-fIKxOlAS9Zg3_WJIkp2HJH2BrqFZpVMFHRbI8TKApdJp-swZo28gFL6PXjnNZO4RN6QGWVVZkWZ3pk6N4_7Y00QcG7-8bkNVblqfqjwHgkvU6M_SQ5P1V80y1g6WcwoP0d1Bju0tvQfm5maL860SjbxwBCvMNgJhQcNHD9nt2kFiPyAhu4O3JdgCaHJHLeTqP_DSMJv5_1XBKtOAmAtH4TTPvnZ8vhG8MvgjA3h8N0cjY7Z4zKkcc9ys4zipv8xVu-vLemL4ksOjxwMaapS9e71dRiX4monuYbuX5yr-EZo5Q7-0qxZsUGn8HJdgX9ioLYl4qmrLtdSAdWOlS6sGgsp8kIIFe3a7YVLG0AvHurDp5cYMPEYr-m48Oo-PIETz1Gaebn2F75Il24nxP2DIvtz9pcjouD8vJbrhDzDdHRki-vQSzzhZqhgIoMPDRVglqbAB_gekatw-97XWXBVN3hb11t71lrcIoZArOACNUWXtdsF1S1Z6hXAz9EZznmTaCAF3TJy7j7yVv47cDiJmX9jokQyaDehtOhhO915NwDR7bYssxxcvLMm8vY4d2kTZG43lHWISx-QhVo7DS5Mi_caJk7E_VymKK2GZvzSj3rvbWt4vA0Xmd5IApbi44-WSdhbJria2CO5OurilnQK68ZEiPEf3LSccSYIymvwcEio5YpkSLTOU_nRh23mqY2kVlToyX0XkWYof0uF8vgdUf4mhpEvOODNbl2UauXQ8I_fgXOZ080DJdSROlk9Mg_gxhYx0U6esj0fTkTmk4ZumBX8XeOnYQNyd2cx97oQzJfMDeG-jpi8D49Dhr48JY7F4l96d4XL-Ibyie1vaXNrrGdriTsnbLchVwzNC8_IrZdbHywGqhqY489w77YgVyq7zN9rag1A9af9GUSa7NSWfJTCPB4wp-ZnW2fhnxy-AtbAyglBfj1_Vzp6bujXqlnpMlvVILeVE-Z3yax-8uqEPq4y-HL8vfj1aT661ShhKUTIRlTTNrQ6vVOzUrMVq5yxa81__qIm01DNlNJ9vN3S5Oq0ZLaOsNhXwxqUjgNiqaA0-pxprZhJvD_pRj7czLPRO_ZFu9I2Tli2nyVHv0GCPbhdAmqNYbsaqW1eqlzUxuHmTEmGK6iU6rXz8JOu-ydEo9HAzwDxER93sxtPJ9KLNaeP4ElEtUV-teivvvqf_cNRhB0fCv_qwmdL9LvNMkjbkFxeO4zBH1qtw41q1jKSAfQmB6ATGnqzBYqC7ozm7i9RskeIn-q9a8vifUjTU0ycG1LluJ0HkorJ2LQ1VduQXh6do0H0qmWAbtQ_4ayprMYpLGo_O75glc_byL9W2_XErIocFQi0jQs5huF9tkKWJHnwru5dnZo8Hw9_C9kJgxhnmIY3eAx2jqAeZgXLEsa3Kb2w3nGgZ8M4X3q_9odbcjE_jvB0yZ3jl9JeMa-BJ67ZfFbQi0vB6pf_d-lAdKRlkuSurl86JqCczZ9eRcMWw9-H-XezUchBr7joo7qeHLrQWNMfzo1-Iv2c5-N0WN4s1scsYj_ON5tGnABfszSaGz2WDo7G4jkoc2ZZjUu7na6ofM-_a7FJV9WGLvM7pQ9EJitFwycNfui4ROjLHD93DYJU6JkQ3ak0UMQB5JigShwFsqKU0pkG5z9L-yq86V-mwotLlR5BOVtpqdxF-L5ctrn91yjz9DbRDUTqEL-VYzmr26iNfZLO1clfZGPgMyWZSYx0CDI49eX6qxwO9Toa3l927OgEFaSLR8kkrosyLgXnOA6gsxlRJgG4OleYGYq8l9s93eqLjVgVXyXDVHKsct0zDrWn-cLh7Okr8Kz0MLaMBVtxmIzUtgJucqba1hCQNyZnkUSyHvga08Z6V9VJtPNP7bfb3fcNzsBaDFrvZ00vGbjQ6zxyZT8uOCOoKQXfuiRwXSN9fhh-HcvpOc1iPQON_vJhirDU_a74YUTRE__b-J8FdtQrEvVYyRz_QmddvWEH4cF0dMef6U57B2UIGbM3e_Y0yfTdYW2V08gCOuqU67JB-yI5xQEDz2_rNDORYDYyjzXWQg54ERVyG_a4auj1Sj4jsJNwhYqaOdgZQDhzIMjT6JzXyWvPpoReLZIkgheL930jY5A2RxMl_3bf13gBxsyKTvF7wxfavkrGcdP75dKZdY7iciKyLAiejGhNK54TUsikuaAbX3ETohY5iIxgUmTjPvTS2Nfp-YjdfALmTGmdWplCVpr89k9CDwnadiNbqi7B2EdQAI9CnBOa8-FNOItl1gKIFvfFDLnQQJTFEq_9wjSaXczgPcO1bO4LxCpwGE7TRLNSnG1k-HeCqmmYeONqsqpbcxSNSeNJdi7FGrJD5kTzqyJtqE2ID_ZWrlVgnIcTqJD-Ok9veIlX3k7DpXN-OxlMh6j3ivadOxXMwjvwOxDtIMingB9YggmGfFd-6LyQLXz7DJEm1BUUi1eEZWuczYgSmKn3owpgP3GkMb0_Zyq5AFxYSmPiSLfHl_t06AA4_AYx0aCftpOc8bDeQB0LlgnUbc0476d3_hFoQxM79jQgDuEgx1aIyac3EhQbBcxjaxR1_x39uQ2QZkeA7zOLO2EOOOdF-lqiHi6SiLbD_0d1sy&cid=CAASFeRoDOlMN0BG2m9rNzO11kzcVlNSXw&rfl=2%2Chttps%253A%252F%252Ftelegraf.by%242%2Chttps%253A%252F%252Ftelegraf.by%252F%240

Requested by

Host: telegraf.by
URL: https://telegraf.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1dfcd1999d00dd590fd3900cd0d29eeed07d7b939e9ee6ea133d5b69b50e671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16004
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 93F8 42 B
173 B 15ms
15ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C3pANigNUKWt2Y9nYVJtcS_4Rf976WD0kyj2dLpxK0fL3_yNHN4bHRUGfpqUkXpGGxebygINXHW7A3PSYgT5bf6oLLGkxk4adh-lGFEvK3rwH_jgI

Requested by

Host: a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com
URL: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 93F8 2 KB
2 KB 58ms
7ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=14526021&cmp=145089&plc=QN94gh&sid=45f3d18e47f96c&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0icJeDdRmre1UnCxhRvOLiM&DVP_DBM_1=1861733&DVP_DBM_2=15874974&DVP_DBM_3=42847708&DVP_DBM_4=327234192&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=17788910856&turl=https://telegraf.by/&DVP_PP_BUNDLE_ID=&dvregion=2&unit=970x250
Requested by: Host: a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com
URL: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 02:10:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 12:31:26 GMT
Server: Microsoft-IIS/10.0
ETag: "60d09d781a8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 93F8 8 KB
4 KB 58ms
8ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0icJeDdRmre1UnCxhRvOLiM&DVP_DBM_1=1861733&DVP_DBM_2=15874974&DVP_DBM_3=42847708&DVP_DBM_4=327234192&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=17788910856&turl=https://telegraf.by/&DVP_PP_BUNDLE_ID=
Requested by: Host: a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com
URL: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 02:10:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Oct 2021 15:58:26 GMT
Server: Microsoft-IIS/10.0
ETag: "0fda9262c5d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3288

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211029/r20110914/client/ Frame 93F8 3 KB
2 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211029/r20110914/client/window_focus_fy2019.js

Requested by

Host: a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com
URL: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 01:27:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Nov 2021 01:27:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 93F8 120 KB
37 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com
URL: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0253185a4cfd8a31fa015f856c47a032cf99a7aa4f528389965225dc4c150ff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37579
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635787520984751"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 03 Nov 2021 02:10:53 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211029/r20110914/client/ Frame 93F8 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211029/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com
URL: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 591
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6337
x-xss-protection: 0
server: cafe
etag: 7721474052657771746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Nov 2021 02:01:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 93F8 0
0 16ms
15ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQOMOkoW1wznnOtqAtWBcObwdt35JMP8OcYqCnUXonpvlZpVAgB3w48Lgg2Dtg21GWBDvk3Q03orlGLxwFUercBYTNhjA
Requested by: Host: a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com
URL: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3FC3 0
56 B 17ms
17ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021102801&jk=3687837761430136&bg=!dnWldTHNAAZzbWp4c207ACkAdvg8Wt7FolJzTu4m-WLBfW0Ba0vmtOViX1cZFWcB3wnU32QU06G3FwIAAAB8UgAAABRoAQeZAtT5817pFj4AIcJ1CBFFGiHFGbw15LMqfgbq48ijlbD9cjNItEnhXZCLUHF5f404-UYLOPeQ3CIru-OsChNNiyOYONuhgBJ9I8Hq-T6cXKw5DdRDFymA0ZjxdBbLfUfzsngU61rAtJSvZ5HvZcmfdFvW9tTZYNFx3pWzu7cEB2GKlFFOTdaqgN8YZiQ3thAmFvsHiPhKJIilDuDlaJiL-HJhYdxw9dHU7j6Dnr5eghTjsnDG1E6LHfuJpai-BLnMdNg8hz0IGwuJexpOYeFasjOUHorRf1FwhJ1DtQrEDWJyS3Fud_pYmImgSHdOHE-arCnd99Ax6I5Z7WCzMeQpRkgbRcRp6S04YjEcmN-m1jWR8vh3xds8xdHqggSmTatHOQm_R2MyTGI8-I4cf4sDAD-KStJIpCcM1fQQujuNEZBQv8Glr2sDw47_LXvTjAWprgQmUWIguiIiHBbTg8UyFpODwZlDE6uor7sN63fJn9IKPc2G9PKTL3JmFzOyE2v9h6mF1kPa6-_sNAofZ5KniLQRogMdZfy2qCP3qa8A7HxjiMJKoxpYXl0v13BiyKms1rCl5A1G1df-6v_ow902iNhMtlNIta5hmjIqSOkaE3wiX78TbohPoI1OwJ7z4faP7TNCoOR5yOybjF6Ej9TeUQLMLSO0IB2sfIyEoq3ZI25IFho3AhMz4Ibhg7iNWKAwnKMSjLC5oS8J8i9NJtu_G0GYMupvQ0tp-IdQM_sFyMiMFIZcfllvuB3ZyzDkuSWCLk3oyfMZ4yaH8MbLmlyLldxr-SbNrEnoPLGc-3iPXE5cZneIEYqWS3SY8ctA_9Edg2j4WMbEmhDW_tTQP2u0brIgaBLE6u_eIqquhonkPKLOHCh0Vutb8mixY9vU6oEwIHjB8xVDm-LGu_zoXfRvm5i9MgSXQUPh0Z_3IWPJQnV_rsy1ndyGS9JaN3708k4lCBcFhawl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 475E 0
56 B 17ms
17ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110101&jk=1807147885826779&bg=!MDOlM3fNAAZzbWp4c207ACkAdvg8WkCQ0VFuFgCdEU6Kz-ol8i_5oFLd5UEtxdlNuIH4ujxFMKqR7QIAAAClUgAAAA1oAQcKADOdjxouhtW90Feztd1z2SQCzytk55i4jxjWdzJuhKQElpS1A8KRLa8prgqwxA8BMYhxIj-ZAtmY2TYAmSGNvQLyKoABxYVx5Bgr7GuSGx98vEUzSV1gN66PdJg3a3dAkFOu6uau3rs7B6XujORjsyBjNjqeWhwKh150P15jz0PbvxED9spU4ATWyeB6k6Bzl2G-kiEATviGLcuTfcU1Wso1UOHfEKcpIUn9ULsR5s5cNsoXSf90wocOfIH8WWKahw3iIdxV-5gyloLoNNl_XC6byuDnrnBgnY2xOc4E2WCvDub6dEXwxepZXeoKnTXV6iiMhbGdYZao3sTHiytCsrPD-zqUgGAm4s8_5eNwjxZH4fSnKQIa6meIbcb4uqk7mK83HIHqLo0QvPv9u6pEzyANJHnZFFLHz8jlEm3B397WR0Mz_ZuAqJ3gi6JHTNlkuWjZ60bCAXHOvkXy_VZ3-48UxmczCn6ZWggPFau5X7vb5VM85iTkxD2kzJQjlhvodVYqhdYcD5s3fA3ImyuJbDFwdBewhcAzx9Cu7NzRQtC_85UDowR43QDAeR6_wQGEvNTqONMcJY1Madku0O1x1dqqs1N0sZ7FI8bp9_bDdnC8DM9NUH1xLPxKqv4mX-JTmk2-py-n3GVU159zHWfhs4Jo6mlywlK1xhfMq6OqM2x7nrnyCWqv-dW-KkdHcQY4J2Dslf4iH9j_fpEwmdswXl4-xTpXb_WTxjplnhQbyu9LWNo7n6BKmgvW9uY0YspljJeNB1JscPkEOIM3oMYSewkBNYCuEOYPFFUY7B0-k_b9EansDblBZKqQiPFAwbbROj6HoSpqY8sFxD4aef75JInxt8UDlAdo6tivWX_YRBbXic1KxVX7u-zVcP4btF77mysSqAjDrkahXkS_gvOB8MwVFyKFKGqfC5XjcXd2xSX33mZ4ur99e1d8nm84ARQBipRAT3yvth0zgVCX7gAsMU55NiqcZ-jp8kGmY4bNLk3kCi-M_o9_p0aUTZNIulgtngBfR85cPwnkl2ATLmSdqlE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D2CF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgUPxO4RTQQxpKCCJk03aI&google_cver=1

43 B
1014 B

20ms
20ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgUPxO4RTQQxpKCCJk03aI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhiQ5YScATAB&v=APEucNWQswFuOcDOy_84nkIqCRng3d7myEXzO9ePKTXJ_1GE6dPXutIKq1QCunyu4d7UKDKXyqkh8W_A98B-opu3SCuZXc1uJKqXmRFIzOM-oYO4IB2sW2AVWe4hVuj7z3Yxmm-shw9eorNwNiLlf8-1ikgwOr0hKkNJV4Iatne8zh1QdqT2Vqj5dSy_5yE6TC5VJh64dbfuCjsrsgyle6JhNS0koA4f8A
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 03 Nov 2021 02:10:53 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgUPxO4RTQQxpKCCJk03aI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D2CF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYHvrWLl1LS44juKsRzLyQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPc3dBZCj30bd6U1vIfnUEs&google_cver=1

43 B
894 B

16ms
16ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPc3dBZCj30bd6U1vIfnUEs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhiQ5YScATAB&v=APEucNWQswFuOcDOy_84nkIqCRng3d7myEXzO9ePKTXJ_1GE6dPXutIKq1QCunyu4d7UKDKXyqkh8W_A98B-opu3SCuZXc1uJKqXmRFIzOM-oYO4IB2sW2AVWe4hVuj7z3Yxmm-shw9eorNwNiLlf8-1ikgwOr0hKkNJV4Iatne8zh1QdqT2Vqj5dSy_5yE6TC5VJh64dbfuCjsrsgyle6JhNS0koA4f8A
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 03 Nov 2021 02:10:53 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPc3dBZCj30bd6U1vIfnUEs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame D2CF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENG4IYjfc6GXaAInaiQvhAE&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENG4IYjfc6GXaAInaiQvhAE%26google_cver%3D1

43 B
1 KB

15ms
13ms

Image
image/gif

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENG4IYjfc6GXaAInaiQvhAE%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhiQ5YScATAB&v=APEucNWQswFuOcDOy_84nkIqCRng3d7myEXzO9ePKTXJ_1GE6dPXutIKq1QCunyu4d7UKDKXyqkh8W_A98B-opu3SCuZXc1uJKqXmRFIzOM-oYO4IB2sW2AVWe4hVuj7z3Yxmm-shw9eorNwNiLlf8-1ikgwOr0hKkNJV4Iatne8zh1QdqT2Vqj5dSy_5yE6TC5VJh64dbfuCjsrsgyle6JhNS0koA4f8A

Protocol

HTTP/1.1

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:53 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e290cb71-8789-46ed-af20-daf0ffc7cffa
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:53 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a7b43c62-2aef-41d7-8243-bb4d05303c6f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENG4IYjfc6GXaAInaiQvhAE%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D2CF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg4OTE5ODMwODc4MzI0MjcwMQ%3D%3D

170 B
188 B

19ms
19ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg4OTE5ODMwODc4MzI0MjcwMQ%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:53 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5b1f4a1f-009d-4512-a0e3-bc55eaf4a529
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg4OTE5ODMwODc4MzI0MjcwMQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 container.html Show response
21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B079 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 03 Nov 2021 02:10:53 GMT
expires: Thu, 03 Nov 2022 02:10:53 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 event
ads.adfox.ru/239538/ 0
18 B 72ms
72ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/239538/event?hash=aacf487ea113179a&pm=bmu&pxo=zJlB5a2BoFScoWTJdY_uqb3naaRc76ysFFUowcvFtpDzu2-DW-Gfz6jFORaYbwas1CBDnZUTKDQr7-d4DghAo98TfeWzfn-XO0YZW2M91srBBEhkneOQbXyrsmgYVb1xNwI-HXdwZFOtV8r01kQPACFA7BUuvkDU1K_7TENmA1kDHq9K&p5=fxybz&rand=jqujtnh&sj=VT2_yxG1hvzHwrHxEGzctd6L-PbNwtZoB3XbyNNlupfE6QDYfNmN2MNRmHegYQ%3D%3D&ad-session-id=4033131635905452616&lts=fhrwcmm&ytt=53326314211349&ybv=0.47201&ylv=0.47201&dl=https%3A%2F%2Ftelegraf.by%2F&pr=lqwqiaz&p1=cnimm&rqs=rENMp5iBKjSs74FhEIVZ322_Addt7sSB&rtb-si=b&p2=y&resp-time=580

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Nov 2021 02:10:53 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211029/r20110914/ Frame 93F8 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211029/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCf233KVfwEBpxOwOQu7w1-HC8-yaGQAkO8Ttf8o600MoLgi-VdGy_5cxcQufoK30xpLMk7QKwStTCYnvySLPWVvWkkWSsju5vegapgyBisPs7H-QMQ-d7ry2OqXfkWmeQYAvrBZmlJm6K94xtoyXiR9A9bA&dbm_d=AKAmf-AIUXEjjx1SnwdJOB6vjGwMMirUtrFbQzu6YijwcZ2qZSL1afwN5PW8pAOJ9UZzODkM0dFFdVXL5Z2tpH1Th2Rn5VvJyjwXIOvwj114DWWaByA_aP6-4CJIb8TxUkY9--yEFH6va4WDH1ZyhwKBX3iSs2xwflgcq9RZJq369N27I4o6U2r-DCkTOvER00eMx0gxhxv5c7zTASQDSSewdLib21thpmFFYTqJLR6UYt_DDDU7EZ_F_0-9f4Bd7taBzC1GgGUZsCfAdMyVPJndPWZLzRuKkWm8Wc9yYeBk2z42LzXGbZl2-qcvzQ3rRzcZ8oSLhl-mo1cEqxjoxcUkQO9Mg3zS8KACNuLNbHhVsV03mcZZ8n5TFITIICK0_ptO7O_f996snQXrfeHz95CdwZAUuT1QN5-Jkdud7QiJIZiug7LqgD9ilVSF7nQyVhDsMsu1zSjpYkinoseYcT5skm6DmXgkWnX9SyhZYbFWxEJbDoMygc5tm8ovCFU7oZ9MOZ7ZzADLUxzSht_b22QCdCtPnqhU0DvLdp0ZpqWG6paoRGO1cneoXDQ8Fmi7W6YAosU5qljrWWOFI9u24E1LVKqkF6sGWYQNYEXwzfYmUg4tjLmK4eUZI2wczrx_rnr0BnKX1nf-3KSPxfmE6ZyJYjUvX0nlbb0G_y0cxS3qeZ5nxm2TFigfWUIIhGW9Ms9gzmaVGS7nL5zWG2ugRpz9kEUOGxf1i43Urq7w5Kj0svRGkJut6LG7qcANp5n1Ff8r-nolz3xDKUh5C7csyWHebugoJyqdxwO62Zv4JRgr8z_hgYcaUFQy3Wi23JC6OWCtpVQ3iseR-JCcm0x3WRkhDiKpASr0f5de7OHu7almuKSLryOxvN4Wb3rZaWxJHF9KbDqtZqvRSXUAKEMC4R_TT8uSJIsRd0mvXsbiFwO5swvBJ2HBMjaXYf4zFKyiUBEDURioK7CdOsbQI-c1tY_6OboFAPjNP2XCkfFwkZFs8vvh_wxmJkAEZ6gUP6m-aIRaDV3SMN9-6B55NFbnSEM0-uQyng4xkkTnD8pqYBRWytM_GOhnvG6aAXfkpIDvEX3OOihbEOqG0mYJXsB6VG-fIKxOlAS9Zg3_WJIkp2HJH2BrqFZpVMFHRbI8TKApdJp-swZo28gFL6PXjnNZO4RN6QGWVVZkWZ3pk6N4_7Y00QcG7-8bkNVblqfqjwHgkvU6M_SQ5P1V80y1g6WcwoP0d1Bju0tvQfm5maL860SjbxwBCvMNgJhQcNHD9nt2kFiPyAhu4O3JdgCaHJHLeTqP_DSMJv5_1XBKtOAmAtH4TTPvnZ8vhG8MvgjA3h8N0cjY7Z4zKkcc9ys4zipv8xVu-vLemL4ksOjxwMaapS9e71dRiX4monuYbuX5yr-EZo5Q7-0qxZsUGn8HJdgX9ioLYl4qmrLtdSAdWOlS6sGgsp8kIIFe3a7YVLG0AvHurDp5cYMPEYr-m48Oo-PIETz1Gaebn2F75Il24nxP2DIvtz9pcjouD8vJbrhDzDdHRki-vQSzzhZqhgIoMPDRVglqbAB_gekatw-97XWXBVN3hb11t71lrcIoZArOACNUWXtdsF1S1Z6hXAz9EZznmTaCAF3TJy7j7yVv47cDiJmX9jokQyaDehtOhhO915NwDR7bYssxxcvLMm8vY4d2kTZG43lHWISx-QhVo7DS5Mi_caJk7E_VymKK2GZvzSj3rvbWt4vA0Xmd5IApbi44-WSdhbJria2CO5OurilnQK68ZEiPEf3LSccSYIymvwcEio5YpkSLTOU_nRh23mqY2kVlToyX0XkWYof0uF8vgdUf4mhpEvOODNbl2UauXQ8I_fgXOZ080DJdSROlk9Mg_gxhYx0U6esj0fTkTmk4ZumBX8XeOnYQNyd2cx97oQzJfMDeG-jpi8D49Dhr48JY7F4l96d4XL-Ibyie1vaXNrrGdriTsnbLchVwzNC8_IrZdbHywGqhqY489w77YgVyq7zN9rag1A9af9GUSa7NSWfJTCPB4wp-ZnW2fhnxy-AtbAyglBfj1_Vzp6bujXqlnpMlvVILeVE-Z3yax-8uqEPq4y-HL8vfj1aT661ShhKUTIRlTTNrQ6vVOzUrMVq5yxa81__qIm01DNlNJ9vN3S5Oq0ZLaOsNhXwxqUjgNiqaA0-pxprZhJvD_pRj7czLPRO_ZFu9I2Tli2nyVHv0GCPbhdAmqNYbsaqW1eqlzUxuHmTEmGK6iU6rXz8JOu-ydEo9HAzwDxER93sxtPJ9KLNaeP4ElEtUV-teivvvqf_cNRhB0fCv_qwmdL9LvNMkjbkFxeO4zBH1qtw41q1jKSAfQmB6ATGnqzBYqC7ozm7i9RskeIn-q9a8vifUjTU0ycG1LluJ0HkorJ2LQ1VduQXh6do0H0qmWAbtQ_4ayprMYpLGo_O75glc_byL9W2_XErIocFQi0jQs5huF9tkKWJHnwru5dnZo8Hw9_C9kJgxhnmIY3eAx2jqAeZgXLEsa3Kb2w3nGgZ8M4X3q_9odbcjE_jvB0yZ3jl9JeMa-BJ67ZfFbQi0vB6pf_d-lAdKRlkuSurl86JqCczZ9eRcMWw9-H-XezUchBr7joo7qeHLrQWNMfzo1-Iv2c5-N0WN4s1scsYj_ON5tGnABfszSaGz2WDo7G4jkoc2ZZjUu7na6ofM-_a7FJV9WGLvM7pQ9EJitFwycNfui4ROjLHD93DYJU6JkQ3ak0UMQB5JigShwFsqKU0pkG5z9L-yq86V-mwotLlR5BOVtpqdxF-L5ctrn91yjz9DbRDUTqEL-VYzmr26iNfZLO1clfZGPgMyWZSYx0CDI49eX6qxwO9Toa3l927OgEFaSLR8kkrosyLgXnOA6gsxlRJgG4OleYGYq8l9s93eqLjVgVXyXDVHKsct0zDrWn-cLh7Okr8Kz0MLaMBVtxmIzUtgJucqba1hCQNyZnkUSyHvga08Z6V9VJtPNP7bfb3fcNzsBaDFrvZ00vGbjQ6zxyZT8uOCOoKQXfuiRwXSN9fhh-HcvpOc1iPQON_vJhirDU_a74YUTRE__b-J8FdtQrEvVYyRz_QmddvWEH4cF0dMef6U57B2UIGbM3e_Y0yfTdYW2V08gCOuqU67JB-yI5xQEDz2_rNDORYDYyjzXWQg54ERVyG_a4auj1Sj4jsJNwhYqaOdgZQDhzIMjT6JzXyWvPpoReLZIkgheL930jY5A2RxMl_3bf13gBxsyKTvF7wxfavkrGcdP75dKZdY7iciKyLAiejGhNK54TUsikuaAbX3ETohY5iIxgUmTjPvTS2Nfp-YjdfALmTGmdWplCVpr89k9CDwnadiNbqi7B2EdQAI9CnBOa8-FNOItl1gKIFvfFDLnQQJTFEq_9wjSaXczgPcO1bO4LxCpwGE7TRLNSnG1k-HeCqmmYeONqsqpbcxSNSeNJdi7FGrJD5kTzqyJtqE2ID_ZWrlVgnIcTqJD-Ok9veIlX3k7DpXN-OxlMh6j3ivadOxXMwjvwOxDtIMingB9YggmGfFd-6LyQLXz7DJEm1BUUi1eEZWuczYgSmKn3owpgP3GkMb0_Zyq5AFxYSmPiSLfHl_t06AA4_AYx0aCftpOc8bDeQB0LlgnUbc0476d3_hFoQxM79jQgDuEgx1aIyac3EhQbBcxjaxR1_x39uQ2QZkeA7zOLO2EOOOdF-lqiHi6SiLbD_0d1sy&cid=CAASFeRoDOlMN0BG2m9rNzO11kzcVlNSXw&rfl=2%2Chttps%253A%252F%252Ftelegraf.by%242%2Chttps%253A%252F%252Ftelegraf.by%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3daceec3bd97612d8a38ea069ba1d1fe9f8932c73888250c4027ad88c190bf2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 01:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9405
x-xss-protection: 0
server: cafe
etag: 9145933494120910982
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Nov 2021 01:07:30 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 93F8 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 01 Nov 2022 11:10:41 GMT

GET
H/1.1 200
OK /
d.agkn.com/pixel/10690/ Frame 93F8 43 B
648 B 61ms
9ms Image
image/gif 3.124.136.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/10690/?che=810784893&cmid=24601636&sid=4128031&pid=293327262&cgid=486512170&cid=144550147&aid=9533159&gdpr=&gdpr_consent=
Requested by: Host: a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com
URL: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.136.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-136-236.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:53 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8733 624 B
340 B 18ms
18ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhiMvIScATAB&v=APEucNXhBkBqpajSy-5KbMKsWK3aXKT4olvGHbQInfAE2NZBTrqjusJn9R-dLgnUYP4dYJXthN3RaoGYB4Xbt7Wxsrxj-T5Fnbevna6CkC6jB2Ko4jpCtOkAHsUGYxUNH7MhV8sHQ4Ztw4JWNKelk85QQS1BCG1eUB2W3qXjhv9Jl5qnesOjCLsjEe7xg-LGTi_c859rwhuOoxMFJYVsScDnynpjKX26Kg

Requested by

Host: telegraf.by
URL: https://telegraf.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 03 Nov 2021 02:10:53 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D575 31 KB
16 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4sgFwpkSTKCM2rjkcYZnOhvJBlKOIAcue42XSqAI9xsVKN4IXoz8H5rQtxZJHEY0KoX5k0cMisKuB6mYF653ML8ImBj5z2Du3cDqSkTk9HHLEY7c0RkWHXR4ZLtg9jKLCNS7meoSHs26UsUYu2-G-B4vyYA&dbm_d=AKAmf-DfZKM6xfLWKw9TOwP1Aiyv6YuuRHv-c0PH_4ONN9QOoaz4jr2DcfxJFxsHSAJvXLEsutQFNbSnt19VB-asPGpwkWgByHJA_4zYgbFUCWIVAY7fI11a4wy-GJKSpFqjkFy7eVYYzCKzYmr6Nvy1Y1FHyjusdpB0KGjFSH03AqWCuAqQDnZUipnENZFWVvYyrpUctC4u6Kn5rGR9_GMRIRdQ2L3Tk4Jb_LgMFczwWHmMHsa9IQCKW4yjdiGnBwkI2iK8zRc2pwtwfUWvPQWepsSLci4atfKG4Zd9WLvtUdK6gLoCiB8NXjmb0I0WQZT66a7hjlq0V9Ul2lzu2BwoF6rFc-CecSLqpJLEl_lvjiOSJhgoiDWRkf6gEA-RclJAux1HiIbXGW3CnEf6tCk1sqBM6o7XuJ4F7VTBEjLv7AtyNGVR0sKbf2gX-_okCxfgkRsFw3rOlINsxreQULIXMmQDHnOF7ptzwsFvwXm94LezGhxZZTyy5tvKbTka13WwLpyOYKMHPJDfugKNsdzU61Wng9n0K0j869Fu-ZCuaYhlrzT7iSkbKmF-7YgxxXi5_9RSONNnoOSZbhxd639BxWWeK8ZXLhHLRca9O19kslX1vLUC_Olhb_U2uwbOil8KXqMwDoB_xaB-XHEM-3fu3H3KWo08WFrjmnUJpq1mjpAnkQdaTzar6DDrH0ZcsiPSIgVpthVgmMIC-oXMHyQZ1HAPa4772Q78apWRvzqWROAq2k6_dtW_Tvu1kbzRPdkLhGoji2CzvUT3pZ5zYs7P9MZEHSeDjnHYTco59Vo-FwXDz9a5KDg9lkp-GLmtPe_xuI_lBYEgtOUneHligB48cULL89_l1uo7vB2YnChTXouykWm9bwQffAuSRgDKl2dM1wb3RcddW8LVV87QsZYUbc4fb3toj5Tlmwij4gCfON6u3xbHVoVVRduRv7CG1iGfk32F5effKNqj1rTdDONsPKm8xr4tmLp_gX6QtAct549swvuyky2Y9gG1UvmphO35hl7CJUs0vTCMqtm48gGu1CWAwMnNSaGlfbOs09yK1uf3nMh4Arviu-HwLahndvYFNMXGuJuR-u8sKCj3k5qDVx7oq8d5DP85CbJoWNFw1aiYPmsG6jifOF33tJ7HopO1xe9HDp7zR6WWz4uryr94ypYN0dyUAxq81aKYSbzXEFelSj7qXZ9mYDYLq-3m7nAcMbTmgTtZtGTJb4MAfMtdwZFbDeM-Bfvj21v3jH3heL4BYUW8yXoEocIeEU3qJPsTtgZn5qGzMgM0g4dBx32F9iCdbzC4B-tBiLLuPcDO1llTTaFnzAN0QX8wbCgq744aQ1I6TDhT0Pz1CNBYOpUyoPlT3k0TCy7-HeGKtKmRiYWQoHU-0WutnP-92Tp_TamQadkkAWJA-08ah6EFR52fHWOA3VfJAvKWdpn_rfm1Q_zJQj4I6J4HCZWmmm1JmdgINdVYjiZZRGgnUNQUTZPGRgrvMhBY-JtN5Xl6w3k3TCkvPUkHIQ7OSC0i6eRK2AOWktLQhsqEOiMs2-KPpssuOxx36A_cvKF3inKJJxnSBPfYduHz0p3e5ch-Blfz4TCxD8tSWvFX-W6LB1dchYwmIN8BY0pEZ6tsEmaFtOAjwdY4UO38xLUvUhLp1kLnT4FSbgYVAC4IAnaXjkiIocznqPGrj8rrjFcdA5wBrB23EWrxyTjwDRbMfKoM3Xa7Gz1EQlqOK2dI8BC7Qn4Ygf-5vhuCjxRUE5UeHjs0NIHSjHFstoRFZbXSwH2LolyIli48uvSNiFFYEc5D7oVXCM3acSLQvdOTS1YRMxGFS9gYsjLU36RD-HC0QlmaFhlzxjWzZg3LNpvIHN09Ot5r86uLqmgN7TuMRoTN9ox6i7JH087CpWd5GWYP5TQdgIVybGfJs6spWtmTywYDGEV66N9aKF9lEHyunpsBeZc_Akl9Aj0JQGDDYUbMTwE1UKzAuhRg3pq8VOM8QLSqztT4mPduLPagJRRNUnn-S5TIfVet4gT0uBYH-_qZ-OWzlXvcgdf4Xk4zwFHhe8_d27X7rsZlpgAMMJ-puiwh4KEPTAvwwnPVxZ4aFJelJJBz5hFzoyqquREt4dORaU3NHwOFzORxGYfi6Y35GiEGuIB7aZOuX8Pz8R5flG62IXK8xUbM3lJzwMm_QjnnCMFV0gEFUWtGE6KysYJKmO6TMV1EjgJzD1OP3vyXQvoI6tTXu7BPqMUhOrDjycYyj-IFkU4Iov051gYoLmOAnqORJaAd_KJaoz5WPftphjqffcjgl6FvX_pwey-OF9s4UIl7c34u5nvEWf1BLvdjCkjGH7QpNrE5VbAyD2fnUL7JbwNQTSLTjmbuMbtSvMP3e_Ct1NfEKX8-l9L8KCoL2YkpHFvqceUufejsc_edvnpoVsdRR-4OUG8hdBziT2HN6YxBIpK0KV0cnhDdedGhWEcCUMaDZDCcFAhWaaugbE0izT24Z_Ba4S5G4wzXxd9iqU3W7ypoizXNstYfU6YpVM4Enk3ia-OGC18wuuscmnW6mwvKkYJUVp_8AzkwLi05EXAMM-hrGzjY75QKQRepUmpkDvLLw0ssWlDm4ed2fn5RvwdG6AKUnb1T3vTb9dMaaak3nBy_vzHdmeA6Hv8glNQYRCj9AGW6C2zanS32ZtbifPiKwP7Wx-4i0yseKh8xlbiEkTq83De4qaOWHyhmplleEWU_KJZSwN-u3y1pJVJ1ckh1W3WkmP9qh29NPQiNwIQdAUMTbNYWm3J88mvpUBNTM33ZYep907EPuaaGXUyAF0o2KdnmEkb8qbsv_IOwxTA5VBZG6LHy4uiU7qiUb53s8nrQeO_r9-SmT8V26ZFYE3OFwt2YVqKDoC091ihAt4NBQv3R7571GdLpMCVv9Io3leiyaBRUMMlf0mZ0uVfCaWDEsv7bj7rkPVV2GPoY9QvUZyIZkkU3dUXj8qTCDXSOBOg4WGJsLplr2Ao3-OHDSb4w7P7IfS6NfmaB6fdRYsf_uelq0EhHhxz9iFab3OknD-IIIzw0QgVHBk0odDNH4sS_FxZMH14CCAWqhYhfeDHKgp6pnvdWHd9XoP1QFScf53iQAEdbcMy0T_iO8RVNSgYjzzxm6rtWe2R5Qnp3feJxscDf59uFv6nc3GqmvR11wuZa2DnmZrx52O47qR_usgJ2N_QLBgHtwg8uo9_YpU93UFmJnN8ubwlBrLLYdqKg5j8wzzcia6nSjEcJZM7eL-PKSiJAQZp5oCxjN4qD_SEEK21qEkvJiIMJS8Si5CU2XLQ-bkjfJrsh3rBjn53Ra6ChW2XQYO-5r0fauhYwtb3wYxziKgf5N0VUtEee7_MIw4LJJ4F6MKqbSuJ_koSbbzbFvWAWbVo8zQq2EHd-wlsLlPqT3Q0Nim_ojcWH6Ucv1HbYrBTTDNSqm_lTvKx1XhR2LhP-FChjOySmyGEY9Vtj_zePAQ69MVK8cyAspfrXK7bAtcUNA57n4ku9eAQ7dQ8Vw1eCtkTNi1Nc2VmtKs5PZDr-KMHcHcIUM_h9poFEvraxLGO9WIjvlHcKrqSc17vdvmPzxCjMZ14egV1pp4MmU3k_T4OW0Wd64tU5ROHgngVFV_KG_vzN0mWACVh16LkCpXzZN_WREfhS49vUlYqNYQwTJSvENF7GZEkP5n1bO0g3Dus9HzqEI3gx8GmDY9rjMKehyQ_tEdKtLsL1p8lo02eszwWB10Ab0DzWmQ&cid=CAASFeRoVzcm29c4sA4CEU2fHZqU94EHsQ&rfl=3%2Chttps%253A%252F%252Ftelegraf.by%242%2Chttps%253A%252F%252Ftelegraf.by%252F%240

Requested by

Host: telegraf.by
URL: https://telegraf.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b802368b20fbcf4c42666e202f23aa188324b396afb973e0cddb18453b6e769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16064
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame D575 2 KB
2 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=14526021&cmp=145089&plc=vtnwou&sid=45f3d18e47f96c&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0iHjdvQOgypUp68piW_wGr2&DVP_DBM_1=1861733&DVP_DBM_2=15874976&DVP_DBM_3=42577020&DVP_DBM_4=327228940&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=17788910856&turl=https://telegraf.by/&DVP_PP_BUNDLE_ID=&dvregion=2&unit=728x90
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 02:10:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 12:31:26 GMT
Server: Microsoft-IIS/10.0
ETag: "60d09d781a8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame D575 8 KB
4 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0iHjdvQOgypUp68piW_wGr2&DVP_DBM_1=1861733&DVP_DBM_2=15874976&DVP_DBM_3=42577020&DVP_DBM_4=327228940&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=17788910856&turl=https://telegraf.by/&DVP_PP_BUNDLE_ID=
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 02:10:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Oct 2021 15:58:26 GMT
Server: Microsoft-IIS/10.0
ETag: "0fda9262c5d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3288

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211029/r20110914/client/ Frame D575 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211029/r20110914/client/window_focus_fy2019.js

Requested by

Host: telegraf.by
URL: https://telegraf.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 01:27:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Nov 2021 01:27:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D575 120 KB
37 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: telegraf.by
URL: https://telegraf.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0253185a4cfd8a31fa015f856c47a032cf99a7aa4f528389965225dc4c150ff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37579
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635787520984751"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 03 Nov 2021 02:10:53 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211029/r20110914/client/ Frame D575 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211029/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: telegraf.by
URL: https://telegraf.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 591
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6337
x-xss-protection: 0
server: cafe
etag: 7721474052657771746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Nov 2021 02:01:02 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D575 42 B
107 B 15ms
14ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BCIZ5TtMBqVwqzQTo5Qilh3W7XfQLH0Stduk6P7d5kuZD79yoUwuQmTtpxagDJBa2sQmeasPYSKTevwnhfCxa59LX8k_KkE_jAQJBbFyUV6NtzjlQ

Requested by

Host: telegraf.by
URL: https://telegraf.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3BD4 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 01 Nov 2021 11:10:41 GMT
expires: Tue, 01 Nov 2022 11:10:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 140412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK dvbs_src_internal99.js Show response
cdn.doubleverify.com/ Frame 93F8 61 KB
19 KB 12ms
12ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=14526021&cmp=145089&plc=QN94gh&sid=45f3d18e47f96c&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0icJeDdRmre1UnCxhRvOLiM&DVP_DBM_1=1861733&DVP_DBM_2=15874974&DVP_DBM_3=42847708&DVP_DBM_4=327234192&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=17788910856&turl=https://telegraf.by/&DVP_PP_BUNDLE_ID=&dvregion=2&unit=970x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 02:10:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 12:31:43 GMT
Server: Microsoft-IIS/10.0
ETag: "802192821a8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19248

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8733
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPc3dBZCj30bd6U1vIfnUEs&google_cver=1

43 B
894 B

12ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPc3dBZCj30bd6U1vIfnUEs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhiMvIScATAB&v=APEucNXhBkBqpajSy-5KbMKsWK3aXKT4olvGHbQInfAE2NZBTrqjusJn9R-dLgnUYP4dYJXthN3RaoGYB4Xbt7Wxsrxj-T5Fnbevna6CkC6jB2Ko4jpCtOkAHsUGYxUNH7MhV8sHQ4Ztw4JWNKelk85QQS1BCG1eUB2W3qXjhv9Jl5qnesOjCLsjEe7xg-LGTi_c859rwhuOoxMFJYVsScDnynpjKX26Kg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 03 Nov 2021 02:10:53 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPc3dBZCj30bd6U1vIfnUEs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8733
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYHvrWLl1LS44juKsRzLyQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPc3dBZCj30bd6U1vIfnUEs&google_cver=1

43 B
894 B

14ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPc3dBZCj30bd6U1vIfnUEs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhiMvIScATAB&v=APEucNXhBkBqpajSy-5KbMKsWK3aXKT4olvGHbQInfAE2NZBTrqjusJn9R-dLgnUYP4dYJXthN3RaoGYB4Xbt7Wxsrxj-T5Fnbevna6CkC6jB2Ko4jpCtOkAHsUGYxUNH7MhV8sHQ4Ztw4JWNKelk85QQS1BCG1eUB2W3qXjhv9Jl5qnesOjCLsjEe7xg-LGTi_c859rwhuOoxMFJYVsScDnynpjKX26Kg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 03 Nov 2021 02:10:53 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPc3dBZCj30bd6U1vIfnUEs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8733
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEH5fNSQsYvnQTfaWmq6uFUg&google_cver=1

43 B
1004 B

14ms
13ms

Image
image/gif

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEH5fNSQsYvnQTfaWmq6uFUg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhiMvIScATAB&v=APEucNXhBkBqpajSy-5KbMKsWK3aXKT4olvGHbQInfAE2NZBTrqjusJn9R-dLgnUYP4dYJXthN3RaoGYB4Xbt7Wxsrxj-T5Fnbevna6CkC6jB2Ko4jpCtOkAHsUGYxUNH7MhV8sHQ4Ztw4JWNKelk85QQS1BCG1eUB2W3qXjhv9Jl5qnesOjCLsjEe7xg-LGTi_c859rwhuOoxMFJYVsScDnynpjKX26Kg

Protocol

HTTP/1.1

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:53 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f4e80292-7439-4313-8b86-8f694b667c15
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEH5fNSQsYvnQTfaWmq6uFUg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8733
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQwOTQ5OTYzMzY1NDI3NTc2MQ%3D%3D

170 B
188 B

18ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQwOTQ5OTYzMzY1NDI3NTc2MQ%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:53 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: bbba515b-f8e2-4ca9-ae94-9ca7029dc228
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQwOTQ5OTYzMzY1NDI3NTc2MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame A8C7 1 KB
1 KB 33ms
7ms Document
text/html 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 806
Cache-Control: max-age=11864
Date: Wed, 03 Nov 2021 02:10:53 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 93F8 2 KB
1 KB 128ms
12ms Script
text/javascript 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_378849151849&jsTagObjCallback=__tagObject_callback_378849151849&num=6&ctx=14526021&cmp=145089&plc=QN94gh&sid=45f3d18e47f96c&advid=&adsrv=&unit=970x250&isdvvid=&uid=378849151849&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=95&bridua=3&dup=null&turl=https://telegraf.by/&srcurlD=1&ssl=1&refD=2&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0icJeDdRmre1UnCxhRvOLiM&DVP_DBM_1=1861733&DVP_DBM_2=15874974&DVP_DBM_3=42847708&DVP_DBM_4=327234192&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=17788910856&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=3&m1=13&noc=4&fcifrms=3&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauE6%3D68C27%5D3JTauU2%3F4r92%3A%3Fl9EEADTbpTauTauE6%3D68C27%5D3JTar9EEADTbpTauTauE6%3D68C27%5D3JTar9EEADTbpTauTau2h43%60_65cdc753b433%60a3aeb3e_3a_b6%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl23%40FETbp3%3D2%3F%3C&dvp_exetime=9.00&callbackName=__verify_callback_378849151849
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: f31c2a8bc3a54e78b9e6ad0532cd40839c964fabfaaff5bba03348d2d3cb9c41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Date: Wed, 03 Nov 2021 02:10:52 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 11/2/2021 2:10:53 AM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame 289A 4 KB
2 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-match6.js
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 02:10:53 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=41319
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211029/r20110914/ Frame D575 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211029/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4sgFwpkSTKCM2rjkcYZnOhvJBlKOIAcue42XSqAI9xsVKN4IXoz8H5rQtxZJHEY0KoX5k0cMisKuB6mYF653ML8ImBj5z2Du3cDqSkTk9HHLEY7c0RkWHXR4ZLtg9jKLCNS7meoSHs26UsUYu2-G-B4vyYA&dbm_d=AKAmf-DfZKM6xfLWKw9TOwP1Aiyv6YuuRHv-c0PH_4ONN9QOoaz4jr2DcfxJFxsHSAJvXLEsutQFNbSnt19VB-asPGpwkWgByHJA_4zYgbFUCWIVAY7fI11a4wy-GJKSpFqjkFy7eVYYzCKzYmr6Nvy1Y1FHyjusdpB0KGjFSH03AqWCuAqQDnZUipnENZFWVvYyrpUctC4u6Kn5rGR9_GMRIRdQ2L3Tk4Jb_LgMFczwWHmMHsa9IQCKW4yjdiGnBwkI2iK8zRc2pwtwfUWvPQWepsSLci4atfKG4Zd9WLvtUdK6gLoCiB8NXjmb0I0WQZT66a7hjlq0V9Ul2lzu2BwoF6rFc-CecSLqpJLEl_lvjiOSJhgoiDWRkf6gEA-RclJAux1HiIbXGW3CnEf6tCk1sqBM6o7XuJ4F7VTBEjLv7AtyNGVR0sKbf2gX-_okCxfgkRsFw3rOlINsxreQULIXMmQDHnOF7ptzwsFvwXm94LezGhxZZTyy5tvKbTka13WwLpyOYKMHPJDfugKNsdzU61Wng9n0K0j869Fu-ZCuaYhlrzT7iSkbKmF-7YgxxXi5_9RSONNnoOSZbhxd639BxWWeK8ZXLhHLRca9O19kslX1vLUC_Olhb_U2uwbOil8KXqMwDoB_xaB-XHEM-3fu3H3KWo08WFrjmnUJpq1mjpAnkQdaTzar6DDrH0ZcsiPSIgVpthVgmMIC-oXMHyQZ1HAPa4772Q78apWRvzqWROAq2k6_dtW_Tvu1kbzRPdkLhGoji2CzvUT3pZ5zYs7P9MZEHSeDjnHYTco59Vo-FwXDz9a5KDg9lkp-GLmtPe_xuI_lBYEgtOUneHligB48cULL89_l1uo7vB2YnChTXouykWm9bwQffAuSRgDKl2dM1wb3RcddW8LVV87QsZYUbc4fb3toj5Tlmwij4gCfON6u3xbHVoVVRduRv7CG1iGfk32F5effKNqj1rTdDONsPKm8xr4tmLp_gX6QtAct549swvuyky2Y9gG1UvmphO35hl7CJUs0vTCMqtm48gGu1CWAwMnNSaGlfbOs09yK1uf3nMh4Arviu-HwLahndvYFNMXGuJuR-u8sKCj3k5qDVx7oq8d5DP85CbJoWNFw1aiYPmsG6jifOF33tJ7HopO1xe9HDp7zR6WWz4uryr94ypYN0dyUAxq81aKYSbzXEFelSj7qXZ9mYDYLq-3m7nAcMbTmgTtZtGTJb4MAfMtdwZFbDeM-Bfvj21v3jH3heL4BYUW8yXoEocIeEU3qJPsTtgZn5qGzMgM0g4dBx32F9iCdbzC4B-tBiLLuPcDO1llTTaFnzAN0QX8wbCgq744aQ1I6TDhT0Pz1CNBYOpUyoPlT3k0TCy7-HeGKtKmRiYWQoHU-0WutnP-92Tp_TamQadkkAWJA-08ah6EFR52fHWOA3VfJAvKWdpn_rfm1Q_zJQj4I6J4HCZWmmm1JmdgINdVYjiZZRGgnUNQUTZPGRgrvMhBY-JtN5Xl6w3k3TCkvPUkHIQ7OSC0i6eRK2AOWktLQhsqEOiMs2-KPpssuOxx36A_cvKF3inKJJxnSBPfYduHz0p3e5ch-Blfz4TCxD8tSWvFX-W6LB1dchYwmIN8BY0pEZ6tsEmaFtOAjwdY4UO38xLUvUhLp1kLnT4FSbgYVAC4IAnaXjkiIocznqPGrj8rrjFcdA5wBrB23EWrxyTjwDRbMfKoM3Xa7Gz1EQlqOK2dI8BC7Qn4Ygf-5vhuCjxRUE5UeHjs0NIHSjHFstoRFZbXSwH2LolyIli48uvSNiFFYEc5D7oVXCM3acSLQvdOTS1YRMxGFS9gYsjLU36RD-HC0QlmaFhlzxjWzZg3LNpvIHN09Ot5r86uLqmgN7TuMRoTN9ox6i7JH087CpWd5GWYP5TQdgIVybGfJs6spWtmTywYDGEV66N9aKF9lEHyunpsBeZc_Akl9Aj0JQGDDYUbMTwE1UKzAuhRg3pq8VOM8QLSqztT4mPduLPagJRRNUnn-S5TIfVet4gT0uBYH-_qZ-OWzlXvcgdf4Xk4zwFHhe8_d27X7rsZlpgAMMJ-puiwh4KEPTAvwwnPVxZ4aFJelJJBz5hFzoyqquREt4dORaU3NHwOFzORxGYfi6Y35GiEGuIB7aZOuX8Pz8R5flG62IXK8xUbM3lJzwMm_QjnnCMFV0gEFUWtGE6KysYJKmO6TMV1EjgJzD1OP3vyXQvoI6tTXu7BPqMUhOrDjycYyj-IFkU4Iov051gYoLmOAnqORJaAd_KJaoz5WPftphjqffcjgl6FvX_pwey-OF9s4UIl7c34u5nvEWf1BLvdjCkjGH7QpNrE5VbAyD2fnUL7JbwNQTSLTjmbuMbtSvMP3e_Ct1NfEKX8-l9L8KCoL2YkpHFvqceUufejsc_edvnpoVsdRR-4OUG8hdBziT2HN6YxBIpK0KV0cnhDdedGhWEcCUMaDZDCcFAhWaaugbE0izT24Z_Ba4S5G4wzXxd9iqU3W7ypoizXNstYfU6YpVM4Enk3ia-OGC18wuuscmnW6mwvKkYJUVp_8AzkwLi05EXAMM-hrGzjY75QKQRepUmpkDvLLw0ssWlDm4ed2fn5RvwdG6AKUnb1T3vTb9dMaaak3nBy_vzHdmeA6Hv8glNQYRCj9AGW6C2zanS32ZtbifPiKwP7Wx-4i0yseKh8xlbiEkTq83De4qaOWHyhmplleEWU_KJZSwN-u3y1pJVJ1ckh1W3WkmP9qh29NPQiNwIQdAUMTbNYWm3J88mvpUBNTM33ZYep907EPuaaGXUyAF0o2KdnmEkb8qbsv_IOwxTA5VBZG6LHy4uiU7qiUb53s8nrQeO_r9-SmT8V26ZFYE3OFwt2YVqKDoC091ihAt4NBQv3R7571GdLpMCVv9Io3leiyaBRUMMlf0mZ0uVfCaWDEsv7bj7rkPVV2GPoY9QvUZyIZkkU3dUXj8qTCDXSOBOg4WGJsLplr2Ao3-OHDSb4w7P7IfS6NfmaB6fdRYsf_uelq0EhHhxz9iFab3OknD-IIIzw0QgVHBk0odDNH4sS_FxZMH14CCAWqhYhfeDHKgp6pnvdWHd9XoP1QFScf53iQAEdbcMy0T_iO8RVNSgYjzzxm6rtWe2R5Qnp3feJxscDf59uFv6nc3GqmvR11wuZa2DnmZrx52O47qR_usgJ2N_QLBgHtwg8uo9_YpU93UFmJnN8ubwlBrLLYdqKg5j8wzzcia6nSjEcJZM7eL-PKSiJAQZp5oCxjN4qD_SEEK21qEkvJiIMJS8Si5CU2XLQ-bkjfJrsh3rBjn53Ra6ChW2XQYO-5r0fauhYwtb3wYxziKgf5N0VUtEee7_MIw4LJJ4F6MKqbSuJ_koSbbzbFvWAWbVo8zQq2EHd-wlsLlPqT3Q0Nim_ojcWH6Ucv1HbYrBTTDNSqm_lTvKx1XhR2LhP-FChjOySmyGEY9Vtj_zePAQ69MVK8cyAspfrXK7bAtcUNA57n4ku9eAQ7dQ8Vw1eCtkTNi1Nc2VmtKs5PZDr-KMHcHcIUM_h9poFEvraxLGO9WIjvlHcKrqSc17vdvmPzxCjMZ14egV1pp4MmU3k_T4OW0Wd64tU5ROHgngVFV_KG_vzN0mWACVh16LkCpXzZN_WREfhS49vUlYqNYQwTJSvENF7GZEkP5n1bO0g3Dus9HzqEI3gx8GmDY9rjMKehyQ_tEdKtLsL1p8lo02eszwWB10Ab0DzWmQ&cid=CAASFeRoVzcm29c4sA4CEU2fHZqU94EHsQ&rfl=3%2Chttps%253A%252F%252Ftelegraf.by%242%2Chttps%253A%252F%252Ftelegraf.by%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3daceec3bd97612d8a38ea069ba1d1fe9f8932c73888250c4027ad88c190bf2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 01:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9405
x-xss-protection: 0
server: cafe
etag: 9145933494120910982
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Nov 2021 01:07:30 GMT

GET
H2 403 t.js;adv=11032206473623;ec=11032215840085;adv.a=9533159;c.a=24683151;s.a=4128031;p.a=293250068;a.a=486510940;cache=1967496427;
ad.atdmt.com/i/ Frame D575 0
0 90ms
44ms Script
text/html 2a03:2880:f02d:5:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.atdmt.com/i/t.js;adv=11032206473623;ec=11032215840085;adv.a=9533159;c.a=24683151;s.a=4128031;p.a=293250068;a.a=486510940;cache=1967496427;
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4sgFwpkSTKCM2rjkcYZnOhvJBlKOIAcue42XSqAI9xsVKN4IXoz8H5rQtxZJHEY0KoX5k0cMisKuB6mYF653ML8ImBj5z2Du3cDqSkTk9HHLEY7c0RkWHXR4ZLtg9jKLCNS7meoSHs26UsUYu2-G-B4vyYA&dbm_d=AKAmf-DfZKM6xfLWKw9TOwP1Aiyv6YuuRHv-c0PH_4ONN9QOoaz4jr2DcfxJFxsHSAJvXLEsutQFNbSnt19VB-asPGpwkWgByHJA_4zYgbFUCWIVAY7fI11a4wy-GJKSpFqjkFy7eVYYzCKzYmr6Nvy1Y1FHyjusdpB0KGjFSH03AqWCuAqQDnZUipnENZFWVvYyrpUctC4u6Kn5rGR9_GMRIRdQ2L3Tk4Jb_LgMFczwWHmMHsa9IQCKW4yjdiGnBwkI2iK8zRc2pwtwfUWvPQWepsSLci4atfKG4Zd9WLvtUdK6gLoCiB8NXjmb0I0WQZT66a7hjlq0V9Ul2lzu2BwoF6rFc-CecSLqpJLEl_lvjiOSJhgoiDWRkf6gEA-RclJAux1HiIbXGW3CnEf6tCk1sqBM6o7XuJ4F7VTBEjLv7AtyNGVR0sKbf2gX-_okCxfgkRsFw3rOlINsxreQULIXMmQDHnOF7ptzwsFvwXm94LezGhxZZTyy5tvKbTka13WwLpyOYKMHPJDfugKNsdzU61Wng9n0K0j869Fu-ZCuaYhlrzT7iSkbKmF-7YgxxXi5_9RSONNnoOSZbhxd639BxWWeK8ZXLhHLRca9O19kslX1vLUC_Olhb_U2uwbOil8KXqMwDoB_xaB-XHEM-3fu3H3KWo08WFrjmnUJpq1mjpAnkQdaTzar6DDrH0ZcsiPSIgVpthVgmMIC-oXMHyQZ1HAPa4772Q78apWRvzqWROAq2k6_dtW_Tvu1kbzRPdkLhGoji2CzvUT3pZ5zYs7P9MZEHSeDjnHYTco59Vo-FwXDz9a5KDg9lkp-GLmtPe_xuI_lBYEgtOUneHligB48cULL89_l1uo7vB2YnChTXouykWm9bwQffAuSRgDKl2dM1wb3RcddW8LVV87QsZYUbc4fb3toj5Tlmwij4gCfON6u3xbHVoVVRduRv7CG1iGfk32F5effKNqj1rTdDONsPKm8xr4tmLp_gX6QtAct549swvuyky2Y9gG1UvmphO35hl7CJUs0vTCMqtm48gGu1CWAwMnNSaGlfbOs09yK1uf3nMh4Arviu-HwLahndvYFNMXGuJuR-u8sKCj3k5qDVx7oq8d5DP85CbJoWNFw1aiYPmsG6jifOF33tJ7HopO1xe9HDp7zR6WWz4uryr94ypYN0dyUAxq81aKYSbzXEFelSj7qXZ9mYDYLq-3m7nAcMbTmgTtZtGTJb4MAfMtdwZFbDeM-Bfvj21v3jH3heL4BYUW8yXoEocIeEU3qJPsTtgZn5qGzMgM0g4dBx32F9iCdbzC4B-tBiLLuPcDO1llTTaFnzAN0QX8wbCgq744aQ1I6TDhT0Pz1CNBYOpUyoPlT3k0TCy7-HeGKtKmRiYWQoHU-0WutnP-92Tp_TamQadkkAWJA-08ah6EFR52fHWOA3VfJAvKWdpn_rfm1Q_zJQj4I6J4HCZWmmm1JmdgINdVYjiZZRGgnUNQUTZPGRgrvMhBY-JtN5Xl6w3k3TCkvPUkHIQ7OSC0i6eRK2AOWktLQhsqEOiMs2-KPpssuOxx36A_cvKF3inKJJxnSBPfYduHz0p3e5ch-Blfz4TCxD8tSWvFX-W6LB1dchYwmIN8BY0pEZ6tsEmaFtOAjwdY4UO38xLUvUhLp1kLnT4FSbgYVAC4IAnaXjkiIocznqPGrj8rrjFcdA5wBrB23EWrxyTjwDRbMfKoM3Xa7Gz1EQlqOK2dI8BC7Qn4Ygf-5vhuCjxRUE5UeHjs0NIHSjHFstoRFZbXSwH2LolyIli48uvSNiFFYEc5D7oVXCM3acSLQvdOTS1YRMxGFS9gYsjLU36RD-HC0QlmaFhlzxjWzZg3LNpvIHN09Ot5r86uLqmgN7TuMRoTN9ox6i7JH087CpWd5GWYP5TQdgIVybGfJs6spWtmTywYDGEV66N9aKF9lEHyunpsBeZc_Akl9Aj0JQGDDYUbMTwE1UKzAuhRg3pq8VOM8QLSqztT4mPduLPagJRRNUnn-S5TIfVet4gT0uBYH-_qZ-OWzlXvcgdf4Xk4zwFHhe8_d27X7rsZlpgAMMJ-puiwh4KEPTAvwwnPVxZ4aFJelJJBz5hFzoyqquREt4dORaU3NHwOFzORxGYfi6Y35GiEGuIB7aZOuX8Pz8R5flG62IXK8xUbM3lJzwMm_QjnnCMFV0gEFUWtGE6KysYJKmO6TMV1EjgJzD1OP3vyXQvoI6tTXu7BPqMUhOrDjycYyj-IFkU4Iov051gYoLmOAnqORJaAd_KJaoz5WPftphjqffcjgl6FvX_pwey-OF9s4UIl7c34u5nvEWf1BLvdjCkjGH7QpNrE5VbAyD2fnUL7JbwNQTSLTjmbuMbtSvMP3e_Ct1NfEKX8-l9L8KCoL2YkpHFvqceUufejsc_edvnpoVsdRR-4OUG8hdBziT2HN6YxBIpK0KV0cnhDdedGhWEcCUMaDZDCcFAhWaaugbE0izT24Z_Ba4S5G4wzXxd9iqU3W7ypoizXNstYfU6YpVM4Enk3ia-OGC18wuuscmnW6mwvKkYJUVp_8AzkwLi05EXAMM-hrGzjY75QKQRepUmpkDvLLw0ssWlDm4ed2fn5RvwdG6AKUnb1T3vTb9dMaaak3nBy_vzHdmeA6Hv8glNQYRCj9AGW6C2zanS32ZtbifPiKwP7Wx-4i0yseKh8xlbiEkTq83De4qaOWHyhmplleEWU_KJZSwN-u3y1pJVJ1ckh1W3WkmP9qh29NPQiNwIQdAUMTbNYWm3J88mvpUBNTM33ZYep907EPuaaGXUyAF0o2KdnmEkb8qbsv_IOwxTA5VBZG6LHy4uiU7qiUb53s8nrQeO_r9-SmT8V26ZFYE3OFwt2YVqKDoC091ihAt4NBQv3R7571GdLpMCVv9Io3leiyaBRUMMlf0mZ0uVfCaWDEsv7bj7rkPVV2GPoY9QvUZyIZkkU3dUXj8qTCDXSOBOg4WGJsLplr2Ao3-OHDSb4w7P7IfS6NfmaB6fdRYsf_uelq0EhHhxz9iFab3OknD-IIIzw0QgVHBk0odDNH4sS_FxZMH14CCAWqhYhfeDHKgp6pnvdWHd9XoP1QFScf53iQAEdbcMy0T_iO8RVNSgYjzzxm6rtWe2R5Qnp3feJxscDf59uFv6nc3GqmvR11wuZa2DnmZrx52O47qR_usgJ2N_QLBgHtwg8uo9_YpU93UFmJnN8ubwlBrLLYdqKg5j8wzzcia6nSjEcJZM7eL-PKSiJAQZp5oCxjN4qD_SEEK21qEkvJiIMJS8Si5CU2XLQ-bkjfJrsh3rBjn53Ra6ChW2XQYO-5r0fauhYwtb3wYxziKgf5N0VUtEee7_MIw4LJJ4F6MKqbSuJ_koSbbzbFvWAWbVo8zQq2EHd-wlsLlPqT3Q0Nim_ojcWH6Ucv1HbYrBTTDNSqm_lTvKx1XhR2LhP-FChjOySmyGEY9Vtj_zePAQ69MVK8cyAspfrXK7bAtcUNA57n4ku9eAQ7dQ8Vw1eCtkTNi1Nc2VmtKs5PZDr-KMHcHcIUM_h9poFEvraxLGO9WIjvlHcKrqSc17vdvmPzxCjMZ14egV1pp4MmU3k_T4OW0Wd64tU5ROHgngVFV_KG_vzN0mWACVh16LkCpXzZN_WREfhS49vUlYqNYQwTJSvENF7GZEkP5n1bO0g3Dus9HzqEI3gx8GmDY9rjMKehyQ_tEdKtLsL1p8lo02eszwWB10Ab0DzWmQ&cid=CAASFeRoVzcm29c4sA4CEU2fHZqU94EHsQ&rfl=3%2Chttps%253A%252F%252Ftelegraf.by%242%2Chttps%253A%252F%252Ftelegraf.by%252F%240
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D575 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 01 Nov 2022 11:10:41 GMT

GET
H/1.1 200
OK /
d.agkn.com/pixel/10690/ Frame D575 43 B
709 B 10ms
10ms Image
image/gif 3.124.136.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/10690/?che=1967496427&cmid=24683151&sid=4128031&pid=293250068&cgid=486510940&cid=144541184&aid=9533159&gdpr=&gdpr_consent=
Requested by: Host: 21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com
URL: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.136.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-136-236.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:53 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js Show response
pagead2.googlesyndication.com/bg/ Frame 3BD4 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6292b24f4cc9e6bb52159276bf8a5d01ad441d209fd0da03ffca3ac44cc494c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13471
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 21:11:56 GMT

GET
H/1.1 200
OK dvbs_src_internal99.js Show response
cdn.doubleverify.com/ Frame D575 61 KB
19 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=14526021&cmp=145089&plc=vtnwou&sid=45f3d18e47f96c&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0iHjdvQOgypUp68piW_wGr2&DVP_DBM_1=1861733&DVP_DBM_2=15874976&DVP_DBM_3=42577020&DVP_DBM_4=327228940&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=17788910856&turl=https://telegraf.by/&DVP_PP_BUNDLE_ID=&dvregion=2&unit=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 02:10:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 12:31:43 GMT
Server: Microsoft-IIS/10.0
ETag: "802192821a8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19248

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 981B 22 KB
8 KB 9ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 01 Nov 2021 11:10:41 GMT
expires: Tue, 01 Nov 2022 11:10:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 140412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame 1BD3 1 KB
1 KB 8ms
7ms Document
text/html 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 806
Cache-Control: max-age=11864
Date: Wed, 03 Nov 2021 02:10:53 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame D575 2 KB
1 KB 60ms
13ms Script
text/javascript 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_548237673623&jsTagObjCallback=__tagObject_callback_548237673623&num=6&ctx=14526021&cmp=145089&plc=vtnwou&sid=45f3d18e47f96c&advid=&adsrv=&unit=728x90&isdvvid=&uid=548237673623&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=95&bridua=3&dup=null&turl=https://telegraf.by/&chro=1&hist=2&winh=120&winw=980&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=1&ssl=1&refD=3&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0iHjdvQOgypUp68piW_wGr2&DVP_DBM_1=1861733&DVP_DBM_2=15874976&DVP_DBM_3=42577020&DVP_DBM_4=327228940&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=17788910856&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=3&m1=13&noc=4&fcifrms=3&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauE6%3D68C27%5D3JTauU2%3F4r92%3A%3Fl9EEADTbpTauTauE6%3D68C27%5D3JTar9EEADTbpTauTauE6%3D68C27%5D3JTar9EEADTbpTauTaua%60h%60e36b5%60bf5_35ddbgcg%6042f45%60f7e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTaua%60h%60e36b5%60bf5_35ddbgcg%6042f45%60f7e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTaua%60h%60e36b5%60bf5_35ddbgcg%6042f45%60f7e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETauD2767C2%3E6Tau%60%5C_%5CbgTau9E%3E%3DTau4%40%3FE2%3A%3F6C%5D9E%3E%3DTbu%3FTbs%60&dvp_exetime=5.20&callbackName=__verify_callback_548237673623
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 81513a4a8badba7608cb7270d2b4303dab311640a660c4701c22dcc4c154c5af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Date: Wed, 03 Nov 2021 02:10:53 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 11/2/2021 2:10:53 AM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame 7452 4 KB
2 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-match6.js
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 02:10:53 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=41319
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

GET
H2 200 9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js Show response
pagead2.googlesyndication.com/bg/ Frame 981B 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6292b24f4cc9e6bb52159276bf8a5d01ad441d209fd0da03ffca3ac44cc494c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13471
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 21:11:56 GMT

POST
H/1.1 200
OK bsevent.gif
tps20518.doubleverify.com/ Frame 93F8 807 B
1 KB 72ms
8ms Ping
image/gif 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20518.doubleverify.com/bsevent.gif?impid=c748e5c605764637a776f1389e984fb9&dvp_or2=1&cbust=1635905453878320
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:53 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 11/2/2021 2:10:53 AM

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 93F8 9 KB
5 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 01:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4451
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 15:55:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 03 Nov 2021 02:11:57 GMT

POST
H/1.1 200
OK bsevent.gif
tps20519.doubleverify.com/ Frame D575 807 B
1 KB 70ms
8ms Ping
image/gif 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20519.doubleverify.com/bsevent.gif?impid=ebdc987e1e3a4b1da81b29199dab76a8&dvp_or2=1&cbust=1635905453880720
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:53 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 11/2/2021 2:10:53 AM

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame D575 9 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 01:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4451
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 15:55:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 03 Nov 2021 02:11:57 GMT

GET
H2 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame 93F8 41 KB
17 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 02:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 20:08:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 02:10:40 GMT

GET
H2 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame D575 41 KB
17 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 02:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 20:08:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 02:10:40 GMT

GET
H2 200 B23901103.271365913;dc_ver=81.235;dc_eid=40004001;sz=970x250;u_sd=1;dc_adk=358260176;ord=73z979;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=2,https%... Show response
ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/ Frame 1BE0 44 KB
22 KB 72ms
48ms Document
text/html 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B23901103.271365913;dc_ver=81.235;dc_eid=40004001;sz=970x250;u_sd=1;dc_adk=358260176;ord=73z979;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=2,https%3A%2F%2Ftelegraf.by$2,https%3A%2F%2Ftelegraf.by%2F$0;xdt=1;crlt=fBAUndRZ28;sttr=23;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

bba058a28cb6265b1d27ddab6ad28a19960fb5a0d7b7e1fa726e3dc7d71824e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 03 Nov 2021 02:10:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 22332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 B9689862.280630144;dc_ver=81.235;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=793251926;ord=fhv265;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=3,https%3A... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame D575 45 KB
22 KB 75ms
54ms Script
text/javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=81.235;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=793251926;ord=fhv265;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=3,https%3A%2F%2Ftelegraf.by$2,https%3A%2F%2Ftelegraf.by%2F$0;xdt=1;crlt=ns6J'*qqf(;sttr=29;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

11c8eecfaa98ffb431664f2cd0908445f1a45bc550e82ababa615eff30f176eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dv-measurements1800.js Show response
cdn.doubleverify.com/ Frame FE83 495 KB
90 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1800.js
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 02:10:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Oct 2021 09:46:20 GMT
Server: Microsoft-IIS/10.0
ETag: "0fef5397bad71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91601

GET
DATA 200
OK truncated
/ Frame 93F8 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b92a7afd45383eddda0e896cf31b245721c61e9ce397efb6b72330037a37ac83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BD4 0
56 B 17ms
17ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bh8qure-BYb78Jpmwx_AP4--N0AgAAAAAOAHgBAI&bg=!HR6lHlrNAAZzbWp4c207ACkAdvg8WpWqxemQH_hgVcTutgwykMJNwDPEb4qBygnnZis0pl6mFd_fUwIAAACcUgAAAExoAQeZAwyPTkaryZpQHckfT_itmSC8FtNfbtDb0wZAizNUjix7BXResIW10mnGxSDuHT28l3DGzFvectkPcA20RzoMc0WSc_aH3DzQ9CqxuHb3WcaWgfBnLuauax0phbWNKYrANYTo8QlViFyKJi8whpi396YCchEjawzFZxao29YFzprZPrt3orvklhFp9Qqo4jyhhyxkOsfRAc_uWbVOXLT61Oimj-BwWkmI5UYYEFWuq4qkpuYa3iYvRNQQRS2RhSz8nELZHAeqHRbDsxWCCCdcWeVnkWxo59lvTC1eTc88pTX3_Diapk6vHIlyjurWH8eF83tDQDhueokXn-Cpliiz3IJL6a1q69geyW3r4tUkijTxJZ2Xn8XNXt-C6MnJXwc0LvGqHNDc8Jscpu56KqlpHCgWbYod1P-vx3uMmnz51CQx7C8-1Llw2qHMNs4JJUL1pT76IsucdD1FZkPFwZp6bpRa0_9gQMFLmgPjOKKuUl4LOdrL_7hZGPPtenB9YQPPPoxE0Y2TK9pvDaXw41AvgOCpaoJ9gw0HOaaVbMYpe66KfJGLtT0fLg2uOK7V7RYv8lZbPEe8NKUDdIoPrWxbqvVI-KIkpaLWu09dc2PrT9qUlO6v0OAjdqvJlT65svKohvA8peTcmnbv35gRbsQwht8W-9fPZ5D9gDAeieZuBWsaP9CYQl0Tw9T8DXFclOUoyImEEkyjoIax2yGW9T2wxWP67SauRVc7UTwdcroItZ3rvycruJ0FJgg1ItVotKarvI0CMeNL6n2k8_xG6fvryB36rxxGfrUs4QY543cxRrVnxGCAn2-Ni3G7FiO0dmO2r1Sk09JCu8vU_l3_0LM9U5RZBaf92SpuD3yMmtHPpX1KuHOLw22vFr7rbjR7oWGl7EISZxiJbssODMrFbo1-uxVdgUZQ7wgRNLVnIzZuZ7Lq7Hp-guIWlN0LywEXT5gIk9EyZf1D0o8QGcT97CiM-ILmrTVwkl7TyNylcCtl_Lz76ueedY2X9RWP72icxhNtQy1Db0sSbhre7Y-f7hw

Requested by

Host: a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com
URL: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame FE83 1 KB
1 KB 564ms
160ms Script
text/javascript 63.251.109.127
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=80&ttfrms=20&brid=3&brver=95.0.4638.54&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauE6%3D68C27%5D3JTauU2%3F4r92%3A%3Fl9EEADTbpTauTauE6%3D68C27%5D3JTar9EEADTbpTauTauE6%3D68C27%5D3JTar9EEADTbpTauTau2h43%60_65cdc753b433%60a3aeb3e_3a_b6%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=1&aUrlD=0&ssl=https:&uid=1635905454060498&jsCallback=dvCallback_1635905454060220&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=970&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fa9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&fcifrms=3&brh=2&sdf=2&dvp_epl=231&noc=4&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://telegraf.by/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0icJeDdRmre1UnCxhRvOLiM&DVP_DBM_1=1861733&DVP_DBM_2=15874974&DVP_DBM_3=42847708&DVP_DBM_4=327234192&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=17788910856&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=751110918.8060489&dvp_tukv=19803071778.01474&dvp_uuid=466114610.48251355&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=938742138740
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.127 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 56cc1b3c78225a2401d2ddfcd15a9137388162edfb7117d1ec4759ed0f962c96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:54 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 11/2/2021 2:10:54 AM

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211029/r20110914/elements/html/ Frame D575 8 KB
3 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211029/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=81.235;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=793251926;ord=fhv265;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=3,https%3A%2F%2Ftelegraf.by$2,https%3A%2F%2Ftelegraf.by%2F$0;xdt=1;crlt=ns6J'*qqf(;sttr=29;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 01:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Nov 2021 01:00:05 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D575 0
524 B 57ms
17ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu_Roe3rHKpFgqwKbi1X09IAyZCIsL5z8RSwf8oSZqcHC0smH0LPqce35MK4LnLsyY8PcGg2T9I3Ccu1XsG56u7Unq-vDxP-9itWEJl8HcYnHemgVUzzVze7IAs8wdAakUF-NY4bygl194OSNA&sig=Cg0ArKJSzMLabEILtcEAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211029.70334&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 02:10:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame D575 8 KB
4 KB 9ms
8ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&num=&adid=&advid=2276943&adsrv=1&btreg=505362318&btadsrv=doubleclick&crt=156804616&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=81.235;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=793251926;ord=fhv265;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=3,https%3A%2F%2Ftelegraf.by$2,https%3A%2F%2Ftelegraf.by%2F$0;xdt=1;crlt=ns6J'*qqf(;sttr=29;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 02:10:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Oct 2021 15:58:26 GMT
Server: Microsoft-IIS/10.0
ETag: "0fda9262c5d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3288

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D575 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140413
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 01 Nov 2022 11:10:41 GMT

GET
H2 200 17721130591974731406
s0.2mdn.net/simgad/ Frame D575 69 KB
70 KB 62ms
9ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17721130591974731406

Requested by

Host: 21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com
URL: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92af9e53d768cc3fb6c9675d0d2eafba403f527fc761b29679953c71d3c588e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 05:08:25 GMT
x-content-type-options: nosniff
age: 421349
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71148
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 22:07:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 29 Oct 2022 05:08:25 GMT

GET
H/1.1 200
OK dv-measurements1800.js Show response
cdn.doubleverify.com/ Frame 9508 495 KB
90 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1800.js
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 02:10:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Oct 2021 09:46:20 GMT
Server: Microsoft-IIS/10.0
ETag: "0fef5397bad71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91601

GET
DATA 200
OK truncated
/ Frame D575 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 362567ac209f0a3603867c2b7f59799fc76b0f0d1882d100918b170a89fd0794

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 17504802754951549935
s0.2mdn.net/simgad/ Frame 1BE0 126 KB
127 KB 36ms
18ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17504802754951549935

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B23901103.271365913;dc_ver=81.235;dc_eid=40004001;sz=970x250;u_sd=1;dc_adk=358260176;ord=73z979;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=2,https%3A%2F%2Ftelegraf.by$2,https%3A%2F%2Ftelegraf.by%2F$0;xdt=1;crlt=fBAUndRZ28;sttr=23;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1ce42471a5fb6b76a676d9306414db906f5e2c753eb058517f3653b0a4bdb44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 08:02:11 GMT
x-content-type-options: nosniff
age: 410923
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129363
x-xss-protection: 0
last-modified: Tue, 25 Aug 2020 10:30:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 29 Oct 2022 08:02:11 GMT

GET
H2 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20211029/r20110914/xfa/ Frame 1BE0 10 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211029/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4403e2547b03098ecb0f101753ad838f4f027392fc669dbc5fc56685d710e0c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 20:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4159
x-xss-protection: 0
server: cafe
etag: 16434241973488253570
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Nov 2021 20:33:10 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211029/r20110914/elements/html/ Frame 1BE0 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211029/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 01:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Nov 2021 01:00:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1BE0 120 KB
37 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0253185a4cfd8a31fa015f856c47a032cf99a7aa4f528389965225dc4c150ff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37579
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635787520984751"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 03 Nov 2021 02:10:54 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1BE0 0
23 B 42ms
18ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuzd6-nHNz-K0G1RC8qIiqX9dTQ21IQRgizwmgPzmKghGi_Mn1uoEnSnR8KORC8YWSM8JvzAcdq5wsdOE1f1OmsHuAjAvoATLzu2lu-oEEdRD4-m7Y5DtQTw_-Dgm1nBACNqN9NcMF1IcN7X9E&sig=Cg0ArKJSzPXR_YabBo6ZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211029.99658&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 02:10:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 1BE0 8 KB
4 KB 10ms
10ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=23901103&sid=2641434&plc=271365913&num=&adid=&advid=2276943&adsrv=1&btreg=465940657&btadsrv=doubleclick&crt=117964236&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B23901103.271365913;dc_ver=81.235;dc_eid=40004001;sz=970x250;u_sd=1;dc_adk=358260176;ord=73z979;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=2,https%3A%2F%2Ftelegraf.by$2,https%3A%2F%2Ftelegraf.by%2F$0;xdt=1;crlt=fBAUndRZ28;sttr=23;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 02:10:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Oct 2021 15:58:26 GMT
Server: Microsoft-IIS/10.0
ETag: "0fda9262c5d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3288

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1BE0 41 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140413
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 01 Nov 2022 11:10:41 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1BE0 7 KB
5 KB 18ms
18ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211029/r20110914/xfa/sodar_loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e1f4a9035b3daee4d9c95ed2308dbeab3bd0cf1566a5fd224099654f4882925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 02:10:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5126
x-xss-protection: 0

GET
H/1.1 200
OK dv-measurements1800.js Show response
cdn.doubleverify.com/ Frame 80C5 495 KB
90 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1800.js
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 02:10:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Oct 2021 09:46:20 GMT
Server: Microsoft-IIS/10.0
ETag: "0fef5397bad71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91601

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 9508 1 KB
1 KB 472ms
158ms Script
text/javascript 63.251.109.127
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=86&ttfrms=5&brid=3&brver=95.0.4638.54&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauE6%3D68C27%5D3JTauU2%3F4r92%3A%3Fl9EEADTbpTauTauE6%3D68C27%5D3JTar9EEADTbpTauTauE6%3D68C27%5D3JTar9EEADTbpTauTaua%60h%60e36b5%60bf5_35ddbgcg%6042f45%60f7e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTaua%60h%60e36b5%60bf5_35ddbgcg%6042f45%60f7e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=1&aUrlD=0&ssl=https:&dfs=403&ddur=10&uid=1635905454175976&jsCallback=dvCallback_1635905454175299&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=3&referrer=https%3A%2F%2F21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&fcifrms=3&brh=2&sdf=2&dvp_epl=356&noc=4&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://telegraf.by/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0iHjdvQOgypUp68piW_wGr2&DVP_DBM_1=1861733&DVP_DBM_2=15874976&DVP_DBM_3=42577020&DVP_DBM_4=327228940&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=17788910856&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=723771449448.313&dvp_tukv=106070955066.19995&dvp_uuid=137372646852.93463&dvp_strhd=0.19999980926513672&dvpx_strhd=0.19999980926513672&dvp_tuid=480274477273
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.127 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 8701341d6c1999829fa2b17d7d11479a10816a1049e6a29a1252e5e9bf2ee07d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:54 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 11/2/2021 2:10:54 AM

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1A6C 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 01 Nov 2021 11:10:41 GMT
expires: Tue, 01 Nov 2022 11:10:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 140413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D575 0
23 B 18ms
18ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 02:10:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 981B 0
56 B 18ms
18ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGXtLre-BYZf9KtL47gPvwIXIAwAAAAA4AeAEAg&bg=!FxSlFFDNAAZzbWp4c207ACkAdvg8WlR3f0BMHFhzRv3J0g9cyUcOf1Mdn2eEdibFb7ljnuCIIZ9zOwIAAADiUgAAACtoAQeZA1CTr40Utqw1M8OJX60sRcy7yfY6k90LjDRGs_EpioYk5HBlWFNRC86ZVHlSiyH4DDxtrnT5Z0mjDscRs-9M5XTJAsRtQOE9vOqnQQbxwobbkCKvrgf5Mx6915rgYVt55eWgYiOih3hVok6jGumWL3YVz19xelaYF2vXPU-CZmQEBJwJbYds-BM9iSfQisQGs-QTxmHuQd_wzRU46evrNLkuLras6ksiaq_9tqF-FAy-c0OlQjb_jYD4GZ_isvN9SSU5u4XWE_8RGJPuxz9UpM0Jn0JL-uHUb4mOSwEGsuAHXUZZx7YdFByzzhI_TP9rnKRH4LqDVtOxyANKkEpvMGkicE5qHcWpOrRy4TjigOGf6JQisgzLFAdbukz4eDeumNbj-4TmjoZ_AamvDN1h8eS9OUps_4lN05nAclbVh1WnDS71RlOckp3jLjKskPywyOV9QeJPLjxi0CgyiggLb_8md39AjCLNEBqH4wbjse1ineVWYzA82kxC3INPnst-C9wNzzPIHqLuRFTcXPlunrm11MiKN5NOCPiqqp2NbtJp-ecB51WvF3HKXW-qFThhyPxTitC7r9byyKj_0Ex5wp-RN_5r9YldQID1Y1Inrk7RG8Wg5lASoC48g5vKc7bcb0dN8Hzn61Xp-h8h5y-_p9ExNw_sPOUGqnPmM4ZLAjNneGYC-YDHLOrWlh-qvdZ7VbLq75yA03n5MjypojqE_VpgF4XpzFk6ZhD34AWZWBtwh90C0ou8Co0BZftq_FsFmQlAz-0NrGsASNUeC9hKbTBhbiF5NizIcwvhsn6T_LzrqOW0bRY2QD6TlWrDW8u_J-3YZkYNuon5sze5BWgBK7YeHsU0FVKajnCLX1oxv5uetXxh5eowXNua1ShWlKIe2EjdGR8kGQGgnP2oaaiPgsUTMqZiUMOe_yaiuNsq_Hd4HJS5Sz-Z3eeU04G5tWf-nmW9hDjue8dnQivUxPftzy4emjp0m2F-ZnKIEc0QjYvcKuOE6HFkUZMPSha5etLNf5kdbA-lBTkONOeoFe9SDyMsbAKMs6KOU5QKmjdchUdU3hEG4zsw1D_fe20Vmzza2uchb_r_Ic4OyjjY2d4sf54n2sfwRiiJNPBXYLoq3nYRLg

Requested by

Host: 21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com
URL: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dv-measurements1800.js Show response
cdn.doubleverify.com/ Frame D1BD 495 KB
90 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1800.js
Requested by: Host: telegraf.by
URL: https://telegraf.by/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 02:10:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Oct 2021 09:46:20 GMT
Server: Microsoft-IIS/10.0
ETag: "0fef5397bad71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91601

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1BE0 0
23 B 20ms
19ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 02:10:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DA52 22 KB
8 KB 9ms
9ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 01 Nov 2021 11:10:41 GMT
expires: Tue, 01 Nov 2022 11:10:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 140413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 80C5 1 KB
1 KB 466ms
163ms Script
text/javascript 63.251.109.127
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=69&ttfrms=4&brid=3&brver=95.0.4638.54&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauE6%3D68C27%5D3JTauU2%3F4r92%3A%3Fl9EEADTbpTauTauE6%3D68C27%5D3JTar9EEADTbpTauTauE6%3D68C27%5D3JTar9EEADTbpTauTaua%60h%60e36b5%60bf5_35ddbgcg%6042f45%60f7e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTaua%60h%60e36b5%60bf5_35ddbgcg%6042f45%60f7e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=1&aUrlD=0&ssl=https:&dfs=403&ddur=10&uid=1635905454229801&jsCallback=dvCallback_1635905454229619&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=3&referrer=https%3A%2F%2F21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&fcifrms=3&brh=2&sdf=2&dvp_epl=356&noc=4&ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&crt=156804616&btreg=505362318&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=723771449448.313&dvp_tukv=297008593952.10803&dvp_uuid=99144077701.77455&dvp_strhd=0.09999942779541016&dvpx_strhd=0.09999942779541016&dvp_tuid=1466248088289
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.127 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e5b099ca368d2b19b75a6ba568c2a3239a87697746275952d72e1629ab5dc31b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:54 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 11/2/2021 2:10:54 AM

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame D1BD 1 KB
1 KB 464ms
160ms Script
text/javascript 63.251.109.127
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=90&ttfrms=6&brid=3&brver=95.0.4638.54&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau2h43%60_65cdc753b433%60a3aeb3e_3a_b6%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauE6%3D68C27%5D3JTar9EEADTbpTauTauE6%3D68C27%5D3JTar9EEADTbpTauTau2h43%60_65cdc753b433%60a3aeb3e_3a_b6%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau25%5D5%40F3%3D64%3D%3A4%3C%5D%3F6EU2%26C%3Dl9EEADTbpTauTau25%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETau55%3ETau25%3ATau%7D%60bhd%5D%60d_fc_s~%26q%7Bt%27t%23xu*Tauqabh_%60%60_b%5Daf%60bedh%60bTbq540G6CTbsg%60%5DabdTbq5406%3A5Tbsc___c__%60TbqDKTbshf_Iad_TbqF0D5Tbs%60Tbq54025%3CTbsbdgae_%60feTbq%40C5TbsfbKhfhTbqF249TbsTaddqTadaaTadaaTadarTadaaTadaaTadarTadaaTadaaTadarTadaaTadaaTadarTadaaTadaaTadarTaddqTaddsTadar%3FF%3D%3DTadar%3FF%3D%3DTadarTadaaTadaaTaddsTbq540C7%3DTbsaTar9EEADTadbpTadauTadauE6%3D68C27%5D3JTacaTar9EEADTadbpTadauTadauE6%3D68C27%5D3JTadauTac_TbqI5ETbs%60Tbq4C%3DETbs7qp%26%3F5%23%2BagTbqDEECTbsabTbqAC4%3DTbsD&srcurlD=2&aUrlD=4&ssl=https:&dfs=202&ddur=11&uid=1635905454293154&jsCallback=dvCallback_1635905454293863&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=970&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=3&referrer=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fadi%2FN1395.150740DOUBLEVERIFY%2FB23901103.271365913%3Bdc_ver%3D81.235%3Bdc_eid%3D40004001%3Bsz%3D970x250%3Bu_sd%3D1%3Bdc_adk%3D358260176%3Bord%3D73z979%3Buach%3D%255B%2522%2522%252C%2522%2522%252C%2522%2522%252C%2522%2522%252C%2522%2522%252C%255B%255D%252Cnull%252Cnull%252C%2522%2522%255D%3Bdc_rfl%3D2%2Chttps%253A%252F%252Ftelegraf.by%242%2Chttps%253A%252F%252Ftelegraf.by%252F%240%3Bxdt%3D1%3Bcrlt%3DfBAUndRZ28%3Bsttr%3D23%3Bprcl%3Ds&fcifrms=3&brh=2&sdf=2&dvp_epl=947&noc=4&ctx=13311291&cmp=23901103&sid=2641434&plc=271365913&crt=117964236&btreg=465940657&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=265189037.78646934&dvp_tukv=313838858769.3627&dvp_uuid=907002399.2934818&dvp_strhd=0.19999980926513672&dvpx_strhd=0.19999980926513672&dvp_tuid=1569460691781
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.127 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: a4e109d1ec109bab254ffc2e4119b7b7da406986001253a9c0196b9da00a9df9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:54 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 11/2/2021 2:10:54 AM

GET
H2 200 LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A6C 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e7b8ddc2df8ad1ef42f7846f30e92a666b4a79d319fa52405745b6c99f4abaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 17:23:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13394
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 02 Nov 2022 17:23:00 GMT

GET
H2 200 LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js Show response
pagead2.googlesyndication.com/bg/ Frame DA52 35 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e7b8ddc2df8ad1ef42f7846f30e92a666b4a79d319fa52405745b6c99f4abaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 17:23:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13394
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 02 Nov 2022 17:23:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A6C 0
56 B 19ms
17ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuMBtre-BYdTBPMvc7gPOnonwBgAAAAA4AeAEAg&bg=!p6SlpODNAAZzbWp4c207ACkAdvg8Wl-mt-zdAFGxtqg-oxp650jDOQvBly3Wwqqdi6gpduvK34zH3gIAAACPUgAAABhoAQcKAAfvhc3xxv39mQNmOtLablYF6HoHEb4JKgoteQrV2iH8WKln1SWd4YJQYfSGQYbzr7d60FBABRzdgBwmGy9pX-LRE0Ij9QctDRBKVWPlaeBd5QD2ZO5reJO9ldsgjPKtGJ_T7GPlRyxaIOqAqZYNsEAdzOGHAn9qsf125e3w3ztSh420tF8Tr5np8KAZfKQ32fYEE-k4Y1WO6FrH5ScplbNWHVVxFAxr3mBDJo_ZnycT-5kQ6PZwcpoIBBp1qdX3jeowQecJR34y38yMab5lBT2ixl5GDw5nATR8Ev22jHlt51z0CqoKWIYwJ9SM0EM8moub50fFIh-8iJU73NuZN3hFibyqCZNWUHvkd7CtZr0D3_gDaiuNwq3DSQ6z-qhrOtKClA2Tw3nPhMB5NFvgu1ppVRE0qsl9PSpS_vcVDtp5dWCVDQzDwkvcFvY42s6rsU1-I0Pabx4GT3_6DHuk0vPuoxUUZSnOH2JfySC82Qs6HZPKC1NAtXYTaqKUboVcAbOKe4I9hZuo9YoNG8lp6ZW6RFzPUV6DOhDwi2yt_ZGmQACJ5MF-IHwxt7NmUR7dn8ElmEgX4G43uxd3hTytNSoclW5bkwpaY8S429_aTPBamfKWWdI0CfZYgT-BcYkDq3_X0qWnxzAJoHCysAKQ2axRxQEoGN2o2bvRLrlz3zFlgHChKEt-Uyo4RxwSnfh_TjMQLvLxaba85Admcv9EWAtu2-WBtV5Y-gkTGDmFZgXURZBWFf42wRfjYihgJde31_wJt2jqytgAh_R9M7yRwiplSXPvpW4Ksu2Won9lKFYMR_x2_dnyEaJAqrTunfE_qW-BlvmFdNBAfZ2iIcbzF63xJFfNTUslcocCpxHeNyvhzjN-h91qQXNiKpp-oJROXtmX2TqOvBCXFLuG7pg2ZDtf5SCc1guVPupt_C37Ba0rse05DiCIzOVFN14dyknicQkDXVoeBH0fltTX_nbrLVg1WjnjLXLIm8SdtWQ0V6BYndao3MpFTE9M6KdYbexs41k7wHJ3kBTjExuGEBwEMYAG-QuPA9qRAVQxeoN6sZ3jRBo7Ng1APJKx8mPtyZJeNpKPFmBwqoKxR-hQlyJ95FAUWmqrvAHSgy3tJgA1aCW59KsgZ2uMPnE-TSY22_k1GOeDUhX4CIMrysuKz_vpcbjx

Requested by

Host: 21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com
URL: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DA52 0
56 B 17ms
17ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BT7wbre-BYZucPOWH9u8Prpek6A8AAAAAOAHgBAI&bg=!4uGl4aXNAAZzbWp4c207ACkAdvg8WoShgH1KIbCq017tQeOZmEwUdx9Y4R0ZsUQT7xUzTQ0E2xT-IgIAAACPUgAAAAdoAQeZA0FnVATX_QyDo3yNxX3cacDMOVkd7BaJqksrBBIxfp_wlXKaBSsRV5pLphVGG1jq2j4GnklCJ9Go8eEsKmNqIcsugPg2la92dGdhJb7un7ZxgmFa-gJg1iSY9QcL6PVhiF1G1pEKe0h7zPvLULa6MQ5QTDwFsi_Vauy0Z6-OcN9lMxpxVv7kJwf_ISPqT6lo1DQII25iBS0zkEdYsuupsjRZvcSgyxR7opfLDHb-m_ZCNJ6-owMvVw0rgI6pSKLX9gLu_j_vvVuOWrLjRx8yV8DeIBfge2P7f94F4rB_j5pPLErOXg18I_sLi49X_xuDVVAScjdZu7WqJehPHZ6ASMLGoW6wbmFlVe6UCQKcrpGArgmpy_I6tKhrazppOA3WGafLBxY6k_SK-6HNbdaHrbs8GOkC78Xi9XoxUMNZBHj-_SmqlgKdbYtAAtqDJ0MOnOaqNmzdT_htOcDe5fxM-VuAJinWo8w4LrMSaXk_I-drXZwVDJvePjLtU7quFJJ6L7YFVoWPfoe3UJAolU7C99REHMt6C9KoefCVPQNutnrZcdzf9Yo8Kj11Ixe6QN7DvK-WvEgsaDIwlYgn1AefKDuenWlQr9rH8zidtgtr6zx2zwLrK72rtXm2pg9676X0PhoVdVBwLBbXCgDElfSRZsbOd3Uwp8cdQDWoe5GUe5IlfuDNzkSbKpa7J6QqtXXv1fc9Kn482YRVSxNwNKh8ZjQ9PxnnbMlJqB_hvXPuqU1hzjeuUvovs05ew05GgskdU9GLElSmDDvdvlgQGs-OHM6HMSOPv3dT8VFKHcTJaWsTDzUiI6SB5j6CpTeyuaDZRl90zKGomfVxdYJd3uqp9Rd7K3kpr34EFlc6epILAUZhiHKRVeGWmREenPa1lM9Chr4e5b_KzuG8nz8-xmdIaXz7ht6hUlz85M6L269gfbpz8IE4paxTtIZWBE3Qy8oKdNJrONmpCaVZ6MBQF3LXGmlmRpbUQHN-lD3q8pqL73tCwqATL2_yDJVEaf6KWWEEODD8zrPpyrGrVQu9OESEBCJFf4BDYFD7vjF5bWQvxtWJlN8IxlRkH_Bb6WbLZIMR4hy8G3JKlJjRHctQbXdANlaKGA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1BE0 17 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211029/r20110914/xfa/sodar_loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:10:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 03 Nov 2021 02:10:54 GMT

GET
H2 200 9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A9F 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6292b24f4cc9e6bb52159276bf8a5d01ad441d209fd0da03ffca3ac44cc494c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13471
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 21:11:56 GMT

GET
H2 204 event
ads.adfox.ru/239538/ 0
66 B 69ms
69ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/239538/event?hash=db37a0a7d1cccfc5&pm=bmp&pxo=rtlD2fk7bQ7E17cSAWG1kKijPvbOTJUcbqHIwx3I-lUnu5Ct3ny3lI_urp6hPIqalzTVxwbnXVF86pJDy06t2TyfcueAE602bvHT6MaVGnyLN9CKP4mHnbKmf7DH5_shAyRQK-9Kx7DlYNY9BmGTPdTOhFsn5Aydp8NBYFFGfWvoXBU2&p5=fxybz&rand=jvqnaro&sj=OubdkeMQRnqn0pQYT4D8IrgpYMZZ67TDALjj1J3HCmVcO66p3kO2zIA8wwcmuw%3D%3D&ad-session-id=4033131635905452616&lts=fhrwcmm&ytt=53326314211349&ybv=0.47201&ylv=0.47201&dl=https%3A%2F%2Ftelegraf.by%2F&pr=lqwqiaz&p1=cnhpl&rqs=rDd87Y7sEias74Fh6hRUJrCWqr-Apqbw&rtb-si=b&p2=y

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Nov 2021 02:10:55 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 93F8 42 B
174 B 19ms
19ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsseMZBQvrx69MPx9RnuPhS8qWFLpjhuQDXp0HxDvK27jon28RUZRhJN6eihuXZwcraVYq3qkceSJc1I6JpQELakGPNwLWi7oVWljiUHPBEwlgsjEy3TKQ&sai=AMfl-YQsIDl4YyZScfrw-J1OFvqrISU0scZfQO9wgm0eAuuhx043nTC5k6qXyvoNm8USLz5dhJNCrnxB7I6jA96ll1w0rhDi1gYQqWCfbX6THdQZKNuIpE92C_QYm9-hwLbB&sig=Cg0ArKJSzIiuC_cTsKinEAE&cid=CAASFeRoDOlMN0BG2m9rNzO11kzcVlNSXw&id=lidar2&mcvt=1000&p=51,315,305,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211101&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=2734954319&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635905453539&rpt=460&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/239538/ 0
18 B 93ms
93ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/239538/event?hash=2bf3aafd8e78a2e5&pm=bmp&pxo=zJlB5a2BoFScoWTJdY_uqb3naaRc76ysFFUowcvFtpDzu2-DW-Gfz6jFORaYbwas1CBDnZUTKDQr7-d4DghAo98TfeWzfn-XO0YZW2M91srBBEhkneOQbXyrsmgYVb1xNwI-HXdwZFOtV8r01kQPACFA7BUuvkDU1K_7TENmA1kDHq9K&p5=fxybz&rand=ilfdyjz&sj=VT2_yxG1hvzHwrHxEGzctd6L-PbNwtZoB3XbyNNlupfE6QDYfNmN2MNRmHegYQ%3D%3D&ad-session-id=4033131635905452616&lts=fhrwcmm&ytt=53326314211349&ybv=0.47201&ylv=0.47201&dl=https%3A%2F%2Ftelegraf.by%2F&pr=lqwqiaz&p1=cnimm&rqs=rENMp5iBKjSs74FhEIVZ322_Addt7sSB&rtb-si=b&p2=y

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Nov 2021 02:10:55 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D575 42 B
108 B 18ms
18ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7bVSO10Be5lGbqKEP42sPnA990ZbiRKl-xnz3i0hYwoLkatZl3DW2Ea5Gi7OJW_R0pfO4eKFMhj3l24AfofI7zgYMWQUw8s22KcjUoSOEW5khXETgWw&sai=AMfl-YS7d0EhmqWK_Cud16qPnp2o_kADKjFQi94jvDNFxXpVxZdQBIRzmW5eHgkSz8WlNYYr5aF1hSOlNIfrF5DqROhHwZdQzfAP9CX02zwe7CbV6FcaIhtvFg5lNVlz1Uxn&sig=Cg0ArKJSzAcGTV4BDkr1EAE&cid=CAASFeRoVzcm29c4sA4CEU2fHZqU94EHsQ&id=lidar2&mcvt=1000&p=1015,310,1109,1038&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211101&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=3912092229&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635905453682&rpt=512&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D575 42 B
108 B 16ms
15ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4-zeOXf-EXgF8BfGymvOeLsxi8rQ7cXv2bD6CNNSGOZDFigWV2FZ4wsquaBxfFwXJAxEUhb4YQrtK5F8vFAQcJ7NlU-7j&sig=Cg0ArKJSzNhDwt8VPJflEAE&id=lidar2&mcvt=1002&p=0,0,90,728&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20211101&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=793251926&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635905453682&rpt=514&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1BE0 42 B
108 B 17ms
17ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst0hlWqCOpXYvbOPEh2ORIAsxaa7c1mOJMG5aCzP97f7sy9G9laMqwLBKbisEFxvetj30tYtfMvvVviv5BFjYaKiOb3_ck4&sig=Cg0ArKJSzCiQT2B-zSL1EAE&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211101&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=33&adk=358260176&rs=6&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635905453948&rpt=312&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 1661897 Show response
mc.yandex.com/webvisor/ 43 B
145 B 47ms
46ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/1661897?wmode=0&wv-part=1&wv-hit=167399804&page-url=https%3A%2F%2Ftelegraf.by%2F&rn=566601307&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1635905455%3Aw%3A1600x1200%3Av%3A680%3Az%3A0%3Ai%3A202111030201055%3Au%3A1635905453347128054%3Avf%3A4bjmbg3ayomqwin74n%3Awe%3A1%3Ast%3A1635905455&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegraf.by/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:55 GMT
last-modified: Wed, 03-Nov-2021 02:10:55 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://telegraf.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Nov-2021 02:10:55 GMT

GET
H2 204 event
ads.adfox.ru/239538/ 0
18 B 75ms
74ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/239538/event?hash=513706c5df1241a7&pm=bmn&pxo=rtlD2fk7bQ7E17cSAWG1kKijPvbOTJUcbqHIwx3I-lUnu5Ct3ny3lI_urp6hPIqalzTVxwbnXVF86pJDy06t2TyfcueAE602bvHT6MaVGnyLN9CKP4mHnbKmf7DH5_shAyRQK-9Kx7DlYNY9BmGTPdTOhFsn5Aydp8NBYFFGfWvoXBU2&p5=fxybz&rand=mjpmrhq&sj=OubdkeMQRnqn0pQYT4D8IrgpYMZZ67TDALjj1J3HCmVcO66p3kO2zIA8wwcmuw%3D%3D&ad-session-id=4033131635905452616&lts=fhrwcmm&ytt=53326314211349&ybv=0.47201&ylv=0.47201&dl=https%3A%2F%2Ftelegraf.by%2F&pr=lqwqiaz&p1=cnhpl&rqs=rDd87Y7sEias74Fh6hRUJrCWqr-Apqbw&rtb-si=b&p2=y

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Nov 2021 02:10:55 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H/1.1 200
OK bsevent.gif
tps20518.doubleverify.com/ Frame 93F8 807 B
1 KB 9ms
9ms Ping
image/gif 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20518.doubleverify.com/bsevent.gif?impid=c748e5c605764637a776f1389e984fb9&pltfrm=Linux%20x86_64&cbust=1635905455879286
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 11/2/2021 2:10:55 AM

POST
H/1.1 200
OK bsevent.gif
tps20519.doubleverify.com/ Frame D575 807 B
1 KB 8ms
8ms Ping
image/gif 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20519.doubleverify.com/bsevent.gif?impid=ebdc987e1e3a4b1da81b29199dab76a8&pltfrm=Linux%20x86_64&cbust=1635905455880676
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 11/2/2021 2:10:55 AM

GET
H2 204 event
ads.adfox.ru/239538/ 0
18 B 76ms
76ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/239538/event?hash=1ec16b24591307a2&pm=bmn&pxo=zJlB5a2BoFScoWTJdY_uqb3naaRc76ysFFUowcvFtpDzu2-DW-Gfz6jFORaYbwas1CBDnZUTKDQr7-d4DghAo98TfeWzfn-XO0YZW2M91srBBEhkneOQbXyrsmgYVb1xNwI-HXdwZFOtV8r01kQPACFA7BUuvkDU1K_7TENmA1kDHq9K&p5=fxybz&rand=jgxwctd&sj=VT2_yxG1hvzHwrHxEGzctd6L-PbNwtZoB3XbyNNlupfE6QDYfNmN2MNRmHegYQ%3D%3D&ad-session-id=4033131635905452616&lts=fhrwcmm&ytt=53326314211349&ybv=0.47201&ylv=0.47201&dl=https%3A%2F%2Ftelegraf.by%2F&pr=lqwqiaz&p1=cnimm&rqs=rENMp5iBKjSs74FhEIVZ322_Addt7sSB&rtb-si=b&p2=y

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Nov 2021 02:10:55 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 200 1661897 Show response
mc.yandex.com/webvisor/ 43 B
176 B 271ms
47ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/1661897?wmode=0&wv-part=1&wv-hit=167399804&page-url=https%3A%2F%2Ftelegraf.by%2F&rn=617905750&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1635905456%3Aw%3A1600x1200%3Av%3A680%3Az%3A0%3Ai%3A202111030201056%3Au%3A1635905453347128054%3Avf%3A4bjmbg3ayomqwin74n%3Awe%3A1%3Ast%3A1635905456&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegraf.by/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:56 GMT
last-modified: Wed, 03-Nov-2021 02:10:56 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://telegraf.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Nov-2021 02:10:56 GMT

POST
H/1.1 200
OK event.png
tps11008.doubleverify.com/ Frame FE83 67 B
464 B 496ms
153ms Ping
image/png 63.251.109.127
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps11008.doubleverify.com/event.png?impid=c8cfa2c2eaa04618ba059f604d191b3a&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=78&vdur=565&eoid=8&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=0&tetms=6&msltms=17&vltms=565&sei=289&vetms=8&engms=1&engisel=1&ttfurm=2591&cbust=1635905456633455
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.127 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 11/2/2021 2:10:57 AM

POST
H/1.1 200
OK event.png
tps11019.doubleverify.com/ Frame 9508 67 B
464 B 486ms
153ms Ping
image/png 63.251.109.127
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps11019.doubleverify.com/event.png?impid=bad10e90231d455e804f7f6a61c18472&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=26&vdur=473&eoid=8&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=10&tetms=8&msltms=17&vltms=473&sei=289&vetms=2&engms=1&engisel=1&ttfurm=2480&cbust=1635905456651936
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.127 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 11/2/2021 2:10:57 AM

POST
H/1.1 200
OK event.png
tps11025.doubleverify.com/ Frame 80C5 67 B
464 B 489ms
153ms Ping
image/png 63.251.109.127
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps11025.doubleverify.com/event.png?impid=75506dab956d40cb8301a9dcb263e800&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=57&vdur=468&eoid=8&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=10&tetms=6&msltms=20&vltms=468&sei=290&vetms=4&engms=1&engisel=1&ttfurm=2475&cbust=1635905456701403
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.127 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 11/2/2021 2:10:57 AM

POST
H/1.1 200
OK event.png
tps11062.doubleverify.com/ Frame D1BD 67 B
418 B 475ms
156ms Ping
image/png 63.251.109.127
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps11062.doubleverify.com/event.png?impid=e7647bf2d3b14663812554c2343679f3&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=12&vdur=467&eoid=8&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=11&tetms=7&msltms=17&vltms=467&sei=290&vetms=2&engms=1&engisel=1&ttfurm=2475&cbust=1635905456763514
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.127 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://ad.doubleclick.net
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 11/2/2021 2:10:57 AM

POST
H/1.1 200
OK event.png
tps11008.doubleverify.com/ Frame FE83 67 B
464 B 150ms
150ms Ping
image/png 63.251.109.127
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps11008.doubleverify.com/event.png?impid=c8cfa2c2eaa04618ba059f604d191b3a&gdpr=&gdpr_consent=&msrcanlm=904&msrcannum=3&eoid=10&ismms=27&isumms=26&isvelg=1&nvr=6&isgmmims=27&isgmv4mims=27&elmtp=1&isbxdms=2627&b0=100&b11=2627&adhgt=250&adwdth=970&norwdth=970&norhgt=250&engisel=1&vsos=13&dvp_vsosnmr=16&lftb=2727&sftb=2727&msrdp=1&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=970&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1027&isuiabvms=1027&isgmpims=26&isgmv4dpims=1027&ispmxpms=1027&engalms=25&engscrlms=144&dvp_pageEng=true&dvp_dpr=1&cbust=1635905457632671
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.127 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 11/2/2021 2:10:57 AM

POST
H/1.1 200
OK event.png
tps11019.doubleverify.com/ Frame 9508 67 B
464 B 154ms
154ms Ping
image/png 63.251.109.127
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps11019.doubleverify.com/event.png?impid=bad10e90231d455e804f7f6a61c18472&gdpr=&gdpr_consent=&msrcanlm=392&msrcannum=3&eoid=10&ismms=9&isumms=8&isvelg=1&nvr=6&isgmmims=9&isgmv4mims=9&elmtp=6&isbxdms=2508&b0=100&b11=2513&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&lftb=2613&sftb=2613&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1008&isuiabvms=1008&isgmpims=113&isgmv4dpims=1008&ispmxpms=1008&engalms=7&engscrlms=113&dvp_pageEng=true&dvp_dpr=1&cbust=1635905457651588
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.127 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 11/2/2021 2:10:57 AM

POST
H/1.1 200
OK event.png
tps11025.doubleverify.com/ Frame 80C5 67 B
464 B 155ms
155ms Ping
image/png 63.251.109.127
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps11025.doubleverify.com/event.png?impid=75506dab956d40cb8301a9dcb263e800&gdpr=&gdpr_consent=&msrcanlm=394&msrcannum=4&eoid=10&ismms=9&isumms=8&isvelg=1&nvr=6&elmtp=3&isbxdms=2508&b0=100&b11=2514&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&lftb=2614&sftb=2614&msrdp=7&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1008&isuiabvms=1008&ispmxpms=1008&engalms=7&engscrlms=108&dvp_pageEng=true&dvp_dpr=1&cbust=1635905457700541
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.127 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 11/2/2021 2:10:57 AM

POST
H/1.1 200
OK event.png
tps11062.doubleverify.com/ Frame D1BD 67 B
418 B 150ms
150ms Ping
image/png 63.251.109.127
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps11062.doubleverify.com/event.png?impid=e7647bf2d3b14663812554c2343679f3&gdpr=&gdpr_consent=&msrcanlm=394&msrcannum=4&eoid=10&ismms=9&isumms=8&isvelg=1&nvr=6&elmtp=3&isbxdms=2509&b0=100&b11=2515&adhgt=250&adwdth=970&norwdth=970&norhgt=250&engisel=1&vsos=13&dvp_vsosnmr=16&lftb=2615&sftb=2615&msrdp=1&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=970&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1009&isuiabvms=1009&ispmxpms=1009&engalms=8&engscrlms=118&dvp_pageEng=true&dvp_dpr=1&cbust=1635905457763131
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.127 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://ad.doubleclick.net
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 11/2/2021 2:10:57 AM

GET
H2 204 event
ads.adfox.ru/239538/ 0
66 B 90ms
90ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/239538/event?hash=27a4b42b31fc8ef9&pm=bmq&pxo=rtlD2fk7bQ7E17cSAWG1kKijPvbOTJUcbqHIwx3I-lUnu5Ct3ny3lI_urp6hPIqalzTVxwbnXVF86pJDy06t2TyfcueAE602bvHT6MaVGnyLN9CKP4mHnbKmf7DH5_shAyRQK-9Kx7DlYNY9BmGTPdTOhFsn5Aydp8NBYFFGfWvoXBU2&p5=fxybz&rand=ldjksfi&sj=OubdkeMQRnqn0pQYT4D8IrgpYMZZ67TDALjj1J3HCmVcO66p3kO2zIA8wwcmuw%3D%3D&ad-session-id=4033131635905452616&lts=fhrwcmm&ytt=53326314211349&ybv=0.47201&ylv=0.47201&dl=https%3A%2F%2Ftelegraf.by%2F&pr=lqwqiaz&p1=cnhpl&rqs=rDd87Y7sEias74Fh6hRUJrCWqr-Apqbw&rtb-si=b&p2=y

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Nov 2021 02:10:58 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/239538/ 0
18 B 65ms
64ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/239538/event?hash=632e22b42bd343ba&pm=bmq&pxo=zJlB5a2BoFScoWTJdY_uqb3naaRc76ysFFUowcvFtpDzu2-DW-Gfz6jFORaYbwas1CBDnZUTKDQr7-d4DghAo98TfeWzfn-XO0YZW2M91srBBEhkneOQbXyrsmgYVb1xNwI-HXdwZFOtV8r01kQPACFA7BUuvkDU1K_7TENmA1kDHq9K&p5=fxybz&rand=dweqngh&sj=VT2_yxG1hvzHwrHxEGzctd6L-PbNwtZoB3XbyNNlupfE6QDYfNmN2MNRmHegYQ%3D%3D&ad-session-id=4033131635905452616&lts=fhrwcmm&ytt=53326314211349&ybv=0.47201&ylv=0.47201&dl=https%3A%2F%2Ftelegraf.by%2F&pr=lqwqiaz&p1=cnimm&rqs=rENMp5iBKjSs74FhEIVZ322_Addt7sSB&rtb-si=b&p2=y

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://telegraf.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 02:10:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Nov 2021 02:10:58 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H/1.1 200
OK bsevent.gif
tps20518.doubleverify.com/ Frame 93F8 807 B
1 KB 8ms
8ms Ping
image/gif 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20518.doubleverify.com/bsevent.gif?impid=c748e5c605764637a776f1389e984fb9&mascid=kvivvanuq9kmlery8oem02asoeoruh7l&dvp_masver=6&dvp_tisf=1&dvp_t1stMsgB=325&cbust=1635905458754722
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 11/2/2021 2:10:58 AM

POST
H/1.1 200
OK bsevent.gif
tps20519.doubleverify.com/ Frame D575 807 B
1 KB 9ms
8ms Ping
image/gif 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20519.doubleverify.com/bsevent.gif?impid=ebdc987e1e3a4b1da81b29199dab76a8&mascid=kvivvaq1jyeg38xt47ujraneulu6ento&dvp_masver=6&dvp_tisf=2&dvp_t1stMsgB=355&cbust=1635905458833493
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 02:10:58 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 11/2/2021 2:10:58 AM

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
telegraf.by/	1970-01-20 07:53:53	Name: __atuvc Value: 1%7C44
telegraf.by/	1970-01-19 22:25:07	Name: __atuvs Value: 6181efac63bafca0000
.telegraf.by/	1970-01-20 15:56:17	Name: _ga Value: GA1.2.1048830621.1635905452
.telegraf.by/	1970-01-19 22:26:31	Name: _gid Value: GA1.2.1374787905.1635905452
.telegraf.by/	1970-01-19 22:25:05	Name: _gat_gtag_UA_16632131_5 Value: 1
.yandex.ru/	1970-01-20 15:56:17	Name: i Value: x/6jBrSu1RdlXNS1RtL/XvZR4uRgk7SMaIRf0bMGMuZFnFjd4+OYALkEQC0VPkqgt1CaNRfUDgTvQHq0WZRTLliFaaE=
.addthis.com/	1970-01-20 07:53:53	Name: uvc Value: 1%7C44
.telegraf.by/	1970-01-20 07:10:41	Name: _ym_uid Value: 1635905453347128054
.telegraf.by/	1970-01-20 07:10:41	Name: _ym_d Value: 1635905453
.addthis.com/	1970-01-20 07:53:53	Name: loc Value: MDAwMDBFVURFTkkyMzMzMTkwNTAwMTAwMDBDSA==
.vk.com/	1970-01-20 07:02:28	Name: remixlang Value: 6
.mc.yandex.com/	1970-01-19 22:25:06	Name: sync_cookie_csrf Value: 1194757384fake
.telegraf.by/	1970-01-19 22:26:17	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-19 22:25:06	Name: sync_cookie_csrf Value: 2282164048fake
.yandex.com/	1970-01-20 07:10:41	Name: yandexuid Value: 7439847441635905452
.yandex.com/	1970-01-20 07:10:41	Name: yuidss Value: 7439847441635905452
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2011414981635905452
.yandex.com/	1970-01-23 14:01:05	Name: i Value: u052jwKmhHGgiPKn9eAW/TJtl7jMnLJfw62OoUDtArdXlWEXn8hMU6bZHTm2F4Rx3RbStcVShPDYQtPjFtC/BM42xUc=
.yandex.com/	1970-01-20 07:10:41	Name: ymex Value: 1667441452.yrts.1635905452#1667441452.yrtsi.1635905452
.yandex.ru/	1970-01-23 14:01:05	Name: yandexuid Value: 3758959331635905452
.telegraf.by/	1970-01-19 22:25:07	Name: _ym_visorc Value: w
.telegraf.by/	1970-01-20 07:46:41	Name: __gads Value: ID=d66c38160ebcf457-22ca1cda09cb009e:T=1635905453:S=ALNI_MbgU9-uiPNw1ZjH0dgdaqD4a6jbHQ
.doubleclick.net/	1970-01-20 07:46:41	Name: IDE Value: AHWqTUnG8kiDZEZkdOp8cpdKXHfPppH9HzZPKCUh8a7QUJyc4snE8rWmz-X6vnphHbE
.casalemedia.com/	1970-01-20 07:10:41	Name: CMID Value: YYHvrWLl1LS44juKsRzLyQAA
.casalemedia.com/	1970-01-20 00:34:41	Name: CMPS Value: 3229
.casalemedia.com/	1970-01-20 00:34:41	Name: CMPRO Value: 1108
.casalemedia.com/	1970-01-19 22:26:31	Name: CMST Value: YYHvrWGB760A
.agkn.com/	1970-01-20 07:10:41	Name: ab Value: 0001%3ALDS70ulUcrlDzJ3YR%2Bl9Iwx1x2z7zfFV
.adnxs.com/	1970-01-20 00:34:41	Name: uuid2 Value: 8409499633654275761
.agkn.com/	1970-01-20 07:10:41	Name: u Value: C\|0EAApFKwtKRSsLQAAAAABAgAHAAAAAAF3ZCT__x4AAAAAAD79HwAAAAARe9GeAAAAAAidqQMAAAAAHP-WKgAABwAAAAABeKKP__8eAAAAAAA-_R8AAAAAEXqkFAAAAAAInYYAAAAAABz_kVwA
.adnxs.com/	1970-01-20 00:34:41	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E><CnPRY!@wnfH8K6pQK`!5=E<L5?%Lx4xM`8^[2uB32.^)3l+vq]SNl^C#!)zu+_-zP(hw9P-HC_#tuC#*P@I
.casalemedia.com/	1970-01-20 07:10:41	Name: CMRUM3 Value: 2d6181efad2760CAESEPc3dBZCj30bd6U1vIfnUEs

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9445.I9R8myrKuqS71TCM6UQiZ6tE8nNJCcISa4fRcxBnzsziOljwDF9T5LowIWCuHQqMK3py5EIJrkdKWHN_kcNqJA%2C%2C.rbv2c8-YB0w6GsaemLIYpWByvUs%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://ad.atdmt.com/i/t.js;adv=11032206473623;ec=11032215840085;adv.a=9533159;c.a=24683151;s.a=4128031;p.a=293250068;a.a=486510940;cache=1967496427; Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://telegraf.by/ Message: The resource https://telegraf.by/tel/app/elasticpress/dist/css/facets-styles.min.css?x34917&ver=3.4.1 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://telegraf.by/ Message: The resource https://telegraf.by/tel/app/temy/telegrafwpby/inc/assets/js/html5.js?x34917&ver=3.7.0 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://telegraf.by/ Message: The resource https://telegraf.by/tel/app/temy/telegrafwpby/style.css?x34917&ver=5.3.9 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

21916be3d137d0bd5538481ca7cd17f6.safeframe.googlesyndication.com
a9cb10ed454fdb3cbb12b263b60b203e.safeframe.googlesyndication.com
ad.atdmt.com
ad.doubleclick.net
ads.adfox.ru
adservice.google.com
adservice.google.de
an.yandex.ru
api-public.addthis.com
cdn.doubleverify.com
cdn.jsdelivr.net
cdn3.doubleverify.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
d.agkn.com
dsum-sec.casalemedia.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
m.addthis.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
rtb0.doubleverify.com
s0.2mdn.net
s7.addthis.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
telegraf.by
tpc.googlesyndication.com
tps.doubleverify.com
tps11008.doubleverify.com
tps11019.doubleverify.com
tps11025.doubleverify.com
tps11062.doubleverify.com
tps20518.doubleverify.com
tps20519.doubleverify.com
use.fontawesome.com
v1.addthisedge.com
vk.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
yandex.ru
yastatic.net
z.moatads.com
s7.addthis.com
104.75.88.126
142.250.184.226
142.250.185.162
142.250.186.102
172.217.18.98
185.33.220.243
2.18.234.21
2.18.235.40
213.254.244.21
2606:4700:3030::6815:6e8
2606:4700:3031::ac43:d645
2606:4700::6810:135e
2606:4700::6810:5714
2a00:1450:4001:809::2004
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2006
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:829::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c06::9c
2a02:26f0:6c00:286::4469
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
2a02:6b8:a::a
2a03:2880:f02d:5:face:b00c:0:8c
3.124.136.236
63.251.109.127
77.88.21.179
87.240.190.78
0253185a4cfd8a31fa015f856c47a032cf99a7aa4f528389965225dc4c150ff2
02eb5708f20d3bb69043b79adc7898694c308a27438651fb3591ab7292b37826
03d0582d4320dae2d559c8a9469bf838a56afacb208c107dc421af898975f919
03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
08379d6962481af5cb13ec9caf4f04a6a01aea562afc6ecf3429e79dbe5dc343
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e1f4a9035b3daee4d9c95ed2308dbeab3bd0cf1566a5fd224099654f4882925
0f7d72b56d2b2df7a02581a17515dcaa0ca6761166e129a29cadeb220d5e3c29
0f839003422e5fe9c2dfd0e43d629d2f33a379e98c1558a6f5b7f5ef5cdf99b8
10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e
11c8eecfaa98ffb431664f2cd0908445f1a45bc550e82ababa615eff30f176eb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
131e8d7973531c1e3ffe64956ed42d1fa33cc3d589a1ee2779393bb09ede25cb
14a8d81d6fa95c97db18abc6fcf1734d9d4256b02d0db8ce9fcc9278f6be22a9
15378e9bbf3bca79dddc657f190f1d105c74e3fdb2029136080b5ab41ad7fb68
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0
1821aae591ab857fbb03ede5b4b2a22f25420bae6564a4a86a1cd6a7efe0142c
1f2240b43657f061f4a2672d03bd413c92bf4fba12727f0c61b1792affb59d57
20cf74e6c7e2676b6078c5563d6f97d318c8bd0801b413f7c7b5c998de6c719b
2b802368b20fbcf4c42666e202f23aa188324b396afb973e0cddb18453b6e769
2e7b8ddc2df8ad1ef42f7846f30e92a666b4a79d319fa52405745b6c99f4abaa
2f441839a30400536a7929981076ef3a81faf302fdfef53922dad563c13e8af8
2ff5adc72f97bc02d11d10cbb4f5abcd2b35ecfd07dc26ee450c01a1daa6d05b
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
31dc4cd5de1d4ed53f195218040065bdb58228f5fd41cfd4b3ea413246fd53cc
362567ac209f0a3603867c2b7f59799fc76b0f0d1882d100918b170a89fd0794
380a57c5673f7ca35f09c78eef2a80e7f4e52a8481503a96a7f92d55942ad55c
3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733
3cc24db242eced50ec04836edf1df8c86b08d71f37b521c7f54577bde6ecf60a
3daceec3bd97612d8a38ea069ba1d1fe9f8932c73888250c4027ad88c190bf2c
3eb07e41c91d34126703fca3ff9d593377d2926a06d86b69b5a96e0aaaf031ce
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181
4403e2547b03098ecb0f101753ad838f4f027392fc669dbc5fc56685d710e0c6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4815fefdde185a719ef71778ced893b546806cf2c5db6f0a3243d899cabc5b57
4a6d5ddb2d59955c2b3eea63f40da7f159eba49e60cb9670da8a3690e359705b
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc2f466272e920dbea78d391f5e540856873a73918a0eab4fd2d649543b0152
4c061a302d3aad80e5d04a7608f20a26cb6ca995f3e36bfb65500e17552debeb
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56cc1b3c78225a2401d2ddfcd15a9137388162edfb7117d1ec4759ed0f962c96
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5
5dea5a5c593fcff0f7d1125228a0196dc277292594df32fbd8145e8eff6f2617
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
620f91730b2c17570a072469c405bf526a53ee4fcccf2078f9f7d8a93417a1da
630b1fa3b10cdcf9845c1f21dabded6dd54ef28635ea6f3adf28c2f0c27df519
64a326d0339d418588f028a753e26f35c27d8cbff753ac98d8d43625663b10ca
65c7f05f26feac375d0ebcbf0096d310e7663511d0dba9d055245c26318180f8
6864668933a4f66335ebc5df248779202e45b69db24e99f738a64847702d7215
6acf90584b80960637e05b65d1b5d7d7c0b7c91b3b3308cf78f59b0cd11de841
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70fedf5fb986e73167530f1acf001c1cfc07af1e0c21c4607513ad3356a8a078
7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
7b4fbd6cf87898b005b09546b1c4e82654918b11e5f64ccb8fc32ea0a04e237a
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7f7b4f9e7141aaaba44ebcd6f9fff7bc6c8606453be4fdd48c3b4c540df659d1
80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff
81513a4a8badba7608cb7270d2b4303dab311640a660c4701c22dcc4c154c5af
819f3136b7fa1d732f05ec1d9c773bed9bdcdb09e936fe964ae8fb70f29912f2
824f7782d42c2159724fc5f1c6dba056619526236c4abe67115832e144f09672
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
865a58f575c44c2ccdeabdcce7c3f80d9b62b0e7a7ac91b481e1579773cf3f8f
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
8701341d6c1999829fa2b17d7d11479a10816a1049e6a29a1252e5e9bf2ee07d
895ed770a631ca3fec0b56e9a1d3aa8ef2e65c16b7074aa4296baa3e833c2cb9
89f280c948d1f1484534a9ddb872db305f19ce14cdf09a380362aac0ddf406de
8c3511734130f799785ad87b747687b7e907a8221fa8244c79c7997af5d788c8
8d549660d05ce0f98995c6bcfb81de8587ac0d05b0173c2853d47effdd1eee47
92af9e53d768cc3fb6c9675d0d2eafba403f527fc761b29679953c71d3c588e1
9327647771c09df82095dba3591c77cca41a9cedca948ae01e7fb70c690dcbd5
9576c7428672952e86208b6269eff0bfa43544702120c7ea4f109e2c441b3525
96ab1b168a7856f4a1e978ed60e0b477994a3cf18ba4a2a7d86d4a28f0c74264
975714c6cb70ba105bfa87d2415df2fddde4a46c1d3ab9d0cf45465e56cba97d
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
9b299ac8986f5ddc1f2714281d8203d005c595f597d835f412867d101175610a
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9ec40a94bc91d36bc5badadb1740ccdcc084b6003499ffff5be390ba623ec713
9ee1782d47409de204c31b283f5520f472a4899f6af63b30fde26dd73b63078b
9f092fc5e79c148a7543c37a3d2a4ea0215f6e57d4ed0f571c76f092f9299f54
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1ce42471a5fb6b76a676d9306414db906f5e2c753eb058517f3653b0a4bdb44
a3dcfbd6b446166e10db7767829d5aa85c27e2d1116dc998af3a932d0aaed58f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e109d1ec109bab254ffc2e4119b7b7da406986001253a9c0196b9da00a9df9
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa8b74e25f64eafe8bfa0a012b8c04d5d6276e04fade1c0303035a4cca2ad840
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b552d5d359a666300d9b3ecc876df85b6d27e6f0aedf8aaef051dc66ad066a5f
b5c3760ebad493fbb95c0ac2cbcdeca727826c3f9c78719d2964c62abca3c7a1
b74739ae6b59eb7f4dc0248da57b301adea910b98f26a9142c8918bf1f52cc33
b92a7afd45383eddda0e896cf31b245721c61e9ce397efb6b72330037a37ac83
b9a305d79e3bbd4bedd6143bde0a38394a201ea40a38391ed126a18e4451e724
ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c
bba058a28cb6265b1d27ddab6ad28a19960fb5a0d7b7e1fa726e3dc7d71824e3
bcbd1473c49f13b86e0563ec788577c36001f9f58845843bcb57f9a25cbd3eba
c02d2e4ee660f561338f717a6dc83745ea23c4ad356a57bdfee60c3643b25b1a
c43b1c1468a868dafbd409c72f2e05e3a52d7be6cc9c2deec15b0117befc41a6
c4d58719b0165ddc44fdad63f14ab18d21547b66dc0fa5785135f8f1c6a8cfdf
c4f757a8c1635e107c6e3e145cddd32e2f98d41f49808860c2047d5b6b91bb70
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
ccbfb499a61ae34892923b98765f91ee9175111e1793d62413ef242c3a603725
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d1dfcd1999d00dd590fd3900cd0d29eeed07d7b939e9ee6ea133d5b69b50e671
d2601de99d171f4eb71a0dfa4c118703fd889e63fa6eacb00245eadc3fb30686
d34a6cf2f4f4544de792658d4b774aefd05077e4fbf87b1938ca5c57e4603def
d4bcf3a8a8bce79a4f0dc55812a1720bc6ec5bf17e1ac7af523adb6f00b403af
d57310a8fc3a69ef0e68e764c92f847e3f455ef80c071984899f6bdc5092cedc
d5b83174b14c8fb07a6cfc17abbc860e726a23b84f724c468049c73e1e8d7cba
dc6646558aa82ce8e89ac33e83de30f4f2f3050a7e49a842355dd63e3ba28187
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deb353fd464bda93438396f37c023005dd38f0863346c2ada189cbe355a072fd
e0e24c4738e6547e31d8dc472aadd65cf739442e1bd3fc4eb5e78798a2668231
e11b0616e2b3c3eac9f4dfb96e103d54c81d3ecb01013196ec799ff4011690d2
e2268466e5795917418ee41997f63b80d8dd4adc00ba9996dd8042fab778b652
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b099ca368d2b19b75a6ba568c2a3239a87697746275952d72e1629ab5dc31b
e5f5736867880dc34e00e9d915d49094d5aa572c73771e87a082bd721b5a4f7c
e9cbc154c03fe0b31af4476aaa6372b1e38ec252c26b886936759cfd339adb76
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ed7d00064ed5b05623fd0b80726f4687287e8c45bc430fa8800be79452a11c64
ee65dd37a0311a7ff95c482b6cb3b7d1d439e052d35fc13cf3732f1065ff4cb1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0597e52eb3ebfd1a3a87aad1ad5b0014fdae811f5d394438a2d2cf09caa35d7
f31c2a8bc3a54e78b9e6ad0532cd40839c964fabfaaff5bba03348d2d3cb9c41
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f6292b24f4cc9e6bb52159276bf8a5d01ad441d209fd0da03ffca3ac44cc494c
fc1cee21376da3a4fdf8f62d3bb1d46c80c763d447da7e7c07112f45eee09d3f
fc560ac3003bca8cef669884cd66d9731d6283208632d8a5e4bd85b16abca604
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff835a615190a441a0699ac400e65d2c9866f66b742d3aa3fc85cf624e49e697

telegraf.by Open in urlscan Pro 2606:4700:3030::6815:6e8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

232 Requests

95 %HTTPS

63 %IPv6

26 Domains

48 Subdomains

36 IPs

5 Countries

3101 kBTransfer

8770 kBSize

32 Cookies

4 Outgoing links

Page URL History

Redirected requests

232 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

telegraf.by Open in urlscan Pro
2606:4700:3030::6815:6e8 Public Scan

Screenshot
Live screenshot

Full Image

232
Requests

95 %
HTTPS

63 %
IPv6

26
Domains

48
Subdomains

36
IPs

5
Countries

3101 kB
Transfer

8770 kB
Size

32
Cookies

232 HTTP transactions
3 data transactions