www.presstelegram.com Open in urlscan Pro
192.0.66.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.presstelegram.com/
Effective URL:
https://www.presstelegram.com/
Submission: On January 25 via manual (January 25th 2022, 11:32:21 am UTC) from GB — Scanned from GB

Summary HTTP 186 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 70 IPs in 6 countries across 53 domains to perform 186 HTTP transactions. The main IP is 192.0.66.2, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is www.presstelegram.com. The Cisco Umbrella rank of the primary domain is 330357.
TLS certificate: Issued by R3 on January 22nd 2022. Valid for: 3 months.

This is the only time www.presstelegram.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400f:800::200a	15169 (GOOGLE) (GOOGLE)
5	65.9.71.173 65.9.71.173	16509 (AMAZON-02) (AMAZON-02)
2	13.224.193.26 13.224.193.26	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400f:801::200a	15169 (GOOGLE) (GOOGLE)
1	13.225.82.234 13.225.82.234	16509 (AMAZON-02) (AMAZON-02)
2	108.139.210.126 108.139.210.126	16509 (AMAZON-02) (AMAZON-02)
12	18.66.139.96 18.66.139.96	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:209... 2600:9000:209c:600:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	13.225.85.39 13.225.85.39	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
14	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	2a04:4e42:e00... 2a04:4e42:e00::282	54113 (FASTLY) (FASTLY)
3	34.193.237.162 34.193.237.162	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.97.105 18.66.97.105	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	52.222.214.39 52.222.214.39	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400f:802::2008	15169 (GOOGLE) (GOOGLE)
1	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
1	13.225.63.115 13.225.63.115	16509 (AMAZON-02) (AMAZON-02)
1	185.33.220.100 185.33.220.100	29990 (ASN-APPNEX) (ASN-APPNEX)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	23.0.33.234 23.0.33.234	16625 (AKAMAI-AS) (AKAMAI-AS)
1	204.237.133.116 204.237.133.116	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2602:803:c004... 2602:803:c004:200::143	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.156.29.201 35.156.29.201	16509 (AMAZON-02) (AMAZON-02)
1	104.36.113.23 104.36.113.23	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2600:9000:225... 2600:9000:225e:f600:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400f:803::200e	15169 (GOOGLE) (GOOGLE)
1	178.250.2.83 178.250.2.83	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	34.236.203.109 34.236.203.109	14618 (AMAZON-AES) (AMAZON-AES)
1 3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	3.95.140.237 3.95.140.237	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b130:4896:6298:98c:bff0	14618 (AMAZON-AES) (AMAZON-AES)
1	54.146.217.90 54.146.217.90	14618 (AMAZON-AES) (AMAZON-AES)
4	13.85.16.224 13.85.16.224	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.217.66.52 52.217.66.52	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2 6	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1 5	54.88.18.204 54.88.18.204	14618 (AMAZON-AES) (AMAZON-AES)
1	95.100.153.123 95.100.153.123	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400f:80b::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
4	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
2	40.78.253.202 40.78.253.202	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	34.102.163.6 34.102.163.6	15169 (GOOGLE) (GOOGLE)
2	142.250.74.34 142.250.74.34	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:32f1:6bb5:fef5:f5d6	16509 (AMAZON-02) (AMAZON-02)
3 4	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.46.154.242 52.46.154.242	16509 (AMAZON-02) (AMAZON-02)
1 1	64.202.112.223 64.202.112.223	23352 (SERVERCEN...) (SERVERCENTRAL)
2	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2600:1f18:444... 2600:1f18:444a:4680:5b76:7408:bdd4:1592	14618 (AMAZON-AES) (AMAZON-AES)
2 2	54.155.105.81 54.155.105.81	16509 (AMAZON-02) (AMAZON-02)
1 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
1 1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	104.26.5.15 104.26.5.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.66.204.182 3.66.204.182	16509 (AMAZON-02) (AMAZON-02)
186	70

27 192.0.66.2 (San Francisco, United States) 1 redirects

ASN2635 (AUTOMATTIC, US)

www.presstelegram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400f:800::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.71.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-173.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.193.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-26.fra2.r.cloudfront.net

mng-presstelegram.zeustechnology.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400f:801::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.82.234 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-82-234.fra2.r.cloudfront.net

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.139.210.126 (United States)

ASN16509 (AMAZON-02, US)

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.66.139.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-96.fra60.r.cloudfront.net

m869.presstelegram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:209c:600:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.85.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-85-39.fra2.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loader-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fp-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g2insights-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ayc0zsm69431gfebd.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:e00::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.193.237.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-237-162.compute-1.amazonaws.com

digitalfirstmedia.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-105.fra56.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-39.fra56.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400f:802::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

dfm-presstelegram.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-115.ewr53.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.100 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.0.33.234 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-33-234.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.237.133.116 (Philadelphia, United States)

ASN3257 (GTT-BACKBONE GTT, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.29.201 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-29-201.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.23 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:f600:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.37 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400f:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.83 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ssp-sync.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.236.203.109 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-203-109.compute-1.amazonaws.com

mid.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.95.140.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-140-237.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:4896:6298:98c:bff0 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.146.217.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-217-90.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.85.16.224 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

prod-dfm-proxy-connext.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.66.52 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

paywall-ad-bucket.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

49aa56d712150ab027d072110aafe53d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.88.18.204 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-18-204.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.153.123 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-153-123.deploy.static.akamaitechnologies.com

sli.presstelegram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400f:80b::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.240 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ams1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.78.253.202 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.163.6 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com

ad.mrtnsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.34 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:32f1:6bb5:fef5:f5d6 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.211.178.172 (North Charleston, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.154.242 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.223 (United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4680:5b76:7408:bdd4:1592 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.155.105.81 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-105-81.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.5.15 (United States)

ASN13335 (CLOUDFLARENET, US)

api-mg2.db-ip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.66.204.182 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-204-182.eu-central-1.compute.amazonaws.com

k.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	presstelegram.com 1 redirects www.presstelegram.com — Cisco Umbrella Rank: 330357 m869.presstelegram.com sli.presstelegram.com	1 MB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 49aa56d712150ab027d072110aafe53d.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 124	201 KB
11	liadm.com 2 redirects b-code.liadm.com — Cisco Umbrella Rank: 3664 idx.liadm.com — Cisco Umbrella Rank: 6022 rp.liadm.com — Cisco Umbrella Rank: 2775 rp4.liadm.com — Cisco Umbrella Rank: 10903 i.liadm.com — Cisco Umbrella Rank: 512 i6.liadm.com — Cisco Umbrella Rank: 1514	19 KB
11	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 cm.g.doubleclick.net — Cisco Umbrella Rank: 197	186 KB
10	ayc0zsm69431gfebd.xyz cdn.ayc0zsm69431gfebd.xyz — Cisco Umbrella Rank: 31292	205 KB
8	3lift.com 2 redirects ib.3lift.com — Cisco Umbrella Rank: 1122 tlx.3lift.com — Cisco Umbrella Rank: 600 eb2.3lift.com — Cisco Umbrella Rank: 389	3 KB
7	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 281 s.amazon-adsystem.com — Cisco Umbrella Rank: 284	78 KB
6	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 722 ssp-sync.criteo.com — Cisco Umbrella Rank: 2061 gum.criteo.com — Cisco Umbrella Rank: 369 mug.criteo.com — Cisco Umbrella Rank: 2864	8 KB
6	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 241 cdn.adnxs.com — Cisco Umbrella Rank: 1377 ams1-ib.adnxs.com — Cisco Umbrella Rank: 6678	47 KB
4	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	140 KB
4	azurewebsites.net prod-dfm-proxy-connext.azurewebsites.net — Cisco Umbrella Rank: 62545	308 KB
4	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 473 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459 image6.pubmatic.com — Cisco Umbrella Rank: 595	8 KB
4	p-n.io cdn.p-n.io — Cisco Umbrella Rank: 4536 k.p-n.io — Cisco Umbrella Rank: 2382	58 KB
3	adsrvr.org 1 redirects match.adsrvr.org — Cisco Umbrella Rank: 329	1 KB
3	azureedge.net loader-cdn.azureedge.net — Cisco Umbrella Rank: 28113 fp-cdn.azureedge.net — Cisco Umbrella Rank: 32891 g2insights-cdn.azureedge.net — Cisco Umbrella Rank: 33650	238 KB
3	gstatic.com fonts.gstatic.com	81 KB
3	blueconic.net digitalfirstmedia.blueconic.net — Cisco Umbrella Rank: 102035	2 KB
3	wp.com i1.wp.com — Cisco Umbrella Rank: 5313 stats.wp.com — Cisco Umbrella Rank: 2822 pixel.wp.com — Cisco Umbrella Rank: 2494	49 KB
2	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 1265	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 205	2 KB
2	moatads.com z.moatads.com — Cisco Umbrella Rank: 361	506 B
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 887	407 B
2	rkdms.com 1 redirects mid.rkdms.com — Cisco Umbrella Rank: 1158	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 138	719 B
2	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 461 as-sec.casalemedia.com — Cisco Umbrella Rank: 1285	789 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	144 KB
2	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 1554 api.rlcdn.com — Cisco Umbrella Rank: 812	38 KB
2	osano.com cmp.osano.com — Cisco Umbrella Rank: 9815	100 KB
2	zeustechnology.com mng-presstelegram.zeustechnology.com	100 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 ajax.googleapis.com — Cisco Umbrella Rank: 293	32 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 440	98 KB
1	db-ip.com api-mg2.db-ip.com — Cisco Umbrella Rank: 27746	849 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 13	299 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 570	239 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 890	607 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 421	676 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 588	301 B
1	bing.com c.bing.com — Cisco Umbrella Rank: 273	593 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470	1004 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 546	707 B
1	mrtnsvr.com 1 redirects ad.mrtnsvr.com — Cisco Umbrella Rank: 2371	250 B
1	amazonaws.com paywall-ad-bucket.s3.amazonaws.com — Cisco Umbrella Rank: 44396	1 KB
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 467	3 KB
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1747	592 B
1	disqus.com dfm-presstelegram.disqus.com	2 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 636	14 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 645	40 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1387	580 B
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 1928	22 KB
1	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2931	21 KB
1	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 11207	38 KB
186	53

	Domain	Requested by
27	www.presstelegram.com	1 redirects www.presstelegram.com cmp.osano.com
12	pagead2.googlesyndication.com	az416426.vo.msecnd.net www.presstelegram.com securepubads.g.doubleclick.net mng-presstelegram.zeustechnology.com www.googletagservices.com googleads.g.doubleclick.net
12	m869.presstelegram.com	www.presstelegram.com m869.presstelegram.com cmp.osano.com az416426.vo.msecnd.net
10	cdn.ayc0zsm69431gfebd.xyz	cmp.osano.com
6	googleads.g.doubleclick.net	mng-presstelegram.zeustechnology.com googleads.g.doubleclick.net
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net
6	eb2.3lift.com	2 redirects cmp.osano.com eb2.3lift.com
5	i.liadm.com	1 redirects cmp.osano.com i.liadm.com
5	c.amazon-adsystem.com	www.presstelegram.com c.amazon-adsystem.com
4	x.bidswitch.net	3 redirects eb2.3lift.com
4	ams1-ib.adnxs.com	mng-presstelegram.zeustechnology.com www.presstelegram.com cdn.adnxs.com
4	www.googletagservices.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net
4	prod-dfm-proxy-connext.azurewebsites.net	cdn.ayc0zsm69431gfebd.xyz
3	match.adsrvr.org	1 redirects js-sec.indexww.com eb2.3lift.com
3	fonts.gstatic.com	fonts.googleapis.com
3	securepubads.g.doubleclick.net	mng-presstelegram.zeustechnology.com cmp.osano.com securepubads.g.doubleclick.net
3	digitalfirstmedia.blueconic.net	m869.presstelegram.com cmp.osano.com
2	k.p-n.io	cdn.p-n.io
2	x.dlx.addthis.com	1 redirects i.liadm.com
2	dpm.demdex.net	2 redirects
2	z.moatads.com	www.presstelegram.com
2	s.amazon-adsystem.com	1 redirects eb2.3lift.com
2	cm.g.doubleclick.net	eb2.3lift.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	gum.criteo.com	1 redirects cmp.osano.com
2	mid.rkdms.com	1 redirects www.presstelegram.com
2	www.google-analytics.com	cmp.osano.com
2	sb.scorecardresearch.com	1 redirects www.presstelegram.com
2	b-code.liadm.com	cmp.osano.com
2	bidder.criteo.com	static.criteo.net
2	www.googletagmanager.com	cmp.osano.com
2	ads.pubmatic.com	mng-presstelegram.zeustechnology.com cmp.osano.com
2	cmp.osano.com	www.presstelegram.com cmp.osano.com
2	cdn.p-n.io	www.presstelegram.com cdn.p-n.io
2	mng-presstelegram.zeustechnology.com	www.presstelegram.com
2	cdn.jsdelivr.net	www.presstelegram.com cdn.jsdelivr.net
1	api-mg2.db-ip.com	cdn.ayc0zsm69431gfebd.xyz
1	www.google.com	1 redirects
1	trc.taboola.com	i.liadm.com
1	odr.mookie1.com	i.liadm.com
1	i6.liadm.com	i.liadm.com
1	sync.mathtag.com	1 redirects
1	mug.criteo.com
1	b1sync.zemanta.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com	eb2.3lift.com
1	ad.mrtnsvr.com	1 redirects
1	cdn.adnxs.com	mng-presstelegram.zeustechnology.com
1	sli.presstelegram.com
1	as-sec.casalemedia.com	az416426.vo.msecnd.net
1	49aa56d712150ab027d072110aafe53d.safeframe.googlesyndication.com	cmp.osano.com
1	paywall-ad-bucket.s3.amazonaws.com	www.presstelegram.com
1	rp4.liadm.com	www.presstelegram.com
1	rp.liadm.com	1 redirects
1	api.rlcdn.com	js-sec.indexww.com
1	idx.liadm.com	js-sec.indexww.com
1	ssp-sync.criteo.com	static.criteo.net
1	g2insights-cdn.azureedge.net	cmp.osano.com
1	fp-cdn.azureedge.net	cmp.osano.com
1	image6.pubmatic.com	ads.pubmatic.com
1	tlx.3lift.com	mng-presstelegram.zeustechnology.com
1	fastlane.rubiconproject.com	mng-presstelegram.zeustechnology.com
1	hbopenbid.pubmatic.com	mng-presstelegram.zeustechnology.com
1	htlb.casalemedia.com	mng-presstelegram.zeustechnology.com
1	ib.adnxs.com	mng-presstelegram.zeustechnology.com
1	loader-cdn.azureedge.net	ajax.googleapis.com
1	geo.privacymanager.io	ats.rlcdn.com
1	dfm-presstelegram.disqus.com	cmp.osano.com
1	pixel.wp.com	www.presstelegram.com
1	ats.rlcdn.com	www.presstelegram.com
1	ib.3lift.com	mng-presstelegram.zeustechnology.com
1	js-sec.indexww.com	mng-presstelegram.zeustechnology.com
1	static.criteo.net	mng-presstelegram.zeustechnology.com
1	polyfill.io	ajax.googleapis.com
1	az416426.vo.msecnd.net	www.presstelegram.com
1	stats.wp.com	www.presstelegram.com
1	cdn.parsely.com	www.presstelegram.com
1	i1.wp.com	www.presstelegram.com
1	cdn.auth0.com	www.presstelegram.com
1	ajax.googleapis.com	www.presstelegram.com
1	fonts.googleapis.com	www.presstelegram.com
186	82

This site contains links to these domains. Also see Links.

Domain
www.medianewsgroup.com
longbeachpresstelegram.ca.newsmemory.com
comicskingdom.com
www.legacy.com
lang.theadhawk.com
checkout.presstelegram.com
mng-prod.auth0.com
www.accuweather.com
myaccount.presstelegram.com
enewspaper.presstelegram.com
mediakit.scng.com
facebook.com
twitter.com
www.nydailynews.com
www.mercurynews.com
www.readingeagle.com
www.macombdaily.com
www.socalnewsgroup.com
digitalfirstmedia.wd5.myworkdayjobs.com
www.socalnie.com
marketplace.socaladsonline.com
scng.column.us
adportal.socaladsonline.com
careers.socalnewsgroup.com
lbcityguide.com
vip.wordpress.com
www.digitalfirstmedia.com

Subject Issuer	Validity	Valid
presstelegram.com R3	`2022-01-22` - `2022-04-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.zeustechnology.com Amazon	`2021-05-15` - `2022-06-13`	a year	crt.sh
*.auth0.com Amazon	`2021-04-25` - `2022-05-24`	a year	crt.sh
pushlycdn.com Amazon	`2021-03-16` - `2022-04-14`	a year	crt.sh
u066.ocregister.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
cmp.osano.com Amazon	`2021-09-17` - `2022-10-16`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
*.blueconic.net Amazon	`2021-08-07` - `2022-09-05`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
sni22a5dgl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-08` - `2022-10-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.liadm.com Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
sni1ad09gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-01` - `2022-11-01`	a year	crt.sh
sni1ad03gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-01` - `2022-11-01`	a year	crt.sh
sni9642gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-22` - `2023-02-22`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.azurewebsites.net Microsoft RSA TLS CA 02	`2021-07-07` - `2022-07-07`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-12-13` - `2022-12-13`	a year	crt.sh
sli.chicoer.com R3	`2022-01-05` - `2022-04-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
in.applicationinsights.azure.com Microsoft RSA TLS CA 01	`2021-07-22` - `2022-07-22`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2021-12-06` - `2022-06-06`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.p-n.io Amazon	`2022-01-10` - `2023-02-06`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.presstelegram.com/
Frame ID: E46EC51A72C13DA5987966EC33D40665
Requests: 125 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 25BBE4261BB483477F235426DBC146E2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160200&s=&predirect=&userIdMacro=&gdpr_consent=CPTXr1bPTXr1bEXABAENBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&
Frame ID: 5C520C781ABB50BEBD4E2D2BCC1E0D1F
Requests: 2 HTTP requests in this frame

Frame: https://49aa56d712150ab027d072110aafe53d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D75622E49C1AE671747F48C0A671326E
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: A9668891808D7B1272FA24B8C66E09E3
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.presstelegram.com&gdpr=1&gdpr_consent=CPTXr1aPTXr1aEXABAENBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA
Frame ID: 36A4A7884AF29AA835BE96FA79D86878
Requests: 2 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-05ge?s=&cim=&ps=true&ls=true&duid=3db4babb9fb0--01ft8g3y5g7pfbqksjmexxtj9f&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Frame ID: 80F45E71649D5A53C56C3C9DA11547C6
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstTjbxJ_2RLJ8aUbE31i2TMurRZnYP2NDzyw3oj03Fq-NnDFqzLFy7zzu7dNDtyQ1IM0JGQo5lTFQkUWoQoup__8cymdsJBSre24RiByv1ts8LD-qhRohx9nc4fO5QXPyfeiEDOSYJqEUTbJjEc3XYTLioxLKraEbQR6dk1mLTluTLtjLP8dO9IBYGOt1CNGk_a5RAvg-jcXwTsbJP_q6dzW6-MAHklKbh7LnowrvWgiI_thF9OmDYFLgznHLZj9iq-I-Xyx7yYmaRbVEq8hY-7Kcc78EH243uckQDE-7w2up9k88joVSq73Kd_athMt2Hq0JVuyCiVr8v_nHK2gIXec67DXQ&sig=Cg0ArKJSzE2HthWbix9rEAE&uach_m=[UACH]&adurl=
Frame ID: FF2E56C53092E866A7E793069359CDD4
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvJxZMIQp-zytfkoYLw3HOxxwrTh0InW6_3Z17UtuAi1wjeW3jqoKk0crtpcHDVZo5IvXEyH0niwgTVIWxxMvzSWLKvLufQdTp4XaTU5DS5YEWeE-6zDGzGA7PjD9QTld_jrkwnqYEEt3z9tRWmpnmqj7wjCQBVXo1gnPXTZt8NcdwVBiDG_7PDYzEsJgHjVCaOEFe5LuGMeM_F15Qybmvre0ZRBPHvA-tNM5zswgQwJryPBFnt-OIWcSNV96LyY68XTMImUkaXsD-sqOCw_gBP8b_LIcNMGZ5yLHpQeKIafgBaeAmhEOwr9L-H90b_b88LOvVz0PrLp-Nr7hihuzazs2hrseCCYA&sig=Cg0ArKJSzIVYHpsLvI8tEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B996E3948C264F233257010DD93C1B23
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: ECB7D0F2E48225B3EFA2BADFF5F66F48
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6A3406940297955FB806C87E6B156EB1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
Frame ID: 71CA9EF3FC62CC1F4D4870C7F08C537B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Long Beach Press-Telegram: Local News, Sports, Things to DoClose this dialogClose Cookie Preferences

Page URL History Show full URLs

http://www.presstelegram.com/ HTTP 301
https://www.presstelegram.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

186
Requests

89 %
HTTPS

33 %
IPv6

53
Domains

82
Subdomains

70
IPs

6
Countries

3396 kB
Transfer

11260 kB
Size

54
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: https://www.medianewsgroup.com/privacy-policy/
Title: Data Storage Policy

Search URL Search Domain Scan URL

URL: http://longbeachpresstelegram.ca.newsmemory.com/ssindex.php
Title: Special Sections

Search URL Search Domain Scan URL

URL: https://comicskingdom.com/?utm_source=dfm
Title: Comics

Search URL Search Domain Scan URL

URL: http://www.legacy.com/obituaries/lbpresstelegram/
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/lbpresstelegram/
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://lang.theadhawk.com/lang-adportal/obits/index.html
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://checkout.presstelegram.com/?g2i_source=nav&g2i_medium=link&g2i_campaign=MG2NAV&g2i_or_o=Internt5&g2i_or_p=MG2NAV&returnUrl=https%253A%252F%252Fwww.presstelegram.com%252F
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://mng-prod.auth0.com/v2/logout?returnTo=https%3A%2F%2Fwww.presstelegram.com
Title: Logout

Search URL Search Domain Scan URL

URL: http://www.accuweather.com/en/us/long-beach-ca/90802/current-weather/38079_pc?lang=en-us&partner=mng_4
Title: 53°F

Search URL Search Domain Scan URL

URL: https://myaccount.presstelegram.com/lbpt/preference
Title: Sign Up For Newsletters

Search URL Search Domain Scan URL

URL: https://enewspaper.presstelegram.com/
Title: E-Edition

Search URL Search Domain Scan URL

URL: https://myaccount.presstelegram.com/
Title: Subscribe + Subscriber Services

Search URL Search Domain Scan URL

URL: https://mediakit.scng.com/
Title: Advertising Services

Search URL Search Domain Scan URL

URL: https://checkout.presstelegram.com/?g2i_source=nav&g2i_medium=link&g2i_campaign=footer&g2i_or_o=Internt5&g2i_or_p=MG2NAV
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://facebook.com/presstelegram
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/presstelegram
Title: Twitter

Search URL Search Domain Scan URL

URL: https://myaccount.presstelegram.com/access.aspx?utm_source=adtila&utm_medium=website&utm_campaign=access

Search URL Search Domain Scan URL

URL: https://www.nydailynews.com/snyde/ny-covid-meat-loaf-died-seriously-ill-20220121-isurmazc4ze4fm6oehakzloefe-story.html
Title: ‘If I Die, I Die,’ Said Meat Loaf, Who Flouted COVID Rules

Search URL Search Domain Scan URL

URL: https://www.mercurynews.com/2022/01/22/rare-terrifying-winter-big-sur-fire-burns-down-to-iconic-highway-1-bridge/
Title: Rare Winter Wildfire Burns Down To Iconic Bridge In California

Search URL Search Domain Scan URL

URL: https://www.readingeagle.com/2022/01/23/police-on-scene-of-homicide-in-shillington/
Title: Woman Found Dead In Pa. Home In Apparent Homicide

Search URL Search Domain Scan URL

URL: https://www.nydailynews.com/news/national/ny-man-arrested-throwing-smoothie-robeks-tiktok-20220123-5mrhkyf4lvbfxflizny77hkyha-story.html
Title: Man Arrested, Accused Of Hurling Smoothie, Profanities At Employees

Search URL Search Domain Scan URL

URL: https://www.macombdaily.com/2022/01/23/former-anchor-bay-high-school-student-killed-in-crash/
Title: Speed, Alcohol Played A Role In Late-night Fatal Crash, Police Say

Search URL Search Domain Scan URL

URL: https://www.socalnewsgroup.com/about-scng-1/
Title: Southern California News Group

Search URL Search Domain Scan URL

URL: https://www.socalnewsgroup.com/
Title: Partners

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/
Title: MediaNews Group

Search URL Search Domain Scan URL

URL: https://digitalfirstmedia.wd5.myworkdayjobs.com/MNG
Title: Work With Us

Search URL Search Domain Scan URL

URL: https://www.socalnie.com/
Title: Newspapers in Education

Search URL Search Domain Scan URL

URL: https://marketplace.socaladsonline.com/scng
Title: Classified

Search URL Search Domain Scan URL

URL: http://scng.column.us/
Title: Legals

Search URL Search Domain Scan URL

URL: https://adportal.socaladsonline.com/scng-adportal/obits/index.html
Title: Obituary

Search URL Search Domain Scan URL

URL: https://careers.socalnewsgroup.com/
Title: Careers

Search URL Search Domain Scan URL

URL: http://lbcityguide.com/
Title: LB City Guide

Search URL Search Domain Scan URL

URL: https://checkout.presstelegram.com/
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://myaccount.presstelegram.com/lbpt/rewards
Title: Reader Rewards

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/accessibility-statement/
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/arbitration/
Title: Arbitration

Search URL Search Domain Scan URL

URL: https://vip.wordpress.com/
Title: Powered by WordPress.com VIP

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/california-consumer-privacy-act/
Title: Do Not Sell My Info

Search URL Search Domain Scan URL

URL: http://www.socalnewsgroup.com/

Search URL Search Domain Scan URL

URL: http://www.digitalfirstmedia.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.presstelegram.com/ HTTP 301
https://www.presstelegram.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1643110332435&ns_c=UTF-8&c8=Long%20Beach%20Press-Telegram%3A%20Local%20News%2C%20Sports%2C%20Things%20to%20Do&c7=https%3A%2F%2Fwww.presstelegram.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1643110332435&ns_c=UTF-8&c8=Long%20Beach%20Press-Telegram%3A%20Local%20News%2C%20Sports%2C%20Things%20to%20Do&c7=https%3A%2F%2Fwww.presstelegram.com%2F&c9=

Request Chain 86

https://mid.rkdms.com/idsv2?ptk=17c1789b-e660-493b-aa74-3c8fb990dc5f&pubid=MEDIANEWSGROUP HTTP 302
https://mid.rkdms.com/restricted

Request Chain 92

https://rp.liadm.com/j?dtstmp=1643110332716&aid=a-05ge&se=e30&duid=3db4babb9fb0--01ft8g3y5g7pfbqksjmexxtj9f&tna=v2.3.0&pu=https%3A%2F%2Fwww.presstelegram.com%2F&us_privacy=1---&wpn=lc-bundle&gdpr=1&gdpr_consent=CPTXr1ePTXr1eEXABBENBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&c=PHRpdGxlPkxvbmcgQmVhY2ggUHJlc3MtVGVsZWdyYW06IExvY2FsIE5ld3MsIFNwb3J0cywgVGhpbmdzIHRvIERvPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVGhlIFByZXNzLVRlbGVncmFtIGlzIHRoZSBsb2NhbCBuZXdzIHNvdXJjZSBmb3IgTG9uZyBCZWFjaCBhbmQgdGhlIHN1cnJvdW5kaW5nIGFyZWEgcHJvdmlkaW5nIGJyZWFraW5nIG5ld3MsIHNwb3J0cywgYnVzaW5lc3MsIGVudGVydGFpbm1lbnQsIHRoaW5ncyB0byBkbywgb3BpbmlvbiwgcGhvdG9zLCB2aWRlb3MgYW5kIG1vcmUiPjx0aXRsZSBpZD0iYWVjYjY2N2ItNjc1MS00MzE0LWI1NjItNzk2OTY4MDVhYTBkIj48IS0tLS0-Q2xvc2UgdGhpcyBkaWFsb2c8IS0tLS0-PC90aXRsZT48dGl0bGUgaWQ9ImFlY2I2NjdiLTY3NTEtNDMxNC1iNTYyLTc5Njk2ODA1YWEwZCI-PCEtLS0tPkNsb3NlIENvb2tpZSBQcmVmZXJlbmNlczwhLS0tLT48L3RpdGxlPjxoMSBjbGFzcz0iY3VzdG9tLWxvZ28gbG9nbyI-PGEgaHJlZj0iaHR0cHM6Ly93d3cucHJlc3N0ZWxlZ3JhbS5jb20iIGFyaWEtbGFiZWw9IlByZXNzIFRlbGVncmFtIj48aW1nIHNyYz0iaHR0cHM6Ly93d3cucHJlc3N0ZWxlZ3JhbS5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMTcvMDkvbG9uZ19iZWFjaF9wcmVzcy10ZWxlZ3JhbV9ibGFjay0zOTJ4NDAuc3ZnIiBhbHQ9IlByZXNzIFRlbGVncmFtIiB3aWR0aD0iMzkzIiBoZWlnaHQ9IjQxIj48L2E-PC9oMT4 HTTP 302
https://rp4.liadm.com/j?dtstmp=1643110332716&aid=a-05ge&se=e30&duid=3db4babb9fb0--01ft8g3y5g7pfbqksjmexxtj9f&tna=v2.3.0&pu=https%3A%2F%2Fwww.presstelegram.com%2F&us_privacy=1---&wpn=lc-bundle&gdpr=1&gdpr_consent=CPTXr1ePTXr1eEXABBENBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&c=PHRpdGxlPkxvbmcgQmVhY2ggUHJlc3MtVGVsZWdyYW06IExvY2FsIE5ld3MsIFNwb3J0cywgVGhpbmdzIHRvIERvPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVGhlIFByZXNzLVRlbGVncmFtIGlzIHRoZSBsb2NhbCBuZXdzIHNvdXJjZSBmb3IgTG9uZyBCZWFjaCBhbmQgdGhlIHN1cnJvdW5kaW5nIGFyZWEgcHJvdmlkaW5nIGJyZWFraW5nIG5ld3MsIHNwb3J0cywgYnVzaW5lc3MsIGVudGVydGFpbm1lbnQsIHRoaW5ncyB0byBkbywgb3BpbmlvbiwgcGhvdG9zLCB2aWRlb3MgYW5kIG1vcmUiPjx0aXRsZSBpZD0iYWVjYjY2N2ItNjc1MS00MzE0LWI1NjItNzk2OTY4MDVhYTBkIj48IS0tLS0-Q2xvc2UgdGhpcyBkaWFsb2c8IS0tLS0-PC90aXRsZT48dGl0bGUgaWQ9ImFlY2I2NjdiLTY3NTEtNDMxNC1iNTYyLTc5Njk2ODA1YWEwZCI-PCEtLS0tPkNsb3NlIENvb2tpZSBQcmVmZXJlbmNlczwhLS0tLT48L3RpdGxlPjxoMSBjbGFzcz0iY3VzdG9tLWxvZ28gbG9nbyI-PGEgaHJlZj0iaHR0cHM6Ly93d3cucHJlc3N0ZWxlZ3JhbS5jb20iIGFyaWEtbGFiZWw9IlByZXNzIFRlbGVncmFtIj48aW1nIHNyYz0iaHR0cHM6Ly93d3cucHJlc3N0ZWxlZ3JhbS5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMTcvMDkvbG9uZ19iZWFjaF9wcmVzcy10ZWxlZ3JhbV9ibGFjay0zOTJ4NDAuc3ZnIiBhbHQ9IlByZXNzIFRlbGVncmFtIiB3aWR0aD0iMzkzIiBoZWlnaHQ9IjQxIj48L2E-PC9oMT4&i6=MmEwMjo4Yzg6YzEwOjMwOjo2&n3pc=true

Request Chain 107

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 127

https://ad.mrtnsvr.com/sync/triplelift HTTP 302
https://eb2.3lift.com/xuidmid=7976&xuid=7t9E9P54M&dongle=u6nf

Request Chain 129

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU5MjM2Mzc3MTY0OTI4MTgxNDI1Ng%3D%3D

Request Chain 131

https://pr-bh.ybp.yahoo.com/sync/triplelift/3592363771649281814256?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-BcyWWS9E2oT8EDU.tocHCThPxP0qch745ZCn2THqmA--~A&dongle=0883

Request Chain 134

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3592363771649281814256 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3592363771649281814256&dcc=t

Request Chain 135

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 149

https://gum.criteo.com/sid/json?origin=publishertag&domain=www.presstelegram.com&sn=ChromeSyncframe&so=0&topUrl=www.presstelegram.com HTTP 302
https://mug.criteo.com/sid?cpp=qiEhy3w0N2VZZzFYUStyS3RkcDJzSGh0VHNOSjNiVDFNNW1oV2pZU0FhZS8rdzYvdkZUUXVqYTNuL3BVS1VNSXErbHBhQ3lHSFViVStSUXlVR3dJWXBYNDNmV3laUU85YnhCclh0U2ZRbnFucWphNzBtVCtaKzNpYzR5b0JRZmpZMk96UHB2K0o0YnhsWk9ZeXVqZzl2YThxdE83T2dFNEg0YzlYUHZLVU9jMUtPNlc1TDhqUWtXK0NuMzhGMGlFam9QbDFQVXlVUElVQnZvYXZrNEdoTWFCeHVBPT18&cppv=2

Request Chain 163

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https://i.liadm.com/s/e/a-05ge/0/5ff4b5ab404148848a2e8c0a0c2944bd?mpid%3D7156%26muid%3D%5BMM_UUID%5D&a5ce9dc3-2624-4025-b075-9fa43d2fa64b&us_privacy=1--- HTTP 302
https://i.liadm.com/s/e/a-05ge/0/5ff4b5ab404148848a2e8c0a0c2944bd?mpid=7156&muid=6ad061ef-dfbe-4300-b9a7-86e09d2ea17c

Request Chain 164

https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&us_privacy=1--- HTTP 302
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=88fbc670-b2dd-4e5f-aec8-856e6d5e6fff HTTP 303
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=88fbc670-b2dd-4e5f-aec8-856e6d5e6fff

Request Chain 165

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=a5ce9dc3-2624-4025-b075-9fa43d2fa64b&redir=https:%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-05ge%2F0%2F5ff4b5ab404148848a2e8c0a0c2944bd%3Fmpid=82775&muid=$%7BDD_UUID%7D?us_privacy=1--- HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=a5ce9dc3-2624-4025-b075-9fa43d2fa64b&redir=https:%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-05ge%2F0%2F5ff4b5ab404148848a2e8c0a0c2944bd%3Fmpid=82775&muid=$%7BDD_UUID%7D HTTP 302
https://i.liadm.com/s/e/a-05ge/0/5ff4b5ab404148848a2e8c0a0c2944bd?mpid=82775

Request Chain 166

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=a5ce9dc3-2624-4025-b075-9fa43d2fa64b&us_privacy=1--- HTTP 302
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=a5ce9dc3-2624-4025-b075-9fa43d2fa64b&us_privacy=1---&rd=Y

Request Chain 167

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=a5ce9dc3-2624-4025-b075-9fa43d2fa64b&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=a5ce9dc3-2624-4025-b075-9fa43d2fa64b&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1--- HTTP 302
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=b88ac2a6-1cd4-42bc-8018-7f63f4a7e46b

Request Chain 168

https://x.bidswitch.net/sync?ssp=liveintent&user_id=a5ce9dc3-2624-4025-b075-9fa43d2fa64b&us_privacy=1--- HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c6e9ea9c-4deb-3700-d164-f078a1f7802b&ssp=liveintent&gdpr=&gdpr_consent=

Request Chain 172

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

186 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.presstelegram.com/
Redirect Chain

http://www.presstelegram.com/
https://www.presstelegram.com/

243 KB
47 KB

267ms
218ms

Document
text/html

192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

0a73f4df68c1ea26082ab3755018ae01218e76e7dcd9325864a4cab027eba899

Security Headers

Name

Value

Content-Security-Policy

default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;

Strict-Transport-Security

max-age=31536000;includeSubdomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

server: nginx
date: Tue, 25 Jan 2022 11:32:09 GMT
content-type: text/html; charset=UTF-8
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.presstelegram.com/wp-json/>; rel="https://api.w.org/"
x-rq: lhr4 0 4 9980
cache-control: max-age=300, must-revalidate
content-encoding: gzip
age: 0
x-cache: miss
vary: Accept-Encoding
accept-ranges: bytes
strict-transport-security: max-age=31536000;includeSubdomains

Redirect headers

Server: nginx
Date: Tue, 25 Jan 2022 11:32:09 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.presstelegram.com/

GET
H2 200 /
www.presstelegram.com/_static/ 100 KB
15 KB 24ms
22ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/_static/??-eJyNUdFOwzAM/CFcM5j6hhCf4iamNXPSKnY09e/J1k3amEA8Wb7zXS42HheQHLRGNgxmGMUcB53DAVSGQmVF81W5S5K7NvCEt4ovw8RRiJUTZ79rFqWVCyiPFNb/yRt329+Jwpz9NLNoHSW3oJ8JvFTzZhclkM/FWlRyCeeP/OT+NJuYyoEzLnXQi/4CwQb9qkx5BKo+Nez0kMz5GuKR6c6btAevoNIKpApXVysBP6IhmbFvh0nzIMpAcWJrXrBdpTHv6W3X71+f+/3Lrv8Gj+ivLA==

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d3ee29fd8b50e02d83934e15ad705aed173d4dfeed878c04609fe0eee41a6df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:10 GMT
x-rq: lhr4 0 4 9980
last-modified: Mon, 24 Jan 2022 22:43:36 GMT
server: nginx
age: 33608
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 14940

GET
H2 200 bootstrap-icons.min.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ 56 KB
9 KB 96ms
44ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

123830b3c1bb951b81bee61657d5ff2d7061c67316a4210df730462d093b0a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7873842
x-jsd-version: 1.5.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19125-FRA, cache-lcy19270-LCY
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"e199-MKfLdwDci4zij+cy307LMP/uJk4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6d312defef6c7541-LHR

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 182ms
65ms Stylesheet
text/css 2a00:1450:400f:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i&ver=5.8.3

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

56945676d89eae955fcd196d4f7f44d33f68ce25d2b4fae9e16f9f5405d0eebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.presstelegram.com/
Origin: https://www.presstelegram.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 11:32:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 25 Jan 2022 11:32:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jan 2022 11:32:10 GMT

GET
H2 200 /
www.presstelegram.com/_static/ 87 KB
17 KB 27ms
24ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/_static/??-eJyNjUsOwjAMRC+E4wba7hBniRJTBfKxsKOqtyeRQGLJbmak9wZ3Bl+LUlHk1LZYBMM9gwuQaxAUdRo9eunRv4iKybGYXk/4Q+YGX/hBys4/wU5mwa5oiQT3GDZSQa0MXEWH90j0t2fcf4bB3PLVrvNlWuezXd5iMkW9

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3f01826f4042850331538b33a462edeec90ba251ed95452a3463f225887e6627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:10 GMT
x-rq: lhr4 0 4 9980
last-modified: Mon, 24 Jan 2022 22:43:35 GMT
server: nginx
age: 18591
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 17250

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 117ms
39ms Script
application/javascript 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:31:31 GMT
content-encoding: gzip
age: 38
x-cache: Hit from cloudfront
timing-allow-origin: *
server: Server
x-amz-rid: 1R6KPADKJYSHC3F32V8T
etag: 8d3665a9b316600491247ca6d78c204c
vary: Accept-Encoding
x-amz-version-id: HFEsVPyG2xdk9_FYeN9qMCR4YggSwnaH
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: gLkd65oulk8WxzFfe248FanCEQ6kXdcgxzjhBBwwOpmAbvXbB7U_eQ==

GET
H2 200 zeus-adapter.js Show response
www.presstelegram.com/wp-content/plugins/dfm_zeus/assets/dist/ 17 KB
6 KB 28ms
26ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-content/plugins/dfm_zeus/assets/dist/zeus-adapter.js?m=1643064216g

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

84c9c9d4de88f5cf5e9ed1803bc3dc4a3a60be607d5b1d1c690151144e6a8a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:10 GMT
x-rq: lhr4 0 4 9980
last-modified: Mon, 24 Jan 2022 22:43:36 GMT
server: nginx
age: 33608
etag: W/"61ef2b98-43df"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 5667
expires: Wed, 25 Jan 2023 11:32:10 GMT

GET
H2 200 main.js Show response
mng-presstelegram.zeustechnology.com/ 212 KB
50 KB 142ms
39ms Script
application/javascript 13.224.193.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mng-presstelegram.zeustechnology.com/main.js
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-26.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4199aa201ece6731eaf107515489e42256e2f7c9b61e9e96d013a051a02f5c23

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: n1s1dZiQRtBV9S5JIeYUpUeb6Gy9ecuY
content-encoding: br
last-modified: Fri, 12 Nov 2021 18:33:08 GMT
server: AmazonS3
age: 336
etag: W/"ed8b7099b1b5fc5c4695593d8011f436"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 24c299c0a6423c6f96984a85fb014108.cloudfront.net (CloudFront)
cache-control: max-age=600,s-maxage=3600
date: Tue, 25 Jan 2022 11:27:35 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: ndEjfXcNtS_3Sn4u6Wl5RHR2_PN0uUkdbz5J0-HtEbTt33saz_7dkg==

GET
H2 200 / Show response
www.presstelegram.com/_static/ 7 KB
2 KB 28ms
26ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/_static/??/wp-content/plugins/dfm_zeus/assets/dist/dfm-zeus-bundle.js,/wp-content/client-mu-plugins/src/SSO/assets/js/sso-tools.min.js?m=1643064216j

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

da640ae45fbcf4fb2cb9a590a3e223ef7e61be3ce5b77eb54552f6e1d8a4d1fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:10 GMT
x-rq: lhr4 0 4 9980
last-modified: Mon, 24 Jan 2022 22:43:36 GMT
server: nginx
age: 33608
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 2355

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 175ms
55ms Script
text/javascript 2a00:1450:400f:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 14:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sun, 22 Jan 2023 14:42:33 GMT

GET
H2 200 loader.min.js Show response
www.presstelegram.com/wp-content/plugins/loader-wp/static/ 16 KB
5 KB 31ms
29ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:10 GMT
x-rq: lhr4 0 4 9980
last-modified: Fri, 21 Jan 2022 17:50:18 GMT
server: nginx
age: 277756
etag: W/"61eaf25a-3e4a"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 5454
expires: Wed, 25 Jan 2023 11:32:10 GMT

GET
H2 200 auth0-spa-js.production.js Show response
cdn.auth0.com/js/auth0-spa-js/1.13/ 105 KB
38 KB 174ms
41ms Script
application/javascript 13.225.82.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.auth0.com/js/auth0-spa-js/1.13/auth0-spa-js.production.js?ver=5.8.3
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.82.234 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-82-234.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01d6389de5581a2a3eb0cd4d6a05cb136bf07d221306f89173a080c73a38e392

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 6AzkYKZDwDnSxmQe5SqIWFlWTPBMtbyI
content-encoding: gzip
last-modified: Thu, 07 Jan 2021 14:32:49 GMT
server: AmazonS3
age: 3735
etag: W/"8bea9e0d733d097381a1b5eb8c40983d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
cache-control: max-age=10800,public
date: Tue, 25 Jan 2022 10:29:56 GMT
x-amz-replication-status: FAILED
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Bqi18uIXFsmmMbl-SwIBmV1qMRHogZeYdeyCnO5uELocRmdnldozsA==

GET
H2 200 / Show response
www.presstelegram.com/_static/ 140 KB
39 KB 32ms
31ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/_static/??-eJytzDEOgCAMBdALKdVgdDKuXgORYA1UIyV6fGFycdPp//ymD8691BuxIYbdRYsUwJMtVeQlbagV40YQOKV+uQivkMQUaXZGrKGAr156JnPxn2Su7IxPGf50I44qY8eDDr6v20ZWXS1lu95iCYVC

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1db4c1c628c6983e50f21969f7549d9f1334d8f9e52d6e898782b7118a943542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:10 GMT
x-rq: lhr4 0 4 9980
last-modified: Tue, 25 Jan 2022 00:42:16 GMT
server: nginx
age: 33608
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 40119

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 298 KB
55 KB 225ms
88ms Script
application/javascript 108.139.210.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=eVG4zdTtv5ogBcGVQlE2BFCc8f4Hc1wJFW3k&ver=5.8.3
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.210.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a2f5115d2bcda504a7df7d638fc1868668132c6831586822398a0929295dc14

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:10 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 02:10:15 GMT
server: AmazonS3
age: 360
etag: W/"721da0ecdadb20f2539171f9e88c8b5b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9af5633a7d0b344f6d17613b5a29983a.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FCO50-P3
x-amz-cf-id: nobk8x7_2_fAv8ytbtxGZ5XI4B84yqA9XGgiteA2AOGkJtEQtR0GRw==

GET
H2 200 dfm-pushly.min.js Show response
www.presstelegram.com/wp-content/plugins/dfm-pushly/static/js/ 160 B
207 B 46ms
45ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-content/plugins/dfm-pushly/static/js/dfm-pushly.min.js?m=1643064216g

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:10 GMT
x-rq: lhr4 0 4 9980
last-modified: Mon, 24 Jan 2022 22:43:36 GMT
server: nginx
age: 33608
etag: "61ef2b98-a0"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 160
expires: Wed, 25 Jan 2023 11:32:10 GMT

GET
H2 200 script.js Show response
m869.presstelegram.com/ 144 KB
43 KB 132ms
40ms Script
text/javascript 18.66.139.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/script.js

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-96.fra60.r.cloudfront.net

Software

- /

Resource Hash

19a7e389d3afbfdbf14c9165c8b5d7dd974137a7ff7e448048c4ff9e614d3941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:23:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 518
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 43648
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Jan 2022 09:33:19 GMT
server: -
etag: 26e84ff681db59e0e986933f35a5cad9
content-type: text/javascript; charset=utf-8
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=600
x-amz-cf-pop: FRA60-P4
x-robots-tag: noindex, nofollow
x-amz-cf-id: wBYcgVLaS1oYu2gfZ6dau-ALf27_WlupHN6vHG4u0Bz-XaOoS3ObfQ==
expires: Tue, 25 Jan 2022 11:33:32 GMT

GET
H2 200 osano.js Show response
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/ 414 KB
99 KB 668ms
287ms Script
application/javascript 2600:9000:209c:600:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:209c:600:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

406a07ea3e9467e981a1ace354903d4bfc6bf6bdd5ba85c89f8e46c37d970d54

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:03:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1716
x-cache: Hit from cloudfront
content-length: 100720
x-xss-protection: mode=block
last-modified: Thu, 13 Jan 2022 01:15:53 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: "6094c530bbd37bd362bd4971fe7f100f"
strict-transport-security: max-age=2592000
content-type: application/javascript; charset=utf-8
via: 1.1 df0a4ea7de0fa05190904df4271e5d1e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: SLC50-C1
x-amz-cf-id: R3ffMBmoq_rZHkmkD7glwf-_swW9tl6HMzU6WeEv-oWA62wpjylqxA==

GET
H2 200 / Show response
www.presstelegram.com/_static/ 2 KB
956 B 46ms
46ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/_static/??-eJyNyzsOgCAMANALWSuKbMazEEAp8jOFeH1nN9/+8KlgSm4uN6yxn5QZ7ZFAW0jFMnLTjQwGRu85gvHOXGOiPAYe8Pe1xHfnz97TJpRcJiVnsYYXRXQwSg==

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d238270de539f85c1df5d20bbd5d6b8d729c433a64315629f87dbabce0bbafd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:10 GMT
x-rq: lhr4 0 4 9980
last-modified: Mon, 24 Jan 2022 22:43:35 GMT
server: nginx
age: 33608
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 921

GET
H2 200 long_beach_press-telegram_black-392x40.svg
www.presstelegram.com/wp-content/uploads/2017/09/ 9 KB
3 KB 23ms
23ms Image
image/svg+xml 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.presstelegram.com/wp-content/uploads/2017/09/long_beach_press-telegram_black-392x40.svg

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

34554cca1d68d1c952b6d12bc418b6a8cb251850675186c1d408fb63ae201110

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:11 GMT
content-encoding: gzip
x-rq: lhr4 109 30 443
last-modified: Fri, 22 Sep 2017 17:24:53 GMT
server: nginx
etag: W/"0214146f1bfe8417"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;includeSubdomains
expires: Sat, 09 Jul 2022 03:36:59 GMT

GET
H2 200 coronacharts_banner.png
i1.wp.com/ocregister.com/wp-content/uploads/2021/10/ 45 KB
45 KB 75ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/ocregister.com/wp-content/uploads/2021/10/coronacharts_banner.png?width=700

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

725a5183b72f7625301b946259d83e50aed2bdcb6294b877a857321abf0cf656

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT lhr 3
date: Tue, 25 Jan 2022 11:32:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 08 Oct 2021 18:24:50 GMT
server: nginx
etag: "0e02b510d1e0863b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://ocregister.com/wp-content/uploads/2021/10/coronacharts_banner.png>; rel="canonical"
content-length: 46190
expires: Mon, 09 Oct 2023 06:24:50 GMT

GET
H2 200 measuredvibrant.css
www.presstelegram.com/wp-content/themes/assets/static/css/ 392 KB
58 KB 28ms
26ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-content/themes/assets/static/css/measuredvibrant.css?ver=1643071336

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

72720e014799a24d380ed220362405a56e0af4f575eaec92fba27809b0644a7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:11 GMT
x-rq: lhr4 0 4 9980
last-modified: Tue, 25 Jan 2022 00:48:48 GMT
server: nginx
age: 33608
etag: W/"61ef48f0-61ed8"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 59163
expires: Wed, 25 Jan 2023 11:32:11 GMT

GET
H2 200 main.js
mng-presstelegram.zeustechnology.com/ 0
50 KB 69ms
66ms Other
application/javascript 13.224.193.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mng-presstelegram.zeustechnology.com/main.js
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-26.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: n1s1dZiQRtBV9S5JIeYUpUeb6Gy9ecuY
content-encoding: br
last-modified: Fri, 12 Nov 2021 18:33:08 GMT
server: AmazonS3
age: 336
etag: W/"ed8b7099b1b5fc5c4695593d8011f436"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 24c299c0a6423c6f96984a85fb014108.cloudfront.net (CloudFront)
cache-control: max-age=600,s-maxage=3600
date: Tue, 25 Jan 2022 11:27:35 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 86fHckLLvM4ycS_F9WAM__vpdwXkYg-wKpwDYK7JXERAfoi5sRNmoA==

GET
H2 200 apstag.js
c.amazon-adsystem.com/aax2/ 0
36 KB 39ms
38ms Other
application/javascript 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:31:31 GMT
content-encoding: gzip
age: 39
x-cache: Hit from cloudfront
timing-allow-origin: *
server: Server
x-amz-rid: 1R6KPADKJYSHC3F32V8T
etag: 8d3665a9b316600491247ca6d78c204c
vary: Accept-Encoding
x-amz-version-id: HFEsVPyG2xdk9_FYeN9qMCR4YggSwnaH
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: Zm_dcg-8gVDbJbh2qBTkrOxcIXrniI74dq8bwK49Dza3EdQfRLwtSw==

GET
H2 200 wp-emoji-release.min.js Show response
www.presstelegram.com/wp-includes/js/ 18 KB
5 KB 23ms
23ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:11 GMT
x-rq: lhr4 0 4 9980
last-modified: Thu, 06 Jan 2022 19:18:04 GMT
server: nginx
age: 283525
etag: W/"61d7406c-4705"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 4926
expires: Wed, 25 Jan 2023 11:32:11 GMT

GET
H2 200 lbpt_viewEedition.png
www.presstelegram.com/wp-content/uploads/2020/04/ 280 KB
281 KB 25ms
24ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.presstelegram.com/wp-content/uploads/2020/04/lbpt_viewEedition.png

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

187b1d68391ba32b082de00f7d0d4b83fbd061a6f90b6ef920f6977db0d9cfa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:11 GMT
x-rq: lhr4 109 84 443
last-modified: Wed, 22 Apr 2020 23:22:40 GMT
server: nginx
etag: "8bdce7149539a15c"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 286959
expires: Sun, 18 Sep 2022 00:44:16 GMT

GET
H2 200 socal-logo-sm.png
www.presstelegram.com/wp-content/themes/wp-mason/static/images/site-logo/ 8 KB
8 KB 23ms
23ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.presstelegram.com/wp-content/themes/wp-mason/static/images/site-logo/socal-logo-sm.png

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

881179ed8d76a220dc210c45af07c46373896683c0d394f1595cd7213cb4d7ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:11 GMT
x-rq: lhr4 0 4 9980
last-modified: Fri, 21 Jan 2022 17:50:19 GMT
server: nginx
age: 289862
etag: W/"61eaf25b-1fcf"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 7863
expires: Wed, 25 Jan 2023 11:32:11 GMT

GET
H2 200 dfm-logo-sm.png
www.presstelegram.com/wp-content/themes/wp-mason/static/images/site-logo/ 13 KB
13 KB 27ms
23ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.presstelegram.com/wp-content/themes/wp-mason/static/images/site-logo/dfm-logo-sm.png

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3214c1d02f0794737b58d56814b31c639c67f85c6eb6816c39804cf5d4041dea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:11 GMT
x-rq: lhr4 0 4 9980
last-modified: Fri, 21 Jan 2022 17:50:19 GMT
server: nginx
age: 289862
etag: W/"61eaf25b-3443"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 12825
expires: Wed, 25 Jan 2023 11:32:11 GMT

GET
H2 200 / Show response
www.presstelegram.com/_static/ 19 KB
8 KB 23ms
23ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/_static/??-eJx9zt0OwiAMhuEbktXpwpnxUpYJTEugxRVm5Ordlnjkz+mbPvkKj6QMU3aUIYVyRRKwY+yrKwKDiMsCMhnwW1ZrVpGtNBGp8bKDbx7lvuhULgE3aTjG5aA3XCj/UunGmWnEEGB2ZHmChCaXya3p39wnDEN9Clb3/vIcT63ujnvdHVrtX08iW5M=

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d69ee89e4ab6168fa82d3820e7e1d97ddb843056489c4553298ec20853f81161

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:11 GMT
x-rq: lhr4 0 4 9980
last-modified: Mon, 24 Jan 2022 22:43:36 GMT
server: nginx
age: 20999
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 8362

GET
H2 200 ads.js Show response
www.presstelegram.com/wp-content/themes/wp-mason/static/js/ 87 B
186 B 26ms
26ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-content/themes/wp-mason/static/js/ads.js?ver=1.0

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:11 GMT
x-rq: lhr4 0 4 9980
last-modified: Fri, 21 Jan 2022 17:50:19 GMT
server: nginx
age: 283528
etag: "61eaf25b-57"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 87
expires: Wed, 25 Jan 2023 11:32:11 GMT

GET
H2 200 / Show response
www.presstelegram.com/_static/ 104 KB
29 KB 24ms
23ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/_static/??-eJydz8EOgjAQBNAfslTQiBfjt5R2gWJ3l7ALxr+XqAdMjBGvM3nJjL32xjMpkFptAUGsEwEVK+o0etuJ9YzIlPl2pEuGkbJONvYH13O61TElWYMQnIwDhClWgyP9QucEnTAtcOKGTcTGONXhE+3T2EQSG2o0LhjkIG98zp6L1mMpaIoB+A/Zs86rlzCST2OYT3aPn4AVhFd/xlN+2O+2ZV4Wx+4ODRSlsw==

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bf5bfe4ceaf713b09eed8a345158abbf67f33c179aca5d02db390055e02efb2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:11 GMT
x-rq: lhr4 0 4 9980
last-modified: Tue, 25 Jan 2022 00:48:48 GMT
server: nginx
age: 20998
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 29673

GET
H2 200 p.js Show response
cdn.parsely.com/keys/presstelegram.com/ 56 KB
21 KB 131ms
48ms Script
application/javascript 13.225.85.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/presstelegram.com/p.js?ver=2.6.1
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.85.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-85-39.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: beb0bcec663d154040a628980a09cdc4c4180b1e4ec0c105617938d568bee2e5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Tue, 25 Jan 2022 06:34:59 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 15:22:33 GMT
server: nginx
age: 17832
etag: W/"61b21f39-df46"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: nRc3s4EUhgHbDSAELHU76nunqCwTSg7QXTf60m-wv2IiIZnx0rl23w==
expires: Wed, 26 Jan 2022 06:34:59 GMT

GET
H2 200 e-202204.js Show response
stats.wp.com/ 9 KB
3 KB 97ms
23ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202204.js
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT lhr
date: Tue, 25 Jan 2022 11:32:11 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 16 Jan 2023 00:01:06 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 102ms
35ms XHR
application/javascript 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-173.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 16190
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 21 Jan 2022 02:54:57 GMT
server: AmazonS3
date: Tue, 25 Jan 2022 07:02:22 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: YCpRPkvJFyYxRTpzFS3poEZWpoXLkuF78CBtxlQsJjejHNKTt9vtUQ==

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 118ms
23ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8D4C) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 11:32:11 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1375
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (lha/8D4C)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2637f276-801e-005b-17db-11d14e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Tue, 25 Jan 2022 12:02:11 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
580 B 471ms
155ms Script
text/javascript 2a04:4e42:e00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:e00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b4c9b940ff725bf2c2c73932c44d43b5ca6aa4302cd2e0ee6648d80ffa52c3ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 63834
detected-user-agent: Chrome/97.0.4692
server-timing: MISS-CLUSTER, fastly;desc="Edge time";dur=13, HIT, fastly;desc="Edge time";dur=1
content-length: 94
referrer-policy: origin-when-cross-origin
last-modified: Mon, 24 Jan 2022 14:41:43 GMT
date: Tue, 25 Jan 2022 11:32:12 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/97.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cs Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/ 16 B
704 B 299ms
98ms Script
text/javascript 34.193.237.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/cs?&callback=bc_json167

Requested by

Host: m869.presstelegram.com
URL: https://m869.presstelegram.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.237.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-237-162.compute-1.amazonaws.com

Software

- /

Resource Hash

3a11e2a0fde819688998cc6849391ab464936cca055dfc7dda88eab410cb27b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 11:32:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pushly-sdk.min.css
cdn.p-n.io/ 27 KB
2 KB 58ms
58ms Stylesheet
text/css 108.139.210.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.css?domain_key=eVG4zdTtv5ogBcGVQlE2BFCc8f4Hc1wJFW3k
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=eVG4zdTtv5ogBcGVQlE2BFCc8f4Hc1wJFW3k&ver=5.8.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.210.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7471e3df1ba49ecc8acc2dc6d8c4c3619f1a8e094050bdb2432c1cb2548468d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 01:48:53 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 17:40:25 GMT
server: AmazonS3
age: 34999
etag: W/"f3cd76bbdf477b890d940ce319bd1d16"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 9af5633a7d0b344f6d17613b5a29983a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FCO50-P3
x-amz-cf-id: mDu3Re3WajlhU65ddu_P7iNByJOZ2RLSKcUkjKOTrU5-bsIHdnGbKg==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 125 KB
40 KB 106ms
32ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: mng-presstelegram.zeustechnology.com
URL: https://mng-presstelegram.zeustechnology.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

1eadc253aa14701ab7ee3d2126ffd9ee8edd6cfb9f3c98284511c392740bcc57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:11 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 04:27:58 GMT
server: nginx
etag: W/"61ee2ace-1f234"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jan 2022 11:32:11 GMT

GET
H/1.1 200
OK 185707-19209563922117.js Show response
js-sec.indexww.com/ht/p/ 40 KB
14 KB 668ms
530ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/185707-19209563922117.js
Requested by: Host: mng-presstelegram.zeustechnology.com
URL: https://mng-presstelegram.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5f73db920d574a8ba16efc308a57e03f838227d4935e9892ec4d7403cf663517

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 11:32:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jan 2022 11:31:43 GMT
Server: Apache
ETag: "da3288-9fd7-5d6666df1bf63"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 13656
Expires: Tue, 25 Jan 2022 12:32:12 GMT

GET
H2 200 userSync.js Show response
ads.pubmatic.com/AdServer/js/ 7 KB
3 KB 114ms
35ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by: Host: mng-presstelegram.zeustechnology.com
URL: https://mng-presstelegram.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:11 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:14 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300709-1af3-5c4c7cca9e573"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=99543
accept-ranges: bytes
content-type: text/javascript
content-length: 2267
expires: Wed, 26 Jan 2022 15:11:14 GMT

GET
H2 200 sync.js Show response
ib.3lift.com/ 275 B
574 B 145ms
36ms Script
application/javascript 18.66.97.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/sync.js
Requested by: Host: mng-presstelegram.zeustechnology.com
URL: https://mng-presstelegram.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-105.fra56.r.cloudfront.net
Software: /
Resource Hash: c815be0139a92202ff8f262cc335f6ae103594bb1d92c1c479ed604adf384a16

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:28:31 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jan 2022 11:28:31 GMT
age: 220
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P2
content-length: 275
x-amz-cf-id: xgfvCLNk-RvMVs_NDLD36G4OYIi_PTGm4q68tQkqNozkEOIyPvKc4A==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 129ms
47ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: mng-presstelegram.zeustechnology.com
URL: https://mng-presstelegram.zeustechnology.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

13289607feb3670d05935c7fefe8bc4826524c14c90310cb46297aca57243cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27023
x-xss-protection: 0
server: sffe
etag: "1112 / 15 of 1000 / last-modified: 1643103566"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 25 Jan 2022 11:32:11 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 755 B
1 KB 126ms
126ms XHR
application/json 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3391&u=https%3A%2F%2Fwww.presstelegram.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 9455c17f04895c082b78aad0133bb5222671817dfcd4b8bfb1211746f5e5cae2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:11 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.presstelegram.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 755
x-amz-cf-id: 5oVciJ4DihVzBXXYCWoApvN6u_SzOaQsAL6xJprzY6gIrmzU9_p0GA==

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
38 KB 157ms
45ms Script
application/x-javascript 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
content-encoding: gzip
etag: W/"d7dfa2940a5d5ce3beedd8774c961dd7"
age: 4073
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 8c7650e47b7f894f6ae5a1fc4919cee6
last-modified: Thu, 16 Dec 2021 12:45:56 GMT
server: AmazonS3
date: Tue, 25 Jan 2022 10:24:19 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: FRA56-P3
content-type: application/x-javascript
x-amz-cf-id: eiV5Xh06GHqIaRh3YgqtqcnMBK-2dzkMurFn4S1gjTLUtRHXlu17sg==

GET
H2 200 cs Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/ 16 B
696 B 202ms
99ms Script
text/javascript 34.193.237.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/cs?&callback=bc_json168

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.237.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-237-162.compute-1.amazonaws.com

Software

- /

Resource Hash

3055d17805780baef555cf000cde314b433bfbb7419d44ee28d6ec7df024ffc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 11:32:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 121ms
40ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i&ver=5.8.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.presstelegram.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 04:27:49 GMT
x-content-type-options: nosniff
age: 371062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 21 Jan 2023 04:27:49 GMT

GET
H3 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/ 88 KB
89 KB 66ms
36ms Font
font/woff2 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0
Origin: https://www.presstelegram.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7873854
x-jsd-version: 1.5.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 90528
x-served-by: cache-fra19182-FRA, cache-lcy19252-LCY
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"161a0-RkmHeGigBozlCxBdDSojXoAQyY8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 6d312df668fc8879-LHR

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141

Request headers

Referer
Origin: https://www.presstelegram.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: font/truetype

GET
BLOB 200
OK e389b32b-1dbc-4ece-8f42-2ff91d22c355
https://www.presstelegram.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.presstelegram.com/e389b32b-1dbc-4ece-8f42-2ff91d22c355
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v20/ 35 KB
35 KB 99ms
89ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v20/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i&ver=5.8.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef7da2ea9165f4486462c7f1dccddb7485e6a1922d220a1c393a8fa7214829fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.presstelegram.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 18:05:25 GMT
x-content-type-options: nosniff
age: 494806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35440
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:00:32 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 19 Jan 2023 18:05:25 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 87ms
77ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i&ver=5.8.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.presstelegram.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 21:26:28 GMT
x-content-type-options: nosniff
age: 50743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 24 Jan 2023 21:26:28 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 373 KB
88 KB 225ms
107ms Script
application/javascript 2a00:1450:400f:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:802::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ec20f4da4de9c69d644d1152276cc850974efb35795a8a0a5c8a2b591d65ddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89359
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Jan 2022 11:32:12 GMT

GET
H2 200 common.chunk.min.js Show response
www.presstelegram.com/wp-content/themes/assets/static/js/ 42 KB
10 KB 25ms
25ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-content/themes/assets/static/js/common.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cbccc935557398179deeef044a5ab2353e97ca4961f313793c8ba03964c43e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:12 GMT
x-rq: lhr4 0 4 9980
last-modified: Fri, 21 Jan 2022 21:08:31 GMT
server: nginx
age: 277755
etag: W/"61eb20cf-a619"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 10458
expires: Wed, 25 Jan 2023 11:32:12 GMT

GET
H2 200 common-async.chunk.min.js Show response
www.presstelegram.com/wp-content/themes/assets/static/js/ 61 KB
9 KB 32ms
31ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-content/themes/assets/static/js/common-async.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

43514231ed020fa48a2bc5155c04c3af1cd4d519e0e1ac7faf600d63fd22653a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:12 GMT
x-rq: lhr4 0 4 9980
last-modified: Fri, 21 Jan 2022 21:08:31 GMT
server: nginx
age: 277755
etag: W/"61eb20cf-f2ec"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 9012
expires: Wed, 25 Jan 2023 11:32:12 GMT

GET
H2 200 measuredvibrant-async.chunk.min.js Show response
www.presstelegram.com/wp-content/themes/assets/static/js/ 3 KB
1 KB 31ms
30ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-content/themes/assets/static/js/measuredvibrant-async.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

35a16d4eadd0bba6d642c57bb265872111a5a0f45a34743760e58d787f174828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:12 GMT
x-rq: lhr4 0 4 9980
last-modified: Fri, 21 Jan 2022 21:08:31 GMT
server: nginx
age: 277755
etag: W/"61eb20cf-bf0"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 1301
expires: Wed, 25 Jan 2023 11:32:12 GMT

GET
H2 200 / Show response
cmp.osano.com/ Frame 25BB 4 KB
1 KB 167ms
167ms Document
text/html 2600:9000:209c:600:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.osano.com/
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:209c:600:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/

Response headers

content-type: text/html
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
server: AmazonS3
content-encoding: gzip
date: Tue, 25 Jan 2022 10:18:08 GMT
etag: W/"287b497c992487af362d33204f87d28f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 df0a4ea7de0fa05190904df4271e5d1e.cloudfront.net (CloudFront)
x-amz-cf-pop: SLC50-C1
x-amz-cf-id: pCiCHtHbErzh0ac1gEKh6h0eFaP28JoV4kG3ngQ9YbC4DB59uPS01g==
age: 4445

GET
H2 200 LPT-L-KITTY-HAWK-0125-JG03-3.jpg
www.presstelegram.com/wp-content/uploads/2022/01/ 23 KB
23 KB 28ms
27ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.presstelegram.com/wp-content/uploads/2022/01/LPT-L-KITTY-HAWK-0125-JG03-3.jpg?w=467

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f9c7145154268a1d869a0d90ba430da6bd376fddccee2602264aa6ab5942e23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:12 GMT
x-rq: lhr4 109 200 443
last-modified: Tue, 25 Jan 2022 06:35:20 GMT
server: nginx
etag: "0e64f98778dffb10"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 23412
expires: Wed, 25 Jan 2023 06:35:20 GMT

GET
H2 200 OCR-Z-CA-HOUSING-BILLS.jpg
www.presstelegram.com/wp-content/uploads/2022/01/ 35 KB
35 KB 28ms
27ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.presstelegram.com/wp-content/uploads/2022/01/OCR-Z-CA-HOUSING-BILLS.jpg?w=352

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a749ba0a2ea8ebf4d6ce6563ef06d0abe6660e040bfa6f0355bb371cec594f2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:12 GMT
x-rq: lhr4 109 144 443
last-modified: Mon, 24 Jan 2022 19:23:07 GMT
server: nginx
etag: "4c547a80466c9a3a"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 35988
expires: Tue, 24 Jan 2023 19:23:07 GMT

GET
H2 200 TDB-L-INGLEWOOD-0124_12-1.jpg
www.presstelegram.com/wp-content/uploads/2022/01/ 25 KB
25 KB 112ms
111ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.presstelegram.com/wp-content/uploads/2022/01/TDB-L-INGLEWOOD-0124_12-1.jpg?w=294

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

af4e8d7260951bf87b336e473cca2c2f4a9a25e9d9dea86b6e4e18e736b09755

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:12 GMT
x-rq: lhr4 109 86 443
last-modified: Tue, 25 Jan 2022 11:32:12 GMT
server: nginx
etag: "f6c1838f0b340792"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 25452
expires: Wed, 25 Jan 2023 11:32:12 GMT

GET
H2 200 LPT-L-REACH-TEAMS-0724-01.jpeg
www.presstelegram.com/wp-content/uploads/2022/01/ 11 KB
11 KB 28ms
27ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.presstelegram.com/wp-content/uploads/2022/01/LPT-L-REACH-TEAMS-0724-01.jpeg?w=283

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

75a2ddcf7010e6ad95ad6e7471f5602c1b2ef7fa8797f04be48966e3c8096fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:12 GMT
x-rq: lhr4 109 28 443
last-modified: Mon, 24 Jan 2022 19:23:07 GMT
server: nginx
etag: "1d6b7e45f3c189b5"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 10942
expires: Tue, 24 Jan 2023 19:23:07 GMT

GET
H2 200 LPT-L-HSBB-TOP10-012-16x9-1-1.jpg
www.presstelegram.com/wp-content/uploads/2022/01/ 22 KB
22 KB 100ms
100ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.presstelegram.com/wp-content/uploads/2022/01/LPT-L-HSBB-TOP10-012-16x9-1-1.jpg?w=380

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

764503455df7aed19f092aa14879eccf3f4d23a95aca0cb583821fdee295f769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:12 GMT
x-rq: lhr4 109 86 443
last-modified: Tue, 25 Jan 2022 11:32:12 GMT
server: nginx
etag: "37c97119cbe66fd6"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 22450
expires: Wed, 25 Jan 2023 11:32:12 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 32ms
28ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.5&blog=136073681&post=0&tz=-8&srv=www.presstelegram.com&host=www.presstelegram.com&ref=&fcp=2422&rand=0.09050837316001026
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Jan 2022 11:32:12 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H/1.1 200
OK count.js Show response
dfm-presstelegram.disqus.com/ 1 KB
2 KB 95ms
22ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dfm-presstelegram.disqus.com/count.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 11:32:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 255
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 21 Jan 2022 19:29:08 GMT
Server: nginx
ETag: "61eb0984-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW3-C1
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: hDFdmzgzPJrkkIb0lcFf1zVbx7jdLmZdf1PCZvqulh97XVgOFQqbuQ==

GET
H3 200 pubads_impl_2022011002.js Show response
securepubads.g.doubleclick.net/gpt/ 352 KB
118 KB 79ms
36ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121009
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 21:10:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Jan 2023 11:00:56 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 220 B
157 B 89ms
44ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.presstelegram.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

25cd47e7ea0da4aea12e4c75f78ede9e4da289775aa61a8afb9184b6efd5289b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 11:32:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132
x-xss-protection: 0
expires: Tue, 25 Jan 2022 11:32:12 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
592 B 274ms
88ms Fetch
application/json 13.225.63.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-115.ewr53.r.cloudfront.net
Software: /
Resource Hash: a81b295b51029aa9eac46af64442efd6b08f8492104a6ca3c9bae23a58920b07

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:49:45 GMT
via: 1.1 9fb7397504a65afc778db3eb0ee0bfa4.cloudfront.net (CloudFront), 1.1 988ebab315003cc8902437cbdd7de09e.cloudfront.net (CloudFront)
age: 85347
x-amzn-requestid: 8e0efa85-c0dd-48a0-9c34-8456544fa593
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-61ee9259-2de8034b76eb96953158779b;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: IAD79-C3, EWR53-C1
x-amz-apigw-id: McvN9FdqjoEF-gA=
content-length: 28
x-amz-cf-id: S28JjV7NQviYCa5BkICtUkGwwDC0cFp-C-SC37Y4f30e3LRn64lc9w==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5C52 14 KB
5 KB 35ms
34ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160200&s=&predirect=&userIdMacro=&gdpr_consent=CPTXr1bPTXr1bEXABAENBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=22569
expires: Tue, 25 Jan 2022 17:48:21 GMT
date: Tue, 25 Jan 2022 11:32:12 GMT
vary: Accept-Encoding

POST
H2 200 166 Show response
m869.presstelegram.com/DG/DEFAULT/rest/rpc/ 104 KB
16 KB 504ms
503ms XHR
application/json 18.66.139.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/DG/DEFAULT/rest/rpc/166?referer=https%3A%2F%2Fwww.presstelegram.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2022-01-25T11%3A32%3A12%2B00%3A00&ts=1643110332312

Requested by

Host: m869.presstelegram.com
URL: https://m869.presstelegram.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-96.fra60.r.cloudfront.net

Software

- /

Resource Hash

7c87ded267f6752d3d9e25aaa6199c7809719a46e63e9db27a7184205a1b1dd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jan 2022 11:32:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 15142
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.presstelegram.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: DLHDlH6E97GtirE9yTA4fANRTDGT3xHPpNl5cN3BChFWfYLsXV3LSw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 166 Show response
m869.presstelegram.com/DG/DEFAULT/rest/rpc/ 114 B
1012 B 403ms
402ms XHR
application/json 18.66.139.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/DG/DEFAULT/rest/rpc/166?referer=https%3A%2F%2Fwww.presstelegram.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2022-01-25T11%3A32%3A12%2B00%3A00&ts=1643110332313

Requested by

Host: m869.presstelegram.com
URL: https://m869.presstelegram.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-96.fra60.r.cloudfront.net

Software

- /

Resource Hash

605c854b7c1c4d15ff7275fc4508ea6020265b1a6a5548182432e04b93f1a391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jan 2022 11:32:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 125
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.presstelegram.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: Pec-Kx_wt_Vb3RGaWRB3BhtNZkoSRqMHE_ju9T5-i8N-8SeuuHzlpg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 loader-config.json Show response
loader-cdn.azureedge.net/prod/dfm/ 1011 B
842 B 133ms
23ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://loader-cdn.azureedge.net/prod/dfm/loader-config.json?_=1643110331056
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8DE9) /
Resource Hash: 96b34914f736b96f184920bea4cf3b30a7b76583c51bf1e9caf2add39705bffd

Request headers

Accept: */*
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 11:32:12 GMT
content-encoding: gzip
content-md5: i1fC4Ue5p2n4u48t1IbEIQ==
age: 7801
x-cache: HIT
content-length: 465
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 10:13:01 GMT
server: ECAcc (lha/8DE9)
etag: 0x8D905773626BB80
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 7445fd0a-b01e-00b3-37cd-11dcf8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 38 KB
15 KB 345ms
287ms XHR
application/json 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: mng-presstelegram.zeustechnology.com
URL: https://mng-presstelegram.zeustechnology.com/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

064182f2ec726493010ec2199b57a312f1f9766e6d7dbc461093eb2d328a6d31

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

Date: Tue, 25 Jan 2022 11:32:12 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 5.187.21.100; 5.187.21.100; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e74ef1aa-5997-4455-bee6-cbf2999df227
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.presstelegram.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 607 B
582 B 118ms
56ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=118&profileId=184&cb=34173216781

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bbbaad3dfb7bbfd9ddfc56494b937a0fb7ce8182a66282dbbf0894e703dee06b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 25 Jan 2022 11:32:12 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.presstelegram.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 307

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 58 B
355 B 229ms
121ms XHR
application/json 23.0.33.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?ac=j&s=212590&v=7.2&sd=1&r=%7B%22id%22%3A%22bdb22f9b-1d50-4667-8ce4-a568f033012a%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22bc68c2ce-a452-4333-8f24-96663a65714f%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A50%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22653034%22%2C%22gpid%22%3A%228013%2Fzeus_Sponsorship_1%22%7D%7D%2C%7B%22id%22%3A%2281a2b092-e525-4632-bca5-a6cc010fb2bf%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22653035%22%2C%22gpid%22%3A%228013%2Fzeus_top_leaderboard%22%7D%7D%2C%7B%22id%22%3A%22b26703aa-ae87-45d8-aaed-5c7678ada29b%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22653035%22%2C%22gpid%22%3A%228013%2Fzeus_top_leaderboard%22%7D%7D%2C%7B%22id%22%3A%22858df683-c8b6-428c-93cc-05a61cc3ec75%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22653035%22%2C%22gpid%22%3A%228013%2Fzeus_top_leaderboard%22%7D%7D%2C%7B%22id%22%3A%2228fb962e-5bd9-4dd0-8722-8258962be3a1%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22653036%22%2C%22gpid%22%3A%228013%2Fzeus_Cube1_RRail_ATF%22%7D%7D%2C%7B%22id%22%3A%22af41931d-b97b-4bdd-9b90-8c4bb31940a7%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22653036%22%2C%22gpid%22%3A%228013%2Fzeus_Cube1_RRail_ATF%22%7D%7D%2C%7B%22id%22%3A%2256425267-85aa-47a9-9900-09c8a5065bdc%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22653036%22%2C%22gpid%22%3A%228013%2Fzeus_Cube1_RRail_ATF%22%7D%7D%2C%7B%22id%22%3A%2214d8f3ee-a155-41d2-93c8-d7d76690940c%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22653036%22%2C%22gpid%22%3A%228013%2Fzeus_Cube1_RRail_ATF%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.presstelegram.com%2F%22%2C%22ref%22%3A%22%22%7D%7D
Requested by: Host: mng-presstelegram.zeustechnology.com
URL: https://mng-presstelegram.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-0-33-234.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 045b5f40059c43f82385117da235e57712640c57c23bdb8b5c0d4248fb62e353

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 11:32:12 GMT
x-ak-initial-geo: CC:[GB], RC:[EN], CN:[EU], CIP:[5.187.21.100], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.presstelegram.com
x-cs-client-geo: 27
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 58
x-ak-client-geo: 27
expires: Tue, 25 Jan 2022 11:32:12 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
120 B 492ms
155ms XHR
text/plain 204.237.133.116
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=zeus_client
Requested by: Host: mng-presstelegram.zeustechnology.com
URL: https://mng-presstelegram.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.237.133.116 Philadelphia, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.presstelegram.com
date: Tue, 25 Jan 2022 11:32:12 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 472 B
3 KB 292ms
166ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15594&site_id=368520&tk_flint=custom&slots=3&size_id=44%3B2%3B15&alt_size_ids=%3B55%2C57%3B9%2C10%2C54&zone_id=2008056%3B2008048%3B2008070&rp_floor=0.01&us_privacy=1---
Requested by: Host: mng-presstelegram.zeustechnology.com
URL: https://mng-presstelegram.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 4878ac49d80bcfbd2664ab64cc977f81898c27920d6c183be0ddae26fc7df5a6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 11:32:12 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.presstelegram.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 472
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
268 B 321ms
241ms XHR
application/json 35.156.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=zeus&v=1&referrer=www.presstelegram.com&debug=false&us_privacy=1---

Requested by

Host: mng-presstelegram.zeustechnology.com
URL: https://mng-presstelegram.zeustechnology.com/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.29.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-29-201.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 11:32:12 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.presstelegram.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
534 B 66ms
66ms XHR
text/javascript 65.9.71.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3391&u=https%3A%2F%2Fwww.presstelegram.com%2F&pid=y1BOV0hdhWXko&cb=0&ws=1600x1200&v=7.72.0&t=1000&slots=%5B%7B%22sd%22%3A%22zeus_Sponsorship_1%22%2C%22s%22%3A%5B%22300x50%22%5D%2C%22sn%22%3A%22%2F8013%2Fpresstelegram.com%2Fhome%2FSponsorship_1%22%7D%2C%7B%22sd%22%3A%22zeus_interstitial%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F8013%2Fpresstelegram.com%2Fhome%2Finterstitial%22%7D%2C%7B%22sd%22%3A%22zeus_top_leaderboard%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F8013%2Fpresstelegram.com%2Fhome%2Ftop_leaderboard%22%7D%2C%7B%22sd%22%3A%22zeus_Cube1_RRail_ATF%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F8013%2Fpresstelegram.com%2Fhome%2FCube1_RRail_ATF%22%7D%5D&gdpre=1&gdprc=CPTXr1cPTXr1cEXABAENBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-173.fra56.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:12 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: A7NN6S0WVW0GGAVS28F9
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.presstelegram.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: ZfGufGlEWvr0u3IikB6Ajaypg75CvrWrJcJsCzJ2Js2Caa8vNstW9Q==

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5C52 0
42 B 489ms
160ms Script
text/plain 104.36.113.23
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65617269&p=160200&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CPTXr1bPTXr1bEXABAENBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160200&s=&predirect=&userIdMacro=&gdpr_consent=CPTXr1bPTXr1bEXABAENBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:12 GMT
content-length: 0

GET
H2 200 a-05ge.min.js Show response
b-code.liadm.com/ 26 KB
10 KB 124ms
36ms Script
application/javascript 2600:9000:225e:f600:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-05ge.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f600:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ZIO-Http /
Resource Hash: 283b01acc1a90635ef278f5328fcb6e0c0855ae6013d04d553966bca733da285

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 22:44:18 GMT
via: 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
server: ZIO-Http
age: 46074
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P4
content-encoding: gzip
x-amz-cf-id: JqZ0qBG0245NvDZWXTeWI0sTc5Sd2ZVTvq4oxBDD5-zRxgvMcNfzxg==

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1643110332435&ns_c=UTF-8&c8=Long%20Beach%20Press-Telegram%3A%20Local%20News%2C%20Sports%2C%20Things%20to%20Do&c7=https%3A%2F%2Fwww.presstele...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1643110332435&ns_c=UTF-8&c8=Long%20Beach%20Press-Telegram%3A%20Local%20News%2C%20Sports%2C%20Things%20to%20Do&c7=https%3A%2F%2Fwww.presstel...

0
223 B

40ms
40ms

Image
text/plain

13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1643110332435&ns_c=UTF-8&c8=Long%20Beach%20Press-Telegram%3A%20Local%20News%2C%20Sports%2C%20Things%20to%20Do&c7=https%3A%2F%2Fwww.presstelegram.com%2F&c9=
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/
Protocol: H2
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:12 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: Isd_lNe0Sa--JpNvzbzsnUcaIwdrfT0WPj950IRZdeY0TJeKQgp6pg==
x-cache: Miss from cloudfront

Redirect headers

date: Tue, 25 Jan 2022 11:32:12 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1643110332435&ns_c=UTF-8&c8=Long%20Beach%20Press-Telegram%3A%20Local%20News%2C%20Sports%2C%20Things%20to%20Do&c7=https%3A%2F%2Fwww.presstelegram.com%2F&c9=
content-length: 235
x-amz-cf-id: yLCQ3WcNBjM47FhMaWFK0Uyfakkwu6N_w5e_KQwKD0PaPcnt9y0C8A==

GET
BLOB 200
OK 52868e71-f7e6-48a9-b5d5-b57e3ad7978c
https://www.presstelegram.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.presstelegram.com/52868e71-f7e6-48a9-b5d5-b57e3ad7978c
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 198ms
79ms Script
text/javascript 2a00:1450:400f:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3056
date: Tue, 25 Jan 2022 10:41:16 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 25 Jan 2022 12:41:16 GMT

GET
H2 200 fp.min.js Show response
fp-cdn.azureedge.net/prod/dfm/ 59 KB
20 KB 123ms
26ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fp-cdn.azureedge.net/prod/dfm/fp.min.js?
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8D3B) /
Resource Hash: 9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 11:32:12 GMT
content-encoding: gzip
content-md5: I+TRQO5bVyRNfhz04pv14Q==
age: 16730
x-cache: HIT
content-length: 19745
x-ms-lease-status: unlocked
last-modified: Thu, 24 Dec 2020 08:54:59 GMT
server: ECAcc (lha/8D3B)
etag: 0x8D8A7E997F32F60
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 722a522f-a01e-0102-27b8-1162d0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 g2i.min.js Show response
g2insights-cdn.azureedge.net/prod/dfm/ 1 MB
217 KB 129ms
26ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://g2insights-cdn.azureedge.net/prod/dfm/g2i.min.js?
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8D97) /
Resource Hash: a7193b4a580e14658a91dd634cc0ef32ebccae115e311886a993b5e07ca5102d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 11:32:12 GMT
content-encoding: gzip
content-md5: MEV0XK+iSrlNTVyliS0EpQ==
age: 39571
x-cache: HIT
content-length: 221901
x-ms-lease-status: unlocked
last-modified: Tue, 29 Dec 2020 13:55:30 GMT
server: ECAcc (lha/8D97)
etag: 0x8D8AC0167971F78
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 46352f10-f01e-00d9-0a83-118053000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 t8y9347t.min.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 559 KB
118 KB 165ms
39ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8D36) /
Resource Hash: ea5d2befb0a4e0ce54a1e5014b440dcbec8a981df5921805bef7c080647dab6d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 11:32:12 GMT
content-encoding: gzip
content-md5: qVIPcM+g3AcDoTOKAhEK0A==
age: 9261
x-cache: HIT
content-length: 119973
x-ms-lease-status: unlocked
last-modified: Wed, 11 Aug 2021 20:38:31 GMT
server: ECAcc (lha/8D36)
etag: 0x8D95D07FB91B69A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7430d584-901e-00af-35c9-1104ef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 pixels Show response
ssp-sync.criteo.com/user-sync/ 13 B
289 B 116ms
28ms XHR
application/json 178.250.2.83
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp-sync.criteo.com/user-sync/pixels?gdpr=CPTXr1aPTXr1aEXABAENBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdprapplies=true&ccpa=1---&countrycode=GB

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.83 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:11 GMT
content-encoding: br
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.presstelegram.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;

POST
H2 204 events
bidder.criteo.com/csm/ 0
222 B 29ms
29ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 25 Jan 2022 11:32:12 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.presstelegram.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2

200

restricted Show response
mid.rkdms.com/
Redirect Chain

https://mid.rkdms.com/idsv2?ptk=17c1789b-e660-493b-aa74-3c8fb990dc5f&pubid=MEDIANEWSGROUP
https://mid.rkdms.com/restricted

5 KB
2 KB

95ms
95ms

XHR
text/html

34.236.203.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mid.rkdms.com/restricted
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/
Protocol: H2
Server: 34.236.203.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-203-109.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 73a5c38561a9bef102be3b7b6278721916913075bce67f4600e6ca810d74b0c3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:13 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, HEAD, OPTIONS
content-language: en-GB
access-control-allow-origin: https://www.presstelegram.com
access-control-allow-credentials: true
content-type: text/html;charset=ISO-8859-1

Redirect headers

location: /restricted
date: Tue, 25 Jan 2022 11:32:12 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-origin: https://www.presstelegram.com
content-length: 0
access-control-allow-methods: GET, HEAD, OPTIONS

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
548 B 132ms
53ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185707
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-19209563922117.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 93d920df7b2cd78b99a9f7b58b5f66f95407408dfcc917de30d1ec190643b1a5

Request headers

Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 25 Jan 2022 11:32:12 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.presstelegram.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 24 Feb 2022 11:32:12 GMT

GET
H/1.1 204
No Content any Show response
idx.liadm.com/idex/ie/ 0
414 B 417ms
95ms XHR
text/plain 3.95.140.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/ie/any

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-19209563922117.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.95.140.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-95-140-237.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.presstelegram.com
Date: Tue, 25 Jan 2022 11:32:12 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
332 B 124ms
60ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-19209563922117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 25 Jan 2022 11:32:12 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.presstelegram.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
BLOB 200
OK 4e40d905-3c36-4184-96c7-aa91b2a81476
https://www.presstelegram.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.presstelegram.com/4e40d905-3c36-4184-96c7-aa91b2a81476
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ 6 KB
3 KB 65ms
65ms Script
application/javascript 2600:9000:225e:f600:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f600:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: CQKQeFXs_ero.dSxGj8yyrCkT6TzPcRS
content-encoding: gzip
etag: W/"ae5e94de938b0387eda6df8f20da811a"
last-modified: Wed, 02 Jun 2021 16:15:01 GMT
server: AmazonS3
age: 1671821
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
date: Thu, 06 Jan 2022 03:08:31 GMT
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: 9JI3azPgsUgRoWdjF1z8Z-3zT3joj50Fgsk8h1MqDEmWvc-g1d-esA==

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1643110332716&aid=a-05ge&se=e30&duid=3db4babb9fb0--01ft8g3y5g7pfbqksjmexxtj9f&tna=v2.3.0&pu=https%3A%2F%2Fwww.presstelegram.com%2F&us_privacy=1---&wpn=lc-bundle&gdpr=1...
https://rp4.liadm.com/j?dtstmp=1643110332716&aid=a-05ge&se=e30&duid=3db4babb9fb0--01ft8g3y5g7pfbqksjmexxtj9f&tna=v2.3.0&pu=https%3A%2F%2Fwww.presstelegram.com%2F&us_privacy=1---&wpn=lc-bundle&gdpr=...

50 B
605 B

340ms
97ms

XHR
application/json

54.146.217.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1643110332716&aid=a-05ge&se=e30&duid=3db4babb9fb0--01ft8g3y5g7pfbqksjmexxtj9f&tna=v2.3.0&pu=https%3A%2F%2Fwww.presstelegram.com%2F&us_privacy=1---&wpn=lc-bundle&gdpr=1&gdpr_consent=CPTXr1ePTXr1eEXABBENBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&c=PHRpdGxlPkxvbmcgQmVhY2ggUHJlc3MtVGVsZWdyYW06IExvY2FsIE5ld3MsIFNwb3J0cywgVGhpbmdzIHRvIERvPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVGhlIFByZXNzLVRlbGVncmFtIGlzIHRoZSBsb2NhbCBuZXdzIHNvdXJjZSBmb3IgTG9uZyBCZWFjaCBhbmQgdGhlIHN1cnJvdW5kaW5nIGFyZWEgcHJvdmlkaW5nIGJyZWFraW5nIG5ld3MsIHNwb3J0cywgYnVzaW5lc3MsIGVudGVydGFpbm1lbnQsIHRoaW5ncyB0byBkbywgb3BpbmlvbiwgcGhvdG9zLCB2aWRlb3MgYW5kIG1vcmUiPjx0aXRsZSBpZD0iYWVjYjY2N2ItNjc1MS00MzE0LWI1NjItNzk2OTY4MDVhYTBkIj48IS0tLS0-Q2xvc2UgdGhpcyBkaWFsb2c8IS0tLS0-PC90aXRsZT48dGl0bGUgaWQ9ImFlY2I2NjdiLTY3NTEtNDMxNC1iNTYyLTc5Njk2ODA1YWEwZCI-PCEtLS0tPkNsb3NlIENvb2tpZSBQcmVmZXJlbmNlczwhLS0tLT48L3RpdGxlPjxoMSBjbGFzcz0iY3VzdG9tLWxvZ28gbG9nbyI-PGEgaHJlZj0iaHR0cHM6Ly93d3cucHJlc3N0ZWxlZ3JhbS5jb20iIGFyaWEtbGFiZWw9IlByZXNzIFRlbGVncmFtIj48aW1nIHNyYz0iaHR0cHM6Ly93d3cucHJlc3N0ZWxlZ3JhbS5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMTcvMDkvbG9uZ19iZWFjaF9wcmVzcy10ZWxlZ3JhbV9ibGFjay0zOTJ4NDAuc3ZnIiBhbHQ9IlByZXNzIFRlbGVncmFtIiB3aWR0aD0iMzkzIiBoZWlnaHQ9IjQxIj48L2E-PC9oMT4&i6=MmEwMjo4Yzg6YzEwOjMwOjo2&n3pc=true

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Server

54.146.217.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-146-217-90.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

672d486d591ba926fb83e491481f0cf9fac5b31a80fe3177b89320f1df74e09c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:13 GMT
x-pixel-event-id: 34551052-c4dd-414d-9e23-ccf699180c12
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
request-time: 0
vary: Origin
content-length: 50
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: a9d42c09f8eeabcc

Redirect headers

date: Tue, 25 Jan 2022 11:32:12 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1643110332716&aid=a-05ge&se=e30&duid=3db4babb9fb0--01ft8g3y5g7pfbqksjmexxtj9f&tna=v2.3.0&pu=https%3A%2F%2Fwww.presstelegram.com%2F&us_privacy=1---&wpn=lc-bundle&gdpr=1&gdpr_consent=CPTXr1ePTXr1eEXABBENBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&c=PHRpdGxlPkxvbmcgQmVhY2ggUHJlc3MtVGVsZWdyYW06IExvY2FsIE5ld3MsIFNwb3J0cywgVGhpbmdzIHRvIERvPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVGhlIFByZXNzLVRlbGVncmFtIGlzIHRoZSBsb2NhbCBuZXdzIHNvdXJjZSBmb3IgTG9uZyBCZWFjaCBhbmQgdGhlIHN1cnJvdW5kaW5nIGFyZWEgcHJvdmlkaW5nIGJyZWFraW5nIG5ld3MsIHNwb3J0cywgYnVzaW5lc3MsIGVudGVydGFpbm1lbnQsIHRoaW5ncyB0byBkbywgb3BpbmlvbiwgcGhvdG9zLCB2aWRlb3MgYW5kIG1vcmUiPjx0aXRsZSBpZD0iYWVjYjY2N2ItNjc1MS00MzE0LWI1NjItNzk2OTY4MDVhYTBkIj48IS0tLS0-Q2xvc2UgdGhpcyBkaWFsb2c8IS0tLS0-PC90aXRsZT48dGl0bGUgaWQ9ImFlY2I2NjdiLTY3NTEtNDMxNC1iNTYyLTc5Njk2ODA1YWEwZCI-PCEtLS0tPkNsb3NlIENvb2tpZSBQcmVmZXJlbmNlczwhLS0tLT48L3RpdGxlPjxoMSBjbGFzcz0iY3VzdG9tLWxvZ28gbG9nbyI-PGEgaHJlZj0iaHR0cHM6Ly93d3cucHJlc3N0ZWxlZ3JhbS5jb20iIGFyaWEtbGFiZWw9IlByZXNzIFRlbGVncmFtIj48aW1nIHNyYz0iaHR0cHM6Ly93d3cucHJlc3N0ZWxlZ3JhbS5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMTcvMDkvbG9uZ19iZWFjaF9wcmVzcy10ZWxlZ3JhbV9ibGFjay0zOTJ4NDAuc3ZnIiBhbHQ9IlByZXNzIFRlbGVncmFtIiB3aWR0aD0iMzkzIiBoZWlnaHQ9IjQxIj48L2E-PC9oMT4&i6=MmEwMjo4Yzg6YzEwOjMwOjo2&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://www.presstelegram.com
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 35a4005a857509a2
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
BLOB 200
OK 51794abf-76e0-4097-a4c5-adca9c080bfd
https://www.presstelegram.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.presstelegram.com/51794abf-76e0-4097-a4c5-adca9c080bfd
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 t8y9347t.min.css
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 295 KB
28 KB 23ms
23ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.css?
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8D6A) /
Resource Hash: 70c4634f438568a86bb98789e25bd251a5b979f0e1f68c57956f5c038f53a914

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 11:32:12 GMT
content-encoding: gzip
content-md5: qePO0yKWifmYWvQdlK/DtQ==
age: 9224
x-cache: HIT
content-length: 28321
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:48 GMT
server: ECAcc (lha/8D6A)
etag: 0x8D9056E3D33EB71
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 8b395a2a-301e-00e6-76c9-11378f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

OPTIONS
H/1.1 200
OK SCNGPRODWP
prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/ Frame 0
0 646ms
129ms Preflight 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/SCNGPRODWP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Origin: https://www.presstelegram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2022 11:32:12 GMT
Content-Length: 0

GET
H/1.1 200
OK SCNGPRODWP Show response
prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/ 1 MB
307 KB 209ms
209ms Fetch
application/json 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/SCNGPRODWP
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: f4f1b1276fc1b071a253c7234e00dc858823a86ca6da576a78660ab56152eb10

Request headers

source-system: Plugin
site-code: DFM
autoqa: false
Accept-Language: en-GB,en;q=0.9
settingskey: LANG,LBPT
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2NDMxMjQ3MzN9.qDslnfWtv7Xw0P79Qks8JiRNhxEpFwIE6PonHq3PZs4
environment: prod
config-code: SCNGPRODWP
access-control-allow-origin: *
ssid: df98e83ff4f5e931c0bb5740c3ca0eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
accept: application/json
content-type: application/json
location: undefined
attr: LBPT
Referer: https://www.presstelegram.com/
version: Version: 2.5.4.3_swg

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 11:32:12 GMT
Content-Encoding: gzip
Expires: -1
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Server-Time,Request-Context
Cache-Control: no-cache
Content-Length: 313035
X-Server-Time: 1/25/2022 11:32:13 AM
Request-Context: appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019

GET
H/1.1 200
OK ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 631 B
1 KB 430ms
117ms Image
image/jpeg 52.217.66.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.66.52 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 11:32:14 GMT
Last-Modified: Tue, 15 Oct 2019 13:44:16 GMT
Server: AmazonS3
x-amz-request-id: H1HAYRW48B29JT6E
ETag: "ef2cc7f55b7ab677b023e36033e26471"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 631
x-amz-id-2: 9WP7BeJU5tJExLMz5kt2/b7483weoWKKqcbqwdUEbP2iM3Pj9c5gC49GKon7+19hRj3uW1ONrak=
x-amz-meta-s3b-last-modified: 20191015T134358Z

GET
H2 200 e1e803e6a9cec41ff04e826cb4c281f6 Show response
m869.presstelegram.com/plugin/plugin/ 385 KB
74 KB 38ms
38ms Script
text/javascript 18.66.139.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/plugin/plugin/e1e803e6a9cec41ff04e826cb4c281f6

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-96.fra60.r.cloudfront.net

Software

- /

Resource Hash

3ddfca73b98fbeffdbc4299cafba31bce947051988ec6b6eb3d1fc1b41dd9dfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 08:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 441194
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 75309
x-xss-protection: 1; mode=block
last-modified: Wed, 19 Jan 2022 08:58:58 GMT
server: -
etag: e1e803e6a9cec41ff04e826cb4c281f6
content-type: text/javascript; charset=utf-8
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: FRA60-P4
x-robots-tag: noindex, nofollow
x-amz-cf-id: yXNRJqJ3Uq-bVJVbtTA_IemzBX5ODefhMb6F9WHVt08uzt6m6u6qKQ==
expires: Fri, 20 Jan 2023 08:58:58 GMT

GET
BLOB 200
OK 8eed578d-9bf9-451d-a550-b3aa0a0ddfa8
https://www.presstelegram.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.presstelegram.com/8eed578d-9bf9-451d-a550-b3aa0a0ddfa8
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 119ms
54ms Script
text/javascript 2a00:1450:400f:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 10:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2142
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 25 Jan 2022 11:56:31 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 65 KB
20 KB 267ms
189ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?gdfp_req=1&pvsid=976600723876074&correlator=422569883148540&output=ldjh&impl=fifs&eid=31061814%2C44755509&vrg=2022011002&ptt=17&gdpr_consent=CPTXr1jPTXr1jEXABBENBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220125&iu_parts=8013%2Cpresstelegram.com%2Chome%2CSponsorship_1%2Cinterstitial%2Ctop_leaderboard%2CCube1_RRail_ATF&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6&prev_iu_szs=300x50%2C1x1%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%7C300x1050%7C160x600&prev_scp=POS%3DSponsorship_1%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_Sponsorship_1.init.dsk%26amznbid%3D2%26amznp%3D2%7CPOS%3Dinterstitial%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_interstitial.init.dsk%26amznbid%3D2%26amznp%3D2%7CPOS%3Dtop_leaderboard%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_top_leaderboard.init.dsk%26amznbid%3D2%26amznp%3D2%26zeus_appnexus%3D2%26zeus_auctionid_appnexus%3D269192908285537317%7CPOS%3DCube1_RRail_ATF%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_Cube1_RRail_ATF.init.dsk%26amznbid%3D2%26amznp%3D2%26zeus_appnexus%3D13%26zeus_auctionid_appnexus%3D6681015891428039766&eri=1&cust_params=zeus%3Dapplied%26zeus_8013%3Dwww.presstelegram.com%26kv%3Dhome%26page%3Dhome%26content%3D%26RPN%3D75443599532%26rurl%3D%26articleid%3D&bc=31&abxe=1&dt=1643110333125&lmt=1643110333&dlt=1643110329946&idt=2409&frm=20&biw=1600&bih=1200&oid=2&adxs=1290%2C160%2C800%2C1287&adys=17%2C177%2C303%2C460&adks=3250446658%2C2177431972%2C3805295207%2C944040409&ucis=1%7C2%7C3%7C4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.presstelegram.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x50%7C1x1%7C1280x250%7C304x600&msz=1x0%7C1x0%7C1x0%7C1x0&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e1b4d3c660b9441482a49d29a891020b515732f450ceb9c2d1cd5ae94351837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19448
x-xss-protection: 0
google-lineitem-id: -2,-2,5886362353,5544551168
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,138377985618,138331527377
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.presstelegram.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
49aa56d712150ab027d072110aafe53d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D756 6 KB
4 KB 174ms
47ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://49aa56d712150ab027d072110aafe53d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 25 Jan 2022 11:32:13 GMT
expires: Wed, 25 Jan 2023 11:32:13 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 c226bc6c95dd5fbe3c50fc21904c8ce5 Show response
m869.presstelegram.com/plugin/library/ 655 KB
188 KB 37ms
36ms Script
text/javascript 18.66.139.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/plugin/library/c226bc6c95dd5fbe3c50fc21904c8ce5

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-96.fra60.r.cloudfront.net

Software

- /

Resource Hash

9ae36cc74ca42dc345d074f357fd7a4749d84ed0d3a39d246649057456835c99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 08:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 441194
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 191636
x-xss-protection: 1; mode=block
last-modified: Wed, 19 Jan 2022 08:58:59 GMT
server: -
etag: c226bc6c95dd5fbe3c50fc21904c8ce5
content-type: text/javascript; charset=utf-8
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: FRA60-P4
x-robots-tag: noindex, nofollow
x-amz-cf-id: B_CLan9ZEn--wLdVcE_NO__y90qb_oxGbwVAJe_gVVgiwyXzHGdxlA==
expires: Fri, 20 Jan 2023 08:58:59 GMT

POST
H2 200 LB-Zone-2 Show response
m869.presstelegram.com/DG/DEFAULT/rest/rpc/166/ 3 KB
2 KB 403ms
403ms XHR
application/json 18.66.139.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/DG/DEFAULT/rest/rpc/166/LB-Zone-2?referer=https%3A%2F%2Fwww.presstelegram.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2022-01-25T11%3A32%3A13%2B00%3A00&ts=1643110333150

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-96.fra60.r.cloudfront.net

Software

- /

Resource Hash

882daabba3cd39140b8b06dbbc6ec4c1e2513399a0f5e300545f1eaa02aa8c3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jan 2022 11:32:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1150
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.presstelegram.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: yZlhPM2xrRBaHFtJLf6o5e1JF1fwgv_0-fLMxUJTa722VLH7LGhX4Q==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
434 B 144ms
45ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=212590&u=https%3A%2F%2Fwww.presstelegram.com%2F&v=3
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 11:32:13 GMT
X-AK-INITIAL-GEO: CC:[GB], RC:[EN], CN:[EU], CIP:[5.187.21.100], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.presstelegram.com
X-CS-CLIENT-GEO: 27
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 27
Expires: Tue, 25 Jan 2022 11:32:13 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 183 KB
56 KB 140ms
76ms Script
application/javascript 2a00:1450:400f:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NFD2QGD&l=MG2DL

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:802::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6401e6ded1f04840b554a234a94dcea284a00d07d82ad26e7e22b723db42f952

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57615
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Jan 2022 11:32:13 GMT

GET
H2

200

sync Show response
eb2.3lift.com/ Frame A966
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

35ms
35ms

Document
text/html

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 8764adb2a25ac05ce078d39d18e20cf6ce2e17d2a63b9f1b763d16936446eda8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/

Response headers

date: Tue, 25 Jan 2022 11:32:13 GMT
content-type: text/html; charset=utf-8
content-length: 461
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Tue, 25 Jan 2022 11:32:13 GMT
content-length: 0
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 36A4 13 KB
5 KB 294ms
99ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.presstelegram.com&gdpr=1&gdpr_consent=CPTXr1aPTXr1aEXABAENBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

051668900f3f9c5235992fcebe36b4af3290b7d8cd274ec7b10821dd961c50e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2104
date: Tue, 25 Jan 2022 11:32:12 GMT
content-length: 5180
strict-transport-security: max-age=31536000; preload;

GET
H/1.1 200
OK a-05ge Show response
i.liadm.com/s/c/ Frame 80F4 1 KB
1 KB 541ms
107ms Document
text/html 54.88.18.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-05ge?s=&cim=&ps=true&ls=true&duid=3db4babb9fb0--01ft8g3y5g7pfbqksjmexxtj9f&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.18.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-18-204.compute-1.amazonaws.com

Software

Resource Hash

a95a022a89a99bc2c97245c984305317fc9dc910d9cf1be99af86a9229d8e079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/

Response headers

Cache-Control: private, no-cache, max-age=0
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 25 Jan 2022 11:32:13 GMT
ETag: 1.61803398874
Strict-Transport-Security: max-age=31536000; includeSubDomains
trace-id: 8f0babaa75353053
Vary: Accept-Encoding
Content-Length: 667
Connection: keep-alive

GET
H/1.1 200
OK baker
sli.presstelegram.com/ 19 B
370 B 184ms
40ms Image
image/gif 95.100.153.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sli.presstelegram.com/baker?dtstmp=1643110333402
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.153.123 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-123.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 11:32:13 GMT
Cache-Control: max-age=0, no-cache, no-store
Expires: Tue, 25 Jan 2022 11:32:13 GMT
Connection: keep-alive
Content-Length: 19
Content-Type: image/gif

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame FF2E 0
0 113ms
70ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstTjbxJ_2RLJ8aUbE31i2TMurRZnYP2NDzyw3oj03Fq-NnDFqzLFy7zzu7dNDtyQ1IM0JGQo5lTFQkUWoQoup__8cymdsJBSre24RiByv1ts8LD-qhRohx9nc4fO5QXPyfeiEDOSYJqEUTbJjEc3XYTLioxLKraEbQR6dk1mLTluTLtjLP8dO9IBYGOt1CNGk_a5RAvg-jcXwTsbJP_q6dzW6-MAHklKbh7LnowrvWgiI_thF9OmDYFLgznHLZj9iq-I-Xyx7yYmaRbVEq8hY-7Kcc78EH243uckQDE-7w2up9k88joVSq73Kd_athMt2Hq0JVuyCiVr8v_nHK2gIXec67DXQ&sig=Cg0ArKJSzE2HthWbix9rEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 11:32:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/ Frame FF2E 19 KB
8 KB 79ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 11:26:52 GMT

GET
H3 200 window_focus_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame FF2E 2 KB
1 KB 85ms
43ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 08:45:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10020
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 08:45:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FF2E 122 KB
38 KB 143ms
62ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1642595990432946"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 11:32:13 GMT

GET
H2 200 18265910026254781043
tpc.googlesyndication.com/simgad/ Frame FF2E 24 KB
24 KB 113ms
36ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18265910026254781043

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a77dd3797cfd864d354ed4825408b697f098ef46278fda9552050c841db5d6ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:25:30 GMT
x-content-type-options: nosniff
age: 97603
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24406
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 17:59:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Jan 2023 08:25:30 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame B996 0
0 106ms
69ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvJxZMIQp-zytfkoYLw3HOxxwrTh0InW6_3Z17UtuAi1wjeW3jqoKk0crtpcHDVZo5IvXEyH0niwgTVIWxxMvzSWLKvLufQdTp4XaTU5DS5YEWeE-6zDGzGA7PjD9QTld_jrkwnqYEEt3z9tRWmpnmqj7wjCQBVXo1gnPXTZt8NcdwVBiDG_7PDYzEsJgHjVCaOEFe5LuGMeM_F15Qybmvre0ZRBPHvA-tNM5zswgQwJryPBFnt-OIWcSNV96LyY68XTMImUkaXsD-sqOCw_gBP8b_LIcNMGZ5yLHpQeKIafgBaeAmhEOwr9L-H90b_b88LOvVz0PrLp-Nr7hihuzazs2hrseCCYA&sig=Cg0ArKJSzIVYHpsLvI8tEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 11:32:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 render_post_ads_v1.html Show response
googleads.g.doubleclick.net/pagead/ Frame ECB7 13 KB
5 KB 173ms
58ms Document
text/html 2a00:1450:400f:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Requested by

Host: mng-presstelegram.zeustechnology.com
URL: https://mng-presstelegram.zeustechnology.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4980
x-xss-protection: 0
date: Mon, 24 Jan 2022 17:40:02 GMT
expires: Tue, 25 Jan 2022 17:40:02 GMT
cache-control: public, max-age=86400
age: 64331
etag: 12223946614886178233
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame B996 13 KB
6 KB 179ms
63ms Script
text/javascript 2a00:1450:400f:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: mng-presstelegram.zeustechnology.com
URL: https://mng-presstelegram.zeustechnology.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65117e202dee2b9dd7f40715c2738d100aef3712d4e57f0bd8980f52c7153ac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 10:47:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2674
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5696
x-xss-protection: 0
server: cafe
etag: 10103584065280479132
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 25 Jan 2022 11:47:39 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/222/ Frame B996 85 KB
29 KB 72ms
21ms Script
application/x-javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/222/trk.js
Requested by: Host: mng-presstelegram.zeustechnology.com
URL: https://mng-presstelegram.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7b6fc69a9da277bb118dbe07973e75598ff107f8d5c69aec6a3e0f5e6884603a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 11:32:13 GMT
Content-Encoding: gzip
Age: 3631829
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29209
X-Served-By: cache-lga21956-LGA, cache-lcy19258-LCY
Access-Control-Allow-Origin: *, *
Last-Modified: Tue, 14 Dec 2021 10:40:55 GMT
Server: AkamaiNetStorage
X-Timer: S1643110333.496134,VS0,VE0
ETag: "27a82a9a755fe85e7882d2ba1e990a11:1639478455.565772"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Wed, 14 Dec 2022 10:41:45 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 762218

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ Frame B996 0
801 B 106ms
47ms Image
text/html 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.presstelegram.com%252F&e=wqT_3QKEBugEAwAAAwDWAAUBCLy_v48GENa4u5rkke_bXBgAKjYJVTAqqRPQwj8RaqUQyCWOwD8ZAAAAANejIEAhag0SACkRJMgxAAAAoJmZ_T8wp4SXCjj8SEDlHkhlUKuiyyVY_6ldYABoj4J3eKDoBYABAYoBA1VTRJIFBvTEAZgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKVoEjqAh5odHRwczovL3d3dy5wcmVzc3RlbGVncmFtLmNvbS-AAwCIAwGQAwCYAxegAwGqA-oBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1hd2JpZCZhd2JpZF9iPUFLQW1mLUMxYWJ6XzR4Z1BqOE8zb0I4VmFYejJkUVowSWNCNHhGWlBnWGc5NWNuYmxBbG5xSWdleE1YWFZ0YzV6YXlMTzhfUVU1U1gyT1BqY3g4aDN0dUpKZ0J2b3lrSHB3JnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzY2ODEwMTU4OTE0MjgwMzk3NjYiCDc4ODI3ODE5KgQzOTQxOgEwwAOsAsgDANgDpgbgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMNS4xODcuMjEuMTAwqAQAsgQQCAAQARisAiCaCCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASrossliAUBmAUAoAXNqIeFiJvQ4gPABQDJBUEXHAAA8D_SBQkJCQx4AADYBQHgBQHwBZP2F_oFBAgAEACQBgCYBgC4BgDBBgklLPA_0AbujwHaBhYKEAkSGQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcMMTM5MzE5ODI2MjI0ugcRAVhQGAAqBDEtLS043QlAAcgHoOgF0gcNFYgBSQjaBwYJKUjgBwDqBwIIAPAHpeGPAYoIAhAA&s=82680ddf3e3c44646e32d2be541c9ebd676a096d

Requested by

Host: mng-presstelegram.zeustechnology.com
URL: https://mng-presstelegram.zeustechnology.com/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 11:32:13 GMT
X-Proxy-Origin: 5.187.21.100; 5.187.21.100; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 42889ff6-bbb3-463b-bb84-c0091597124b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B996 0
20 B 101ms
67ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-A3FBRyCVhu0LeustK9lQEgmsOhy9nFeBpk4mCpT_LgHjGnzdG_v3s7CfDNsl3pN35h7tNQTW9ScVSdHub2Nesm0A5XwQ

Requested by

Host: mng-presstelegram.zeustechnology.com
URL: https://mng-presstelegram.zeustechnology.com/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 11:32:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B996 122 KB
37 KB 180ms
108ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1642595990432946"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 11:32:13 GMT

GET
BLOB 200
OK 43b19ba0-b246-43d7-b2a9-6964a39be671
https://www.presstelegram.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.presstelegram.com/43b19ba0-b246-43d7-b2a9-6964a39be671
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 680ms
165ms Preflight 40.78.253.202
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.78.253.202 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://www.presstelegram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Tue, 25 Jan 2022 11:32:13 GMT
content-length: 0

POST
H2 206 track Show response
dc.services.visualstudio.com/v2/ 223 B
407 B 202ms
202ms XHR
application/json 40.78.253.202
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.78.253.202 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

099dab513d8ed4fe5dd80830bd52cbbc4c66a14eb7c96c620f0f64a6ba771f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 331B150D-53C3-4713-84AD-5040B3B8D203
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Tue, 25 Jan 2022 11:32:13 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 223

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame A966 70 B
264 B 34ms
34ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 11:32:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

404

xuidmid=7976&xuid=7t9E9P54M&dongle=u6nf
eb2.3lift.com/ Frame A966
Redirect Chain

https://ad.mrtnsvr.com/sync/triplelift
https://eb2.3lift.com/xuidmid=7976&xuid=7t9E9P54M&dongle=u6nf

37 B
155 B

35ms
35ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuidmid=7976&xuid=7t9E9P54M&dongle=u6nf
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:13 GMT
cache-control: no-cache, no-store, must-revalidate
x-error: Not Found
content-length: 37
content-type: image/gif

Redirect headers

location: https://eb2.3lift.com/xuidmid=7976&xuid=7t9E9P54M&dongle=u6nf
date: Tue, 25 Jan 2022 11:32:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92
vary: Origin
content-type: text/html; charset=utf-8

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame A966 170 B
502 B 188ms
64ms Image
image/png 142.250.74.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn09s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 11:32:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A966
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU5MjM2Mzc3MTY0OTI4MTgxNDI1Ng%3D%3D

170 B
232 B

68ms
68ms

Image
image/png

142.250.74.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU5MjM2Mzc3MTY0OTI4MTgxNDI1Ng%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

142.250.74.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn09s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 11:32:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU5MjM2Mzc3MTY0OTI4MTgxNDI1Ng%3D%3D
date: Tue, 25 Jan 2022 11:32:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame A966 0
707 B 254ms
182ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3592363771649281814256&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:12 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 2C7BF966282C47EF9498BCA6515754E0 Ref B: MAN30EDGE0621 Ref C: 2022-01-25T11:32:13Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXWZm/EGmxShGuomZNx9A==

GET
H2

200

xuid
eb2.3lift.com/ Frame A966
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/3592363771649281814256?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-BcyWWS9E2oT8EDU.tocHCThPxP0qch745ZCn2THqmA--~A&dongle=0883

37 B
354 B

37ms
37ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-BcyWWS9E2oT8EDU.tocHCThPxP0qch745ZCn2THqmA--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Tue, 25 Jan 2022 11:32:13 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-BcyWWS9E2oT8EDU.tocHCThPxP0qch745ZCn2THqmA--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame A966 43 B
235 B 323ms
106ms Image
image/gif 35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=3592363771649281814256&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 11:32:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame A966 42 B
593 B 137ms
51ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=3592363771649281814256&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 11:32:13 GMT
etag: "9ea1ae3587d81:0"
last-modified: Wed, 12 Jan 2022 02:05:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7FE0D063A7384F6CB74BD0C8479598D2 Ref B: MAN30EDGE0920 Ref C: 2022-01-25T11:32:13Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame A966
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3592363771649281814256
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3592363771649281814256&dcc=t

0
0

100ms
100ms

Image
text/html

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3592363771649281814256&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Server: 52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 11:32:13 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: MQDK7QDBTH6MS9C2SQ18
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3592363771649281814256&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame A966
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

48ms
47ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Tue, 25 Jan 2022 11:32:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2 200 c82b4907e1d878a7212b792043ce335f Show response
m869.presstelegram.com/templates/ 474 KB
69 KB 43ms
43ms Script
text/javascript 18.66.139.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/templates/c82b4907e1d878a7212b792043ce335f

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-96.fra60.r.cloudfront.net

Software

- /

Resource Hash

e878e3e995e89c125a8187b3af26ec48cc6e89c48709316d5389e4066d7ceb5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 19:48:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 12066197
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 70537
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Sep 2021 19:48:56 GMT
server: -
etag: c82b4907e1d878a7212b792043ce335f
content-type: text/javascript; charset=utf-8
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: FRA60-P4
x-robots-tag: noindex, nofollow
x-amz-cf-id: Y5Cg0MeFvtYSq6pKI7t2mmpwrej1RDXLZnbw3uy7Uo0-t6qzGi3wkA==
expires: Wed, 07 Sep 2022 19:48:56 GMT

POST
H2 200 166 Show response
m869.presstelegram.com/DG/DEFAULT/rest/rpc/ 194 B
1 KB 401ms
401ms XHR
application/json 18.66.139.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/DG/DEFAULT/rest/rpc/166?referer=https%3A%2F%2Fwww.presstelegram.com%2F&bcsessionid=4bf85586-576d-4539-83c0-54d7cbf1df52&bctempid=&overruleReferrer=&time=2022-01-25T11%3A32%3A13%2B00%3A00&ts=1643110333608

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-96.fra60.r.cloudfront.net

Software

- /

Resource Hash

d11189f1b18e3096144c5bca03eeb3acfa96722d72dc7821a6022a35b59eac8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jan 2022 11:32:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 154
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.presstelegram.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: qQRqJSWj31DOUTc9W6qEE7AiQmJLNmE7HCuGCDQE_XJVictCMfCClw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 166 Show response
m869.presstelegram.com/DG/DEFAULT/rest/rpc/ 381 B
1 KB 404ms
404ms XHR
application/json 18.66.139.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-96.fra60.r.cloudfront.net

Software

- /

Resource Hash

4edfa33f71a049c3a09fe759249b53a39468d5f7bb9cfd54e15e40e334526eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jan 2022 11:32:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 180
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.presstelegram.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 59UeYNsXjwMDCGzvIz_NAzQQvn1OIhv45Phdo1xZkZkYoQwZmRfS_w==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 166 Show response
m869.presstelegram.com/DG/DEFAULT/rest/rpc/ 191 B
1 KB 403ms
403ms XHR
application/json 18.66.139.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-96.fra60.r.cloudfront.net

Software

- /

Resource Hash

a67a9798321dd29cb9a47798538d26bcb75f8e56f19e6f8e6292aa9b4e50455d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jan 2022 11:32:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 171
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.presstelegram.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: XbL8Ey15iXwF_fjj9txtNmK2dhZ8CRF4HoqOZy-RbDAiQI87TLpyRw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/ 66 B
858 B 105ms
104ms Script
text/javascript 34.193.237.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/cs?bcsessionid=4bf85586-576d-4539-83c0-54d7cbf1df52&&callback=bc_json169

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.237.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-237-162.compute-1.amazonaws.com

Software

- /

Resource Hash

e3f83df2ff00bc2107d22fb12c9c2f085e305f5d8eb841ae222d56f6463c76b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 11:32:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 86
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 166 Show response
m869.presstelegram.com/DG/DEFAULT/rest/rpc/ 5 KB
3 KB 403ms
402ms XHR
application/json 18.66.139.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-96.fra60.r.cloudfront.net

Software

- /

Resource Hash

7fd05e4991aa47a9688f43c24da6f9e3743a35e0bbaed50618deadb24f34d464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jan 2022 11:32:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2519
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.presstelegram.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 3qMnXtdhhb9ttfYv_-5Z14DEMktqV_myZcgBplgaus4qUuPganjx3g==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame FF2E 0
0 116ms
73ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstUTRZ_Yw-XqNc4cNmHFI-riimKhJmpp6jBbZVWjeX0cjPq4fSHV3VgczaI7XCANM687F--Bw9w9aAn7HBLSJnF2kErjDoBLUP3s_kEeVS89B7H1dbXvnSk04qwAZogICss6VYPmxyrOPcMfd914IBBuqP1aTIyiUrxxh1oNn_ujZPCwlTb-RZ3_vCkpaLlNrK32gLtVQpXgQB7nrYKhm3i2v63uOEdPAUhlg-hJiPPm7rXNgmfyA9hGCt7Fv44vwWa8_XDacdqEHZmK0RCEtZFANB9RmzKkw4mu_wV07X4KrXPesZGrXzycpTbwVapFNuNSAhlFA3CuYEgNbUOlWwDnagpAMie&sig=Cg0ArKJSzFbncUawCcYFEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 11:32:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame FF2E 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame FF2E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c92e26f59ec6100ab628a8ffcd2fe4d8f78a8b735f1112feb22b7ce1b4713f6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B996 75 KB
28 KB 86ms
43ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b7c47af0209642943c02f62b96e8df964e67a560b53d4a480c043eda4f84d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28709
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1642595985144488"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 11:32:13 GMT

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame B996 0
801 B 86ms
85ms Script
text/html 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.presstelegram.com%2F&e=wqT_3QLVLOhVFgAAAwDWAAUBCLy_v48GEKXYp9PhsJfeAxgAKjYJuypQi8HDlD8RKujVhN1Fkj8ZAAAAgOtRHEAhKg0SACkRJMgxAAAAoEfh6j8wpoSXCjj8SEDlHkhlUK2iyyVY_6ldYABoj4J3eKDoBYABAYoBA1VTRJIFBvQ2ApgBygegAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKVoEjqAh5odHRwczovL3d3dy5wcmVzc3RlbGVncmFtLmNvbS_yAg0KBkhFSUdIVBIDMjUw8gIMCgVXSURUSBIDOTcw8gIhCgZMT0FERVISF3JlbmRlcl9wb3N0X2Fkc192MS5odG1s8gIXCgpJRlJBTUVfS0VZEgk3MDU1OTU4NzLyAqIPCgtQUkVfU0NSSVBUUxKSDzxzY3JpcHQ-KGZ1bmN0aW9uKCl7LyoKCiBDb3B5cmlnaHQgVGhlIENsb3N1cmUgTGlicmFyeSBBdXRob3JzLgogU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAKKi8KdmFyIGg9dGhpc3x8c2VsZjsvKgoKIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wCiovCmZ1bmN0aW9uIGsoYil7a1siICJdKGIpO3JldHVybiBifWtbIiAiXT1mdW5jdGlvbigpe307dmFyIG09UmVnRXhwKCJeaHR0cHM_Oi8vKFxcd3wtKStcXC5jZG5cXC5hbXBwcm9qZWN0XFwuKG5ldHxvcmcpKFxcP3wvfCQpIik7CmZ1bmN0aW9uIG4oKXt2YXIgYj1oO3ZhciBjPVtdO3ZhciBlPW51bGw7ZG97dmFyIGE9Yjt0cnl7dmFyIGQ7aWYoZD0hIWEmJm51bGwhPWEubG9jYSFt8F4uaHJlZiliOnt0cnl7ayhhLmZvbyk7ZD0hMDticmVhayBifWNhdGNoKGwpe31kPSExfXZhciBnPWR9Y2F0Y2gobCl7Zz0hMX1pZihnKXt2YXIgZj1hLmxvY2F0aW9uLgFeODtlPWEuZG9jdW1lbnQmJhkMaC5yZWZlcnJlcnx8bnVsbH1lbHNlIGY9ZSxlPQEQVDtjLnB1c2gobmV3IHAoZnx8IiIpKTsBqCRiPWEucGFyZW50GYYAYgU08EZ9fXdoaWxlKGImJmEhPWIpO2E9MDtmb3IoYj1jLmxlbmd0aC0xO2E8PWI7KythKWNbYV0uZGVwdGg9Yi1hO2E9aDtpZihhLhHAAa4RDDwuYW5jZXN0b3JPcmlnaW5zbhwADWsAPR11ACkJhgwxO2I8EYpMOysrYilmPWNbYl0sZi51cmx8fCgFCC5CATp2ABRbYi0KMV0hDBgsZi5oPSEwAeMpIgBoGashdxQsITEpO2YlFiUCBGU9MgQBeDA8PWU7LS1lKWlmKGc9Y1tlXSwhZiYmbS50ZXN0KGcBjyApJiYoZj1nKSwFDigmJiFnLmgpe2E9Z0kbAH0NXQBlFeYEJiYBzAE7CDswISH1IVoIJiZlBUgBGwgpO2MFrUxxKGEsZik7cmV0dXJuIGMuZz9jLgVlDDpjLmkBQAB9VfAYcShiLGMpe2G4BC5pQdUYaGlzLmc9YxkiAHAdIgh1cmwRJBRoPSEhYzsFLwWIJQoEfTsVWQhyKClFsJhiPW4oKSxjPWIuaW5kZXhPZigiPyIpO3NldFRpbWVvdXQoZnVuY3Rp1QR2YWFpPHZvaWQgMD09PWU_LjAxOmVBNUQhKE1hdGgucmFuZG9tKCk-ZSkJXwRhPVH7DC5jdXJBtChTY3JpcHQ7YT0oYRlKBGE_QfOgOmEpJiYiNzciPT09YS5nZXRBdHRyaWJ1dGUoImRhdGEtamMiKT9hOmRtTkAucXVlcnlTZWxlY3RvcignWw0lAD0BRBxdJyk7ZT0iaK3vTHBhZ2VhZDIuZ29vZ2xlc3luZGljaaUIY29tDR6QL2dlbl8yMDQ_aWQ9amNhJmpjPTc3JnZlcnNpb249IisoYSYmYVaYAAAtDSaQIil8fCJ1bmtub3duIikrIiZzYW1wbGU9IitlO2E9d2luZG93OyFHAGQhNjRkPWEubmF2aWdhdG9yKTIOAFAudXNlckFnZW50LGQ9L0Nocm9tZS9JniBkKSYmIS9FZGcZERw_ITA6ITE7ZGGWFVEwLnNlbmRCZWFjb24_Ch1pHRgUKGUpOihhLRVAX2ltYWdlX3JlcXVlc3RzfHxeGgAQPVtdKSwBrjHcBCxkOcsEZD8RFjw6ZCxkPWQuY3JlYXRlRWxloQE8KCJpbWciKSxkLnNyYz1lLFp8AIn7GGQpKX19LDB1KlwwPD1jP2Iuc3Vic3RyaW5nKDAsYyk6Yn0pVxAucmZsPVHgCCgpe21fgGVuY29kZVVSSUNvbXBvbmVudChyKCkpfTt9KS5jYWxsKGEkFCk7Cjwvc0WabD7yAskCCgpFWFRSQV9UQUdTEroCPGRpdiBzdHkhyQxwb3NpwTtkOiBhYnNvbHV0ZTsgbGVmdDogMHB4OyB0b3ANCmR2aXNpYmlsaXR5OiBoaWRkZW47Ij48aW1nIAH74pkCFGF3YmlkJgUG8IZfYj1BS0FtZi1CUV9CUkRINUtPeE5VeXU5NVVkNklCakVTSXdVSWNHd204Y1Q1YjRoV0VZa3VRNk5MVldqN1JlUG81UVdiNXpMRUoyTHVKY2xxZ3NiRjBSZmRoMDJYeXdPTmV0dyIgYm9yZGVyPTAgd2lkdGg9MSBoZWlnaHQ9MSBhbHQ9IiIxGohkaXNwbGF5Om5vbmUiPjwvZGl2PvICmQEKDFBPU1RfU0NSSQ70CASIARr0CDYIAWmZUGFkcy5nLmRvdWJsZWNsaWNrLm5ldHGfPHhiZmVfYmFja2ZpbGwuanMBZS21DVMAPp2uHCB7cjNweCgnIn8JHCcpO30pKCk7PeoQyxQKEEgBnTRQT1JUX1BBUkFNUxK2FJE1ipQA8HlhZGZldGNoP2Fkaz00ODYwOTQzNDAmYWRzYWZlPW1lZGl1bSZjbGllbnQ9Y2EtcHViLTMwNzY4OTAwMTI3NDE0NjcmZm9ybWF0PTk3MHgyNTBfYXMmaXA9NS4xODcuMjEuMTAwJm91dHB1dD1odG1sJnVudmlld2VkX1GJIF9zdGFydD0xJqH-EboId3d3St4KFCZzdWJfYwmOAGJBk_B9ci01NTU2NTMwJmhsPWVuJmFjZWlkPU1Ga1l0QURHR3JRQU90VG1BUGxWTkFHU2JUUUI1RzQwQWJad05BRTVjVFFCVG5FMEFXWnhOQUdaY1RRQkNISTBBUTl5TkFFNGNqUUJPM0kwQVVCeU5BRlJjalFCVlhJMEFWNXlOQUZnARAsWVhJMEFXUnlOQUZ6ARAYZjNJMEFZeAEQwExjMEVCVTNOQkFhTVJ5Z0hHX3RrQnpCMWNBa0gzaUFJblFxb0NLRUtxQWlsQ3FnSzIBEPSCAl9FYXFBbjFIcWdMOVNhb0NvV0NxQXJobHFnSWpiS29DeG5LcUF2NTRxZ0thZXFvQ2JvR3FBbzJLcWdLT2thb0NycEdxQW9DYnFnS0JtNm9DZ3B1cUFoNmhxZ0ttcDZvQ29xaXFBaXFzcWdJRnI2b0NMcnVxQWlfQXFnTFB3S29DdThHcUFuYkNxZ0xIeUtvQ0Q4eXFBaVhNcWdMVnpLb0NSODJxQXBMTnFnS2J6cW9DbzlXcUFtaldxZ0lCMTZvQ1ZOdXFBZ0xkcWdJbzNxb0NWZDZxQW56ZXFnTGwzcW9DSHVDcUFuWGhxZ0pqNDZvQ3dPT3FBaHpscWdLZjVhb0NGLW1xQXJUcHFnSzU2YW9DS09xcUFqN3FxZ0pFNnFvQ3RPcXFBdmpxcWdKSTY2b0NrZXVxQWdqc3FnSWU3S29DUnV5cUFtTHNxZ0thN0tvQzFleXFBckR0cWdMcTdhb0NGLTZxQWlMdXFnSmQ3cW9DQU8tcUFyM3ZxZ0lOOEtvQ0hQQ3FBaVR3cWdKNjhLb0N3UENxQXNUd3FnSUc4YW9DR1BLcUFpdnlxZ0kzOHFvQ1F2S3FBbDN5cWdMYjhxb0NWTExGQllNSC1Rak5YeFVNN0RhZ0RHR3FIUV8yZFFRUm5FYmlFaWVSLXhJRHJQc1NJY1g3RXZ2SC14SUd5X3NTMXVIN0V2RHIteElVN1BzU1Z1ejdFb0RzLXhJRjdmc1NnZTM3RXJ2dC14SnQ3dnNTNGU3N0VsbnYteEplN19zU3hlXzdFczd4LXhJcDh2c1NsbVprRTZfMUF4VnVGdmNYLUZackdsa0FraWsmZXhrPTcwNTU5NTg3MiZhd2JpZF9jPUGlk_CwQ3NCa3doSXBFMFZKTHE2dUZDWENaYlZMaFJUcldhWnpDc2VYa2xqUzU5MVMyNkdLRnFvdzNncWppSDVrNVVJOGVOcWpHOFNjX2pZOUZ0NzZROGVDUkJxTGFRd09INnYzOFBLcG1KNVc3aXl0Z3k1TGV1U2JpanN3bXp6YXJmSHVPNHMzQXNfU0FUZDlqRl9ubzRiVUMtdkVrYk5BSE1Ec1E4Mm01bmdURnJxQW1YQmxVzVMAZM1T9HwGRGdXdW4xZUlfbXdmQ0lGQUNlNWQ0SlZSNW42WGxsbFdxX1lzY3FLanhxTGpXc3J3VDA1SEhUTDhsTjRvc1NwT2dKY25Wdy1ONUFmRXd6Y3pwU0ZsMXJtSzFBb1JxZUJGbmpnV3hRd1RVdDZsSTE0MDJEaDFNbk1EbWdfS2ExWWwtYThxTXFVenQ4YU1tT29uMExsMnp2VTZ0LTdWZmRUZDRMUU1VdGwxMGphWm9GazI5WGJBV1NOTVkwT3ViR2tGc05QQnpKSnNuakFBdmtGS1JOQ3ZsZU1qVEpYZV9XR3kwZ1F2d3I2LUY1RXg5Zi1vQ1o4eEdwVFgzOWtDWVY3ZGdBeVVMR2JFVWlkWU9MMVhjWDU5bUZFS3pXWlVnM2JVR3RyMWY1MmdBd0RtZzFoelNNYWtGRWJmSWkzVzlfcUR4cEozMW9NYjlQUTBSZHozMjFuY2U5Ry1QLTdxRk1CekNLc3dhd0pfZHlpdjRUM0k5WWJ0LV83NnByS1B3bW0zUXBMU1k3YXcxZktkMVdWN0NNQTQyd3NKQ29VWW9yWXVnMXI5and6eUNhSDAya2J0RlJ1YUZNZ3Y5NU1YY0NFTldHQW1JcUVzYm41aU5ZNEZWbWVjaXRNc2lUWmcwVUFhb3M3QVVEbmdmWUJlU28wRVc1UW9pQTRHalYtOEpoeU9RYm00SDYxcU1yTEpvRnFOSUJRMmxrWDlFRFRRR2NkRi1mMFdfRDBPdzBYVWtZZVB3TVluR2NQanhWdC1WOWU2STVIRC16S0pwNWdfOFlFYWdvUGgwWGNmUFQ4cGVCdDN0akZYYTNYQlRnWnFIdHBjOVRPb1J6VUZ6TDdKMkJtLVRaNFJmUkxRVHRSaHoyWTZoRXJlWDN5Tmw3MGQ4TENQVjRpeTFnckNrTWhnRDJMWmdTeWIxcEFuQlVrYThsMzZacTY4VzZNNnBjaUFjNVdNY045b3ZOOU16eVRGTVZtWmtQeUxJTWRsV1VGanNZTVJlXzhXdjNHSzJiT041YXhRQW5QVGVkSGdCa1NFbllBLUhvSUFTRF9PUWg0T3dFb0x4QWwteVl1alcxcVRiTHFKZFdxNWpwbm05X3dqUnJGUVFiR0phVDdqbmZ2X0NtUWxWbFlLd05JdEdRdUxpdjVRRDN6M2ItUVVuNzdIcTh6QlVmX3M5b1pQcGgxSjF1amR6LTc0MElIQ2JRcnd5MW9peXUwU3FvSzZ4MTZkNHJTQ3J4TmllcE9EOHFoUVAtMHlEcHpVbjJEa1FfdGk0TWxocWhBUUFzZ2lldWdIZUllaThTT3laenVIejdSTHFBOXFZWGZnN28xbHdsQk5RNkRieFV2S2NUM1hfUng5Tm50a2pqTUs0TVlNdHN2aDQxQzUzajFEYnN0RzVNRFN3US1WMkplbm1WLXlkMlJ5b0ltd2txa19ES1I0SlhfNjNKQW80YU9HNURfdnUySG82bmJMaTdEZE9WSDlIbDVrOXowQmRaQ0xDQkQxVm8xWjZMSG1LYUtMLWZGMDM4R2lMd2ZKUk92Q01ZQXlMTTN1VGZCdXZVdGJXRU9md2VxUXNUcjRSTG5qbmZ5MmNaNldTX3pIOTEzempsWDFVNHBpRFRzSEE5c0lLYXBSRXg3N3I0TUU0WU9YeFFNT25zaGNOemJnbnpZZGdVQTFaa0N2S2FFWWtfR0xrSTFvdnVoRUFrRm1CQmk0MUItbFp1cUg3VVpKaE1LQXpsMm11OHBnJmNpZD1DQUFTQk9SbzZITSZhX2NpZD2AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOmBuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw1LjE4Ny4yMS4xMDCoBACyBBAIABABGMoHIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBK2iyyWIBQGYBQCgBcKVpLa708-1ZsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbzgG_oFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbujwHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxMzAyMDAxNjg2MTe6BxEIABAAGAAqBDEtLS043QlAAcgHoOgF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8Ael4Y8BiggCEAA.&s=0e3791aa4b39131aeb3f6979ac6071f4949774a6&bdref=https%3A%2F%2Fwww.presstelegram.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.presstelegram.com%2F,https%3A%2F%2Fwww.presstelegram.com%2F&

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 11:32:13 GMT
X-Proxy-Origin: 5.187.21.100; 5.187.21.100; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3a6d1468-0938-4b39-adb4-699bc18115d2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/langdfp426654370628/ Frame FF2E 0
253 B 109ms
36ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/langdfp426654370628/moatad.js
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:13 GMT
last-modified: Wed, 06 Nov 2019 19:24:58 GMT
server: AmazonS3
x-amz-request-id: 3FFD4A402005D731
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-type: application/x-javascript
cache-control: max-age=36667
accept-ranges: bytes
content-length: 0
x-amz-id-2: KUVE5dS4ZUvJ8BvzhI9TVKASOx59bih8xdeXQqJpOJVJX7bXx14dqpsOTdCXY4sQ9EQQ7Vdemho=

GET
H2 200 recommendations Show response
m869.presstelegram.com/rest/ 12 KB
4 KB 410ms
410ms Script
text/javascript 18.66.139.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/rest/recommendations?storeId=9f108cb3-5303-4214-ae91-f16a713f4e9b&profileId=undefined&frequencyCap=8&itemId=www.presstelegram.com%2F&request=%5B%7B%22id%22%3A1561500701741%2C%22filters%22%3A%5B%22VIEWED%22%5D%2C%22boosts%22%3A%5B%7B%22value%22%3A7%2C%22algorithm%22%3A%22RECENT_VIEW%22%7D%2C%7B%22value%22%3A10%2C%22algorithm%22%3A%22RECENCY%22%7D%2C%7B%22value%22%3A7%2C%22algorithm%22%3A%22RECENT_CTR%22%7D%2C%7B%22value%22%3A7%2C%22algorithm%22%3A%22RECENT_ENTRYPAGE%22%7D%5D%2C%22count%22%3A12%7D%5D&&callback=bc_json170

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-96.fra60.r.cloudfront.net

Software

- /

Resource Hash

b48bd60badc4fa19baa9a561d69b6a73e527e88391c93949a0e2caebccc3c4d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 3416
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: text/javascript;charset=utf-8
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
x-amz-cf-id: MWjvXCPJkN-b93vuTKgfCAzJSuvinygGMN9r4uI0mBGnMOpRB648dw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 36A4
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=www.presstelegram.com&sn=ChromeSyncframe&so=0&topUrl=www.presstelegram.com
https://mug.criteo.com/sid?cpp=qiEhy3w0N2VZZzFYUStyS3RkcDJzSGh0VHNOSjNiVDFNNW1oV2pZU0FhZS8rdzYvdkZUUXVqYTNuL3BVS1VNSXErbHBhQ3lHSFViVStSUXlVR3dJWXBYNDNmV3laUU85YnhCclh0U2ZRbnFucWphNzBtVCtaKzNpYzR5b0...

345 B
567 B

111ms
32ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=qiEhy3w0N2VZZzFYUStyS3RkcDJzSGh0VHNOSjNiVDFNNW1oV2pZU0FhZS8rdzYvdkZUUXVqYTNuL3BVS1VNSXErbHBhQ3lHSFViVStSUXlVR3dJWXBYNDNmV3laUU85YnhCclh0U2ZRbnFucWphNzBtVCtaKzNpYzR5b0JRZmpZMk96UHB2K0o0YnhsWk9ZeXVqZzl2YThxdE83T2dFNEg0YzlYUHZLVU9jMUtPNlc1TDhqUWtXK0NuMzhGMGlFam9QbDFQVXlVUElVQnZvYXZrNEdoTWFCeHVBPT18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

0f00ec066803369c1fc21aa12547e3edebc72b85178505997f52bc5c4064c049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 11:32:12 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3487
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 25 Jan 2022 11:32:13 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=qiEhy3w0N2VZZzFYUStyS3RkcDJzSGh0VHNOSjNiVDFNNW1oV2pZU0FhZS8rdzYvdkZUUXVqYTNuL3BVS1VNSXErbHBhQ3lHSFViVStSUXlVR3dJWXBYNDNmV3laUU85YnhCclh0U2ZRbnFucWphNzBtVCtaKzNpYzR5b0JRZmpZMk96UHB2K0o0YnhsWk9ZeXVqZzl2YThxdE83T2dFNEg0YzlYUHZLVU9jMUtPNlc1TDhqUWtXK0NuMzhGMGlFam9QbDFQVXlVUElVQnZvYXZrNEdoTWFCeHVBPT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1868
content-length: 455
expires: 0

POST
H3 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame ECB7 76 KB
29 KB 168ms
104ms XHR
text/html 2a00:1450:400f:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ca5f547e6f5b4d2399a916a8f47f0fa8de01c5f7634b2f5cc20f8ed480fb5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 25 Jan 2022 11:32:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29209
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame B996 0
0 72ms
71ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstm1MyOCw3gkiy_U_tQ4ek3smDIJy8vAE4aLYyFTvjpwUgR5bYETQ9lsgUjAQQJtHdmPqo_c5mFfX1W-swazBRuTgHBdxHzyjUAH02k6AAjQ1CH7myVhM4VTnhnkuHPfuitzgVIroxO0rc1TcDvi3D9N1bFcm5FlOm0vtM_SOPnr0yG4gGN3vqGFOS0dxsDs9-v7SbDe7DaJFlMmvj4A4yCgCc2ykKLdUXVDNn6kLociasES9pYBXQmk9QTV_9sH0LwShfrurh-ZjuRZd48mQpPZ55fwqcNk037-_A776Vcryn-rfbSpu8rAaoRO7DdlMCMDInX0dzHq304EnTXB7yR8gaAXzI7D9Ud&sig=Cg0ArKJSzL6vsWjiJyHXEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 11:32:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame B996 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame B996 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b161dbf9228e4b070d52ce56c7269eb6624f08b7620caececa0cb819dab2e4da

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame B996 0
829 B 77ms
77ms Ping
text/html 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.presstelegram.com%2F&e=wqT_3QKEBugEAwAAAwDWAAUBCLy_v48GENa4u5rkke_bXBgAKjYJVTAqqRPQwj8RaqUQyCWOwD8ZAAAAANejIEAhag0SACkRJMgxAAAAoJmZ_T8wp4SXCjj8SEDlHkhlUKuiyyVY_6ldYABoj4J3eKDoBYABAYoBA1VTRJIFBvTEAZgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKVoEjqAh5odHRwczovL3d3dy5wcmVzc3RlbGVncmFtLmNvbS-AAwCIAwGQAwCYAxegAwGqA-oBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1hd2JpZCZhd2JpZF9iPUFLQW1mLUMxYWJ6XzR4Z1BqOE8zb0I4VmFYejJkUVowSWNCNHhGWlBnWGc5NWNuYmxBbG5xSWdleE1YWFZ0YzV6YXlMTzhfUVU1U1gyT1BqY3g4aDN0dUpKZ0J2b3lrSHB3JnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzY2ODEwMTU4OTE0MjgwMzk3NjYiCDc4ODI3ODE5KgQzOTQxOgEwwAOsAsgDANgDpgbgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMNS4xODcuMjEuMTAwqAQAsgQQCAAQARisAiCaCCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASrossliAUBmAUAoAXNqIeFiJvQ4gPABQDJBUEXHAAA8D_SBQkJCQx4AADYBQHgBQHwBZP2F_oFBAgAEACQBgCYBgC4BgDBBgklLPA_0AbujwHaBhYKEAkSGQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcMMTM5MzE5ODI2MjI0ugcRAVhQGAAqBDEtLS043QlAAcgHoOgF0gcNFYgBSQjaBwYJKUjgBwDqBwIIAPAHpeGPAYoIAhAA&s=82680ddf3e3c44646e32d2be541c9ebd676a096d&type=nv&nvt=5&jm=1003&px=1138&py=460&bw=300&bh=600&sid=4821308041593498890&vd=ct~0|rr~0&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21348903&sw=1600&sh=1200&pw=1600&ph=6405&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/222/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 11:32:13 GMT
X-Proxy-Origin: 5.187.21.100; 5.187.21.100; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: fdba783d-2f70-4768-b5b5-8e238fabc173
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.presstelegram.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/langdfp426654370628/ Frame B996 0
253 B 37ms
37ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/langdfp426654370628/moatad.js
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:13 GMT
last-modified: Wed, 06 Nov 2019 19:24:58 GMT
server: AmazonS3
x-amz-request-id: 3FFD4A402005D731
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-type: application/x-javascript
cache-control: max-age=36667
accept-ranges: bytes
content-length: 0
x-amz-id-2: KUVE5dS4ZUvJ8BvzhI9TVKASOx59bih8xdeXQqJpOJVJX7bXx14dqpsOTdCXY4sQ9EQQ7Vdemho=

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/ Frame ECB7 24 KB
9 KB 105ms
59ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:30:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9544
x-xss-protection: 0
server: cafe
etag: 6261108306223674270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 11:30:58 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame ECB7 2 KB
1 KB 165ms
119ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

272f3d0f2cce62e707f9c0686695e2adbac257d88fff6eecf1bf96f43048f935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1201
x-xss-protection: 0
server: cafe
etag: 2856655861756061653
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 11:32:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ECB7 122 KB
37 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1642595990432946"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 11:32:13 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame ECB7 18 KB
7 KB 84ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ecd735a36a0ae5ed396c789b1887ade973c3d7527c53f0b1360f100bc59e876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7356
x-xss-protection: 0
server: cafe
etag: 4688267750112033662
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 11:27:01 GMT

GET
H3 200 one_click_handler_one_afma.js Show response
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame ECB7 36 KB
14 KB 159ms
114ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/one_click_handler_one_afma.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32e522c07735a9f391ccdcca9a80dcf77665a2214e8a3c877ec1b06a70d91c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 08:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14125
x-xss-protection: 0
server: cafe
etag: 735644841933870555
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 08:05:46 GMT

GET
H3 200 17360167312354663852
tpc.googlesyndication.com/simgad/ Frame ECB7 99 KB
100 KB 88ms
44ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17360167312354663852?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qke52QFD7cGRe-KM1JHOHK147wXZw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2022ce083ef8ee3cc52008f35a35af9cf3656136aa787c5a83c8ffa2cbbe8e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 06:10:54 GMT
x-content-type-options: nosniff
age: 19280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101884
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 08:53:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Jan 2023 06:10:54 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ECB7 0
20 B 68ms
68ms Image
text/html 2a00:1450:400f:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ctw6KvN_vYfaeIvqu7_UP3JmEuALNhsr-Z87gkPujD7_hHhABIOaX1iVguwagAfGD_ZUDyAECqAMByAPJBKoEzwFP0GEoEfIuFQtRotNJ8FEnUZzSxHPl94DC4zrxDyAAVh9QVMTAEuuYhiX_3RXQDblBjylJldxHVIon2yDl2cDCs6zM8g77Gg8xes57NUwLXNOdDRVR5dBRM6ZDOLH5wegz5rn6JDlUv2KGuQb8cAxDQ2ecWPHPuktNlm66JlC00jRyTW_NNEcMVVxn58aU6LMFH_MhcudN0AP2oXljj4N0x6bRl9_ob9CloP30AlO_SRRctwnsnQdyFneWHHNqc7X1PhYB1tA8R0Kb5s7V2EDABLCu74CHBJIFBAgEGAGSBQQIBRgEoAYCgAe64rf7AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB0ggHCIBhEAEYAPIIDmJpZGRlci01NTU2NTMwgAoEyAsB2BMN0BUBgBcBshcICgYIABIAGAA&sigh=LUeXr5IuAdI&uach_m=[UACH]&pr=10:0.146975&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 25 Jan 2022 11:32:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 25 Jan 2022 11:32:13 GMT

GET
H/1.1

200
OK

5ff4b5ab404148848a2e8c0a0c2944bd
i.liadm.com/s/e/a-05ge/0/ Frame 80F4
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https://i.liadm.com/s/e/a-05ge/0/5ff4b5ab404148848a2e8c0a0c2944bd?mpid%3D7156%26muid%3D%5BMM_UUID%5D&a5ce9dc3-2624-4025-b075-9fa43d2fa64b&us_priva...
https://i.liadm.com/s/e/a-05ge/0/5ff4b5ab404148848a2e8c0a0c2944bd?mpid=7156&muid=6ad061ef-dfbe-4300-b9a7-86e09d2ea17c

43 B
285 B

135ms
96ms

Image
image/gif

54.88.18.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-05ge/0/5ff4b5ab404148848a2e8c0a0c2944bd?mpid=7156&muid=6ad061ef-dfbe-4300-b9a7-86e09d2ea17c

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-05ge?s=&cim=&ps=true&ls=true&duid=3db4babb9fb0--01ft8g3y5g7pfbqksjmexxtj9f&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&

Protocol

HTTP/1.1

Server

54.88.18.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-18-204.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 11:32:13 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: f7a080d6374ae908
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Date: Tue, 25 Jan 2022 11:32:14 GMT
Server: MT3 4133 baa842e master cdg-pixel-x29 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://i.liadm.com/s/e/a-05ge/0/5ff4b5ab404148848a2e8c0a0c2944bd?mpid=7156&muid=6ad061ef-dfbe-4300-b9a7-86e09d2ea17c
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 25 Jan 2022 11:32:13 GMT

GET
H/1.1

200
OK

35759
i6.liadm.com/s/ Frame 80F4
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&us_privacy=1---
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=88fbc670-b2dd-4e5f-aec8-856e6d5e6fff
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=88fbc670-b2dd-4e5f-aec8-856e6d5e6fff

43 B
419 B

302ms
95ms

Image
image/gif

2600:1f18:444a:4680:5b76:7408:bdd4:1592
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=88fbc670-b2dd-4e5f-aec8-856e6d5e6fff

Requested by

Protocol

HTTP/1.1

Server

2600:1f18:444a:4680:5b76:7408:bdd4:1592 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 11:32:14 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=88fbc670-b2dd-4e5f-aec8-856e6d5e6fff
Date: Tue, 25 Jan 2022 11:32:13 GMT
Connection: keep-alive
trace-id: 2daf180cbd0d780f
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

5ff4b5ab404148848a2e8c0a0c2944bd
i.liadm.com/s/e/a-05ge/0/ Frame 80F4
Redirect Chain

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=a5ce9dc3-2624-4025-b075-9fa43d2fa64b&redir=https:%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-05ge%2F0%2F5ff4b5ab404148848a2e8c0a0c2944bd%3Fmpid=82775&muid=$%7BDD_UUI...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=a5ce9dc3-2624-4025-b075-9fa43d2fa64b&redir=https:%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-05ge%2F0%2F5ff4b5ab404148848a2e8c0a0c2944bd%3Fmpid...
https://i.liadm.com/s/e/a-05ge/0/5ff4b5ab404148848a2e8c0a0c2944bd?mpid=82775

43 B
285 B

144ms
107ms

Image
image/gif

54.88.18.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-05ge/0/5ff4b5ab404148848a2e8c0a0c2944bd?mpid=82775

Requested by

Protocol

HTTP/1.1

Server

54.88.18.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-18-204.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 11:32:13 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: 6f9ddf38383b5e70
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

DCS: dcs-prod-irl1-2-v027-0faf5f5c7.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: W+sfPKlvSFs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://i.liadm.com/s/e/a-05ge/0/5ff4b5ab404148848a2e8c0a0c2944bd?mpid=82775
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

live_intent_sync
x.dlx.addthis.com/e/ Frame 80F4
Redirect Chain

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=a5ce9dc3-2624-4025-b075-9fa43d2fa64b&us_privacy=1---
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=a5ce9dc3-2624-4025-b075-9fa43d2fa64b&us_privacy=1---&rd=Y

43 B
604 B

169ms
169ms

Image
image/gif

104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=a5ce9dc3-2624-4025-b075-9fa43d2fa64b&us_privacy=1---&rd=Y

Requested by

Protocol

Server

104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 11:32:14 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 25 Jan 2022 11:32:14 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=a5ce9dc3-2624-4025-b075-9fa43d2fa64b&us_privacy=1---&rd=Y
pragma: no-cache
date: Tue, 25 Jan 2022 11:32:14 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Tue, 25 Jan 2022 11:32:14 GMT

GET
H/1.1

200
OK

52176
i.liadm.com/s/ Frame 80F4
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=a5ce9dc3-2624-4025-b075-9fa43d2fa64b&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1---
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=a5ce9dc3-2624-4025-b075-9fa43d2fa64b&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1---
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=b88ac2a6-1cd4-42bc-8018-7f63f4a7e46b

43 B
447 B

95ms
95ms

Image
image/gif

54.88.18.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=b88ac2a6-1cd4-42bc-8018-7f63f4a7e46b

Requested by

Protocol

HTTP/1.1

Server

54.88.18.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-18-204.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 11:32:13 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: d12e9fff30c1b189
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: //i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=b88ac2a6-1cd4-42bc-8018-7f63f4a7e46b
Date: Tue, 25 Jan 2022 11:32:14 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame 80F4
Redirect Chain

https://x.bidswitch.net/sync?ssp=liveintent&user_id=a5ce9dc3-2624-4025-b075-9fa43d2fa64b&us_privacy=1---
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c6e9ea9c-4deb-3700-d164-f078a1f7802b&ssp=liveintent&gdpr=&gdpr_consent=

43 B
607 B

172ms
111ms

Image
image/gif

35.190.90.30
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c6e9ea9c-4deb-3700-d164-f078a1f7802b&ssp=liveintent&gdpr=&gdpr_consent=
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-05ge?s=&cim=&ps=true&ls=true&duid=3db4babb9fb0--01ft8g3y5g7pfbqksjmexxtj9f&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol: H2
Server: 35.190.90.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.90.190.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 11:32:14 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c6e9ea9c-4deb-3700-d164-f078a1f7802b&ssp=liveintent&gdpr=&gdpr_consent=
Date: Tue, 25 Jan 2022 11:32:14 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 /
trc.taboola.com/sg/liveintent/1/cm/ Frame 80F4 43 B
239 B 84ms
30ms Image
image/gif 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/liveintent/1/cm/?us_privacy=1---
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-05ge?s=&cim=&ps=true&ls=true&duid=3db4babb9fb0--01ft8g3y5g7pfbqksjmexxtj9f&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 25 Jan 2022 11:32:14 GMT
via: 1.1 varnish
server: nginx
x-timer: S1643110334.032426,VS0,VE9
x-served-by: cache-lcy19244-LCY
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6A34 143 B
163 B 55ms
54ms Document
text/html 2a00:1450:400f:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 25 Jan 2022 11:29:16 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 178
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame ECB7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eec3ebcdd3909622bc6f7d27f48e721c2b1e1e23f1298fb9d8d17771db3e3b00

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6A34
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

67ms
67ms

Document
text/html

2a00:1450:400f:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 25 Jan 2022 11:32:14 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 25 Jan 2022 11:32:14 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 25 Jan 2022 11:32:14 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js Show response
pagead2.googlesyndication.com/bg/ Frame 71CA 35 KB
13 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:48:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13497
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 09:48:23 GMT

GET
H2 200 self Show response
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 558 B
849 B 259ms
197ms Fetch
application/json 104.26.5.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1643110334363
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 882332b3353c394f93bc0775cb09e804d9d65e6d2e25bb24ffe7a0add02185fe

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:32:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 25 Jan 2022 11:32:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJbJpGOZSGZG6MLp%2FBaSWxnNbZTXWW3QiGk3ZECaGYIXzh7901FsF0wG4unJe0ByO4XkDHPMqBKxcxqkFfVZJCkxOyq1yWfPXnJvPCVFNp%2BJx%2FqYmgcyN3sldwO5qaZExH6m"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d312e063e3971b1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 vendors~Auth0UniversalLoginAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 143 KB
42 KB 25ms
25ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/vendors~Auth0UniversalLoginAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8DC1) /
Resource Hash: 6f87d87de84dc36cab28965d9e1d940c250f399860acafe55f3dac01d54399ad

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 11:32:14 GMT
content-encoding: gzip
content-md5: o/3Cfwyx2Hdo/xXi+KtqIw==
age: 9211
x-cache: HIT
content-length: 43195
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:48 GMT
server: ECAcc (lha/8DC1)
etag: 0x8D9056E3D50F079
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7eaf1d89-401e-006a-08c9-117ad4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 Auth0UniversalLoginAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 11 KB
3 KB 26ms
25ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/Auth0UniversalLoginAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8C87) /
Resource Hash: dde5f5e3043fff6c7a7f24a307eac6ac7317e7d6db0085fbbe268eb11ba08699

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 11:32:14 GMT
content-encoding: gzip
content-md5: E5fyjsIr92YKgvTS5SE4ZA==
age: 8643
x-cache: HIT
content-length: 3400
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (lha/8C87)
etag: 0x8D9056E339D05A5
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: de4ce91c-a01e-006b-60cb-117b29000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 Auth0AuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 7 KB
2 KB 27ms
26ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/Auth0AuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8C9A) /
Resource Hash: 99bea1588717259aa23413b0659c1eb6a0fe227b10eb213e8d9068fd1aa23b96

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 11:32:14 GMT
content-encoding: gzip
content-md5: jBig/iW/Mpw+sfYWVt9mLw==
age: 9211
x-cache: HIT
content-length: 2320
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:31 GMT
server: ECAcc (lha/8C9A)
etag: 0x8D9056E3391B836
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9a170eda-e01e-010e-5ec9-118c21000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 CustomAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 6 KB
2 KB 26ms
25ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/CustomAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8D26) /
Resource Hash: 80e63f47bb601d1782367bf3015482e86cad9fa03cbfce5ec26502c016d4d47b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 11:32:14 GMT
content-encoding: gzip
content-md5: WtHQ46VooZh5jhibUEIm/g==
age: 9211
x-cache: HIT
content-length: 2146
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (lha/8D26)
etag: 0x8D9056E33BE9F96
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f3238d8c-601e-0136-5dc9-11cd78000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 JanrainAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 9 KB
3 KB 29ms
28ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/JanrainAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8C96) /
Resource Hash: 1d4e66ef8f5ea94ffe457c995d263d41163c06c199cb6900dfc368b2214794a0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 11:32:14 GMT
content-encoding: gzip
content-md5: 3loC7XOiphfHLLmAxSEZ5g==
age: 9211
x-cache: HIT
content-length: 2639
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (lha/8C96)
etag: 0x8D9056E33C99EC8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ad397a6c-601e-00f5-75c9-11026e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 MG2AuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 9 KB
3 KB 26ms
25ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/MG2AuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8D61) /
Resource Hash: 8cf0bb9486df56f8bfc90a4ba4d7317243f9ca37aa6ec6193214e9a0d640744c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 11:32:14 GMT
content-encoding: gzip
content-md5: 53DSePPJylXjWw4MlYhYcA==
age: 9211
x-cache: HIT
content-length: 2456
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (lha/8D61)
etag: 0x8D9056E33DFC44A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: eae095bb-301e-0107-7dc9-1196af000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 NewzwareAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 13 KB
4 KB 29ms
28ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/NewzwareAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8DAF) /
Resource Hash: 2fcc3c30a10f35c852ff3d27a846dcde5c87dfe2b6c2abd7c2a58f67791f9df2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 11:32:14 GMT
content-encoding: gzip
content-md5: XXTxgTgPuF9lg38Cul1d8Q==
age: 9211
x-cache: HIT
content-length: 4009
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (lha/8DAF)
etag: 0x8D9056E33EAC378
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 695fae3a-f01e-011a-77c9-114f45000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 LikeButtons4.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 114 B
242 B 27ms
27ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/LikeButtons4.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8DAE) /
Resource Hash: 64ff9f874a5fd24a871b1d9cd7ee49e4d92bc27ce63c05e94bedc4f7adcc0a11

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 11:32:14 GMT
content-md5: 0is0k5hNwCAMRJ10IGm41w==
age: 9211
x-cache: HIT
content-length: 114
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (lha/8DAE)
etag: 0x8D9056E33D49E04
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f3238d1e-601e-0136-01c9-11cd78000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FF2E 42 B
64 B 67ms
67ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumzKClzn9bCYHNFAv5si4_aVsm11i4EjtZKPEvfu_B-bjjKT2r37wLD4PKtoevG6kgIWg4rZQ0Cj1mragGn9_92EiiIxIJ-xOupYIcNc9AYihDVTPk&sig=Cg0ArKJSzIupXhPmi9m7EAE&id=lidar2&mcvt=1020&p=258,436,348,1164&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20220119&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3805295207&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643110333420&rpt=282&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 11:32:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK views
prod-dfm-proxy-connext.azurewebsites.net/api/ Frame 0
0 131ms
131ms Preflight 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=d6104c443e7165ef88f92a7392883e2d&ConfigCode=SCNGPRODWP&SiteCode=DFM&SettingsKey=LANG%2CLBPT
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Origin: https://www.presstelegram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
X-Powered-By: ASP.NET
Date: Tue, 25 Jan 2022 11:32:13 GMT
Content-Length: 0

GET
H/1.1 200
OK views Show response
prod-dfm-proxy-connext.azurewebsites.net/api/ 65 B
1 KB 181ms
180ms Fetch
application/json 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=d6104c443e7165ef88f92a7392883e2d&ConfigCode=SCNGPRODWP&SiteCode=DFM&SettingsKey=LANG%2CLBPT
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: b95b7840dd4e76f60f9b3d9c3a7dcff21135b740611568ab4044853964694fec

Request headers

source-system: Plugin
site-code: DFM
autoqa: false
Accept-Language: en-GB,en;q=0.9
settingskey: LANG,LBPT
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2NDMxMjQ3MzN9.qDslnfWtv7Xw0P79Qks8JiRNhxEpFwIE6PonHq3PZs4
environment: prod
config-code: SCNGPRODWP
access-control-allow-origin: *
ssid: df98e83ff4f5e931c0bb5740c3ca0eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
accept: application/json
content-type: application/json
location: System
attr: LBPT
Referer: https://www.presstelegram.com/
version: Version: 2.5.4.3_swg

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 11:32:14 GMT
Content-Encoding: gzip
Expires: -1
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Server-Time,Request-Context
Cache-Control: no-cache
Content-Length: 177
X-Server-Time: 1/25/2022 11:32:15 AM
Request-Context: appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B996 42 B
64 B 67ms
67ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvAfsUd8Ls75CdEdk-mNQOYwSn2rHu6lvkDuERSWpIoXKUqmoBCI5E4JJ5pyX9U-9LL1lB8hlK_9ohnfrW4LTm-A1_6uMuYeq1yGAzlfbdjkeqidkjC&sig=Cg0ArKJSzPrAnwzVoWmgEAE&id=lidar2&mcvt=1000&p=460,1138,1060,1438&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220119&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=944040409&rs=4&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643110333433&rpt=371&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 11:32:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame B996 0
829 B 29ms
28ms Ping
text/html 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.presstelegram.com%2F&e=wqT_3QKEBugEAwAAAwDWAAUBCLy_v48GENa4u5rkke_bXBgAKjYJVTAqqRPQwj8RaqUQyCWOwD8ZAAAAANejIEAhag0SACkRJMgxAAAAoJmZ_T8wp4SXCjj8SEDlHkhlUKuiyyVY_6ldYABoj4J3eKDoBYABAYoBA1VTRJIFBvTEAZgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKVoEjqAh5odHRwczovL3d3dy5wcmVzc3RlbGVncmFtLmNvbS-AAwCIAwGQAwCYAxegAwGqA-oBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1hd2JpZCZhd2JpZF9iPUFLQW1mLUMxYWJ6XzR4Z1BqOE8zb0I4VmFYejJkUVowSWNCNHhGWlBnWGc5NWNuYmxBbG5xSWdleE1YWFZ0YzV6YXlMTzhfUVU1U1gyT1BqY3g4aDN0dUpKZ0J2b3lrSHB3JnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzY2ODEwMTU4OTE0MjgwMzk3NjYiCDc4ODI3ODE5KgQzOTQxOgEwwAOsAsgDANgDpgbgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMNS4xODcuMjEuMTAwqAQAsgQQCAAQARisAiCaCCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASrossliAUBmAUAoAXNqIeFiJvQ4gPABQDJBUEXHAAA8D_SBQkJCQx4AADYBQHgBQHwBZP2F_oFBAgAEACQBgCYBgC4BgDBBgklLPA_0AbujwHaBhYKEAkSGQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcMMTM5MzE5ODI2MjI0ugcRAVhQGAAqBDEtLS043QlAAcgHoOgF0gcNFYgBSQjaBwYJKUjgBwDqBwIIAPAHpeGPAYoIAhAA&s=82680ddf3e3c44646e32d2be541c9ebd676a096d&type=pv&jm=1003&px=1138&py=460&bw=300&bh=600&sf=1&sid=4821308041593498890&vd=ct~0|rr~5&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21348903&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/222/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 11:32:14 GMT
X-Proxy-Origin: 5.187.21.100; 5.187.21.100; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 34d91d46-5c14-4eeb-9621-0e256b75e21b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.presstelegram.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ECB7 42 B
64 B 69ms
69ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnOiD7dJg86AtTTEGlTwgA9SAdS_o4uKPRXJtQreq4ZtEo8vn58cTIayb6DkhoWGsbBZua7ReNrFK6zk11OFUoghiTwm0YPkvo2TbU2LYQdjFw9dY&sig=Cg0ArKJSzFXn7bBRdx5HEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220119&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=643167340&exk=534863163&rs=5&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643110333437&rpt=645&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 11:32:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 event-stream Show response
k.p-n.io/ 0
126 B 125ms
38ms Fetch 3.66.204.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=eVG4zdTtv5ogBcGVQlE2BFCc8f4Hc1wJFW3k&ver=5.8.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.204.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-204-182.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 25 Jan 2022 11:32:17 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

POST
H2 204 event-stream Show response
k.p-n.io/ 0
125 B 38ms
38ms Fetch 3.66.204.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=eVG4zdTtv5ogBcGVQlE2BFCc8f4Hc1wJFW3k&ver=5.8.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.204.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-204-182.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 25 Jan 2022 11:32:17 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
m869.presstelegram.com/DG/DEFAULT	1970-01-20 10:01:10	Name: BCSessionID Value: 4bf85586-576d-4539-83c0-54d7cbf1df52
digitalfirstmedia.blueconic.net/DG/DEFAULT	1970-01-20 09:10:46	Name: BCSessionID Value: 4bf85586-576d-4539-83c0-54d7cbf1df52
.3lift.com/sync	1970-01-20 02:34:46	Name: sync Value: CgoIgQIQv_iHiOkvCgoI4gEQv_iHiOkvCgoI5gEQv_iHiOkvCgoIhwIQv_iHiOkvCgkICRC_-IeI6S8KCQg6EL_4h4jpLwoJCAsQv_iHiOkvCgoIjAIQv_iHiOkvCgoIngIQv_iHiOkvCgkIXxC_-IeI6S8=
.mrtnsvr.com/sync	1970-01-20 09:12:12	Name: userId Value: 7t9E9P54M
i.liadm.com/s	1970-01-20 01:08:22	Name: _li_ss Value: MgUIBhC3ETIFCAoQtxEyBQh-ELYRMgYIiwEQtxEyBQgLELcRMgUIDBC3ETIFCHkQthEyCQj_____BxC3EQ
.presstelegram.com/	1970-01-20 09:10:46	Name: bc_tstgrp Value: 1
.presstelegram.com/	1970-01-30 00:23:43	Name: _pnvl Value: false
.presstelegram.com/	1970-01-30 00:23:43	Name: pushly.user_puuid Value: CIWB7aEvM6b4jQsWxziUArz6HG9QBfyG
.presstelegram.com/	1970-01-30 00:23:43	Name: _pndnt Value:
www.presstelegram.com/	1970-01-20 00:26:36	Name: _lr_geo_location Value: GB
.scorecardresearch.com/	1970-01-20 17:41:58	Name: UID Value: 12C1afd9044ba6365a38bcb1643110332
.presstelegram.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .presstelegram.com
.presstelegram.com/	1970-01-20 17:56:22	Name: _lc2_fpi Value: 3db4babb9fb0--01ft8g3y5g7pfbqksjmexxtj9f
.rubiconproject.com/	1970-01-20 09:10:46	Name: khaos Value: KYU1GUP0-28-40KZ
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|BNq1IkcWr+ffWzKn0c98PhXvvJhaLpvAvCF6ItGqVVkp+OqfPmzhQsDyZbyJi4+dRg2t9HjGAAuzFyjBXEn+RTT/rmw62G0J5h4qb83eS0hKp262BqcxIK/jSKW3MjDGUvjxlH9h
.rubiconproject.com/	1970-01-20 09:10:46	Name: audit Value: 1\|hLZGFuTafB00glGwQo/0u6JvvWgC/Qcxgndhc+y7+ZBnP7zXHD5+SPTWxFrAlpGRbNHjT6HKFbzkjH+ciftgzHKY++jymV4/aCFOaQK4KY/m483AcCYUhA==
.adsrvr.org/	1970-01-20 09:10:46	Name: TDID Value: 88fbc670-b2dd-4e5f-aec8-856e6d5e6fff
.adnxs.com/	1970-01-20 02:34:46	Name: icu Value: ChgImYRKEAoYASABKAEwvL-_jwY4AUABSAEQvL-_jwYYAA..
.adnxs.com/	1970-01-20 02:34:46	Name: uuid2 Value: 5287204627550651839
.liadm.com/	1970-01-20 17:56:22	Name: lidid Value: a5ce9dc3-2624-4025-b075-9fa43d2fa64b
.presstelegram.com/	1970-02-25 12:25:10	Name: anonDeviceId Value: d6104c443e7165ef88f92a7392883e2d
www.presstelegram.com/	1970-01-20 00:25:10	Name: _liChk Value: 0.8705436097575827
.3lift.com/	1970-01-20 02:34:46	Name: tluid Value: 3592363771649281814256
.yahoo.com/	1970-01-20 09:11:07	Name: A3 Value: d=AQABBL3f72ECEFfnWUJu65QWjDXNHG1SZxoFEgEBAQEx8WH5YQAAAAAA_eMAAA&S=AQAAAhQARe_QpTt6Aaxaxj_4DtQ
.bing.com/	1970-01-20 09:46:46	Name: MUID Value: 1708BABDD2F267C42653AB8AD3C2664F
.criteo.com/	1970-01-20 09:46:46	Name: uid Value: ab195859-019f-47ef-a18d-2fb940a1e7b7
digitalfirstmedia.blueconic.net/	1970-01-20 00:35:15	Name: AWSALBCORS Value: 0rxj59WvdIQp0yT3L+DR2DONpcMb9/S5qCrybWfc8ctzAIgLxZp23dOL505o9cUIMJsAtnpEix6t0PHBtpMkLBvpoERY0K+QGV9AAT4F76An0rN3dsUTuy+ATo3E
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:57:04	Name: bcookie Value: "v=2&4c476b30-65ca-4fb3-82b8-1b6282437429"
.linkedin.com/	1970-01-20 17:39:41	Name: li_gc Value: MTswOzE2NDMxMTAzMzM7MjswMjEsaIAu1Hqe4j1gkQRDuCe/XVC3mUy7yUMeATsU05x5Hw==
.linkedin.com/	1970-01-20 00:26:36	Name: lidc Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2338:u=1:x=1:i=1643110333:t=1643196733:v=2:sig=AQG4Yl_PJ1jW4LXGK5GXB4fJvyML0L5D"
.adsrvr.org/	1970-01-20 09:10:46	Name: TDCPM Value: CAESGQoKbGl2ZWludGVudBILCMq7nN2LgLA6EAUYASABKAIyCwjKs5-KooCwOhAFOAFaCmxpdmVpbnRlbnRgAg..
.mathtag.com/	1970-01-20 09:51:05	Name: uuid Value: 6ad061ef-dfbe-4300-b9a7-86e09d2ea17c
.bidswitch.net/	1970-01-20 09:10:46	Name: tuuid Value: b88ac2a6-1cd4-42bc-8018-7f63f4a7e46b
.bidswitch.net/	1970-01-20 09:10:46	Name: c Value: 1643110334
.bidswitch.net/	1970-01-20 09:10:46	Name: tuuid_lu Value: 1643110334
.demdex.net/	1970-01-20 04:44:22	Name: demdex Value: 04040263203188416483058812424164813645
m869.presstelegram.com/	1970-01-20 00:35:15	Name: AWSALB Value: zcsrmnazN05345l35klLnoOtDh9AYolavVFf3Crp/RlkmjglNjl7KjZoABLEMssJhgBscqqj/yBYIKfuF2E/ST7gxJpjsuRWGe0uPkBJwLTMiYlRfI+POriFrDT/
m869.presstelegram.com/	1970-01-20 00:35:15	Name: AWSALBCORS Value: zcsrmnazN05345l35klLnoOtDh9AYolavVFf3Crp/RlkmjglNjl7KjZoABLEMssJhgBscqqj/yBYIKfuF2E/ST7gxJpjsuRWGe0uPkBJwLTMiYlRfI+POriFrDT/
.dpm.demdex.net/	1970-01-20 04:44:22	Name: dpm Value: 04040263203188416483058812424164813645
.addthis.com/	1970-01-20 09:55:24	Name: na_id Value: 2022012511321400023437554295
.addthis.com/	1970-01-20 09:55:24	Name: na_tc Value: Y
.addthis.com/	1970-01-20 09:55:24	Name: uid Value: 61efdfbe7ef5bc63
.addthis.com/	1970-01-20 09:55:24	Name: ouid Value: 61efdfbe0001ba0da8fbfbfc2a2b8c23641ab6e91e244431f458
www.presstelegram.com/	1970-01-20 01:08:22	Name: ABTestCookie Value: B
.mookie1.com/	1970-01-20 09:53:58	Name: id Value: 10601403155568182381
.mookie1.com/	1970-01-20 09:53:58	Name: mdata Value: 1\|10601403155568182381\|1643110334347
.mookie1.com/	1970-01-20 09:53:58	Name: ov Value: 1e1681d35cb3b2796da7ca1c303a64e3
.dlx.addthis.com/	1970-01-20 01:08:22	Name: na_sc_x Value: 1
.doubleclick.net/	1970-01-20 00:25:13	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 09:46:46	Name: IDE Value: AHWqTUmc5ZLgrqPXai-PZ6bNg4kl-ckovkz5KqDGhRYwSRSbPfvA7ih3W77rPXWE
.presstelegram.com/	1970-01-30 00:23:43	Name: _pnlspid Value: 10392
.presstelegram.com/	1970-01-30 00:23:43	Name: _pnss Value: dismissed
.presstelegram.com/	1970-01-20 00:35:15	Name: _pnpdm Value: true

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://eb2.3lift.com/xuidmid=7976&xuid=7t9E9P54M&dongle=u6nf Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000;includeSubdomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

49aa56d712150ab027d072110aafe53d.safeframe.googlesyndication.com
ad.mrtnsvr.com
ads.pubmatic.com
ajax.googleapis.com
ams1-ib.adnxs.com
api-mg2.db-ip.com
api.rlcdn.com
as-sec.casalemedia.com
ats.rlcdn.com
az416426.vo.msecnd.net
b-code.liadm.com
b1sync.zemanta.com
bidder.criteo.com
c.amazon-adsystem.com
c.bing.com
cdn.adnxs.com
cdn.auth0.com
cdn.ayc0zsm69431gfebd.xyz
cdn.jsdelivr.net
cdn.p-n.io
cdn.parsely.com
cm.g.doubleclick.net
cmp.osano.com
dc.services.visualstudio.com
dfm-presstelegram.disqus.com
digitalfirstmedia.blueconic.net
dpm.demdex.net
eb2.3lift.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
geo.privacymanager.io
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i1.wp.com
i6.liadm.com
ib.3lift.com
ib.adnxs.com
idx.liadm.com
image6.pubmatic.com
js-sec.indexww.com
k.p-n.io
loader-cdn.azureedge.net
m869.presstelegram.com
match.adsrvr.org
mid.rkdms.com
mng-presstelegram.zeustechnology.com
mug.criteo.com
odr.mookie1.com
pagead2.googlesyndication.com
paywall-ad-bucket.s3.amazonaws.com
pixel.wp.com
polyfill.io
pr-bh.ybp.yahoo.com
prod-dfm-proxy-connext.azurewebsites.net
px.ads.linkedin.com
rp.liadm.com
rp4.liadm.com
s.amazon-adsystem.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
sli.presstelegram.com
ssp-sync.criteo.com
static.criteo.net
stats.wp.com
sync.mathtag.com
tlx.3lift.com
tpc.googlesyndication.com
trc.taboola.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.presstelegram.com
x.bidswitch.net
x.dlx.addthis.com
z.moatads.com
104.111.215.191
104.26.5.15
104.36.113.23
108.139.210.126
13.224.193.26
13.225.63.115
13.225.82.234
13.225.85.39
13.248.245.213
13.32.121.37
13.85.16.224
142.250.185.194
142.250.74.34
151.101.1.108
178.250.0.157
178.250.0.165
178.250.2.83
18.66.139.96
18.66.97.105
185.29.134.244
185.33.220.100
185.33.220.240
192.0.66.2
192.0.76.3
192.0.77.2
199.232.192.134
2.18.233.180
2.18.234.21
2.18.235.40
204.237.133.116
23.0.33.234
2600:1f18:444a:4680:5b76:7408:bdd4:1592
2600:1f18:730:b130:4896:6298:98c:bff0
2600:9000:209c:600:3:b7e:8940:93a1
2600:9000:225e:f600:8:8845:1500:93a1
2602:803:c004:200::143
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6810:5914
2620:100:a001::c
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2001
2a00:1450:4001:831::2003
2a00:1450:400f:800::200a
2a00:1450:400f:801::200a
2a00:1450:400f:802::2008
2a00:1450:400f:803::200e
2a00:1450:400f:80b::2002
2a02:2638::3
2a04:4e42:600::300
2a04:4e42:e00::282
2a05:d018:d29:3601:32f1:6bb5:fef5:f5d6
3.33.220.150
3.66.204.182
3.95.140.237
34.102.163.6
34.120.133.55
34.193.237.162
34.236.203.109
35.156.29.201
35.190.90.30
35.211.178.172
40.78.253.202
52.217.66.52
52.222.214.39
52.46.154.242
54.146.217.90
54.155.105.81
54.88.18.204
64.202.112.223
65.9.71.173
95.100.153.123
01d6389de5581a2a3eb0cd4d6a05cb136bf07d221306f89173a080c73a38e392
045b5f40059c43f82385117da235e57712640c57c23bdb8b5c0d4248fb62e353
04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2
051668900f3f9c5235992fcebe36b4af3290b7d8cd274ec7b10821dd961c50e0
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
064182f2ec726493010ec2199b57a312f1f9766e6d7dbc461093eb2d328a6d31
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
099dab513d8ed4fe5dd80830bd52cbbc4c66a14eb7c96c620f0f64a6ba771f62
0a73f4df68c1ea26082ab3755018ae01218e76e7dcd9325864a4cab027eba899
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0f00ec066803369c1fc21aa12547e3edebc72b85178505997f52bc5c4064c049
123830b3c1bb951b81bee61657d5ff2d7061c67316a4210df730462d093b0a23
13289607feb3670d05935c7fefe8bc4826524c14c90310cb46297aca57243cae
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141
187b1d68391ba32b082de00f7d0d4b83fbd061a6f90b6ef920f6977db0d9cfa9
19a7e389d3afbfdbf14c9165c8b5d7dd974137a7ff7e448048c4ff9e614d3941
1ca5f547e6f5b4d2399a916a8f47f0fa8de01c5f7634b2f5cc20f8ed480fb5fe
1d4e66ef8f5ea94ffe457c995d263d41163c06c199cb6900dfc368b2214794a0
1db4c1c628c6983e50f21969f7549d9f1334d8f9e52d6e898782b7118a943542
1eadc253aa14701ab7ee3d2126ffd9ee8edd6cfb9f3c98284511c392740bcc57
2022ce083ef8ee3cc52008f35a35af9cf3656136aa787c5a83c8ffa2cbbe8e70
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
25cd47e7ea0da4aea12e4c75f78ede9e4da289775aa61a8afb9184b6efd5289b
272f3d0f2cce62e707f9c0686695e2adbac257d88fff6eecf1bf96f43048f935
283b01acc1a90635ef278f5328fcb6e0c0855ae6013d04d553966bca733da285
2a2f5115d2bcda504a7df7d638fc1868668132c6831586822398a0929295dc14
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2ec20f4da4de9c69d644d1152276cc850974efb35795a8a0a5c8a2b591d65ddf
2fcc3c30a10f35c852ff3d27a846dcde5c87dfe2b6c2abd7c2a58f67791f9df2
3055d17805780baef555cf000cde314b433bfbb7419d44ee28d6ec7df024ffc9
3214c1d02f0794737b58d56814b31c639c67f85c6eb6816c39804cf5d4041dea
32e522c07735a9f391ccdcca9a80dcf77665a2214e8a3c877ec1b06a70d91c53
34554cca1d68d1c952b6d12bc418b6a8cb251850675186c1d408fb63ae201110
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
35a16d4eadd0bba6d642c57bb265872111a5a0f45a34743760e58d787f174828
3a11e2a0fde819688998cc6849391ab464936cca055dfc7dda88eab410cb27b2
3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a
3ddfca73b98fbeffdbc4299cafba31bce947051988ec6b6eb3d1fc1b41dd9dfd
3f01826f4042850331538b33a462edeec90ba251ed95452a3463f225887e6627
406a07ea3e9467e981a1ace354903d4bfc6bf6bdd5ba85c89f8e46c37d970d54
4199aa201ece6731eaf107515489e42256e2f7c9b61e9e96d013a051a02f5c23
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
43514231ed020fa48a2bc5155c04c3af1cd4d519e0e1ac7faf600d63fd22653a
4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78
4878ac49d80bcfbd2664ab64cc977f81898c27920d6c183be0ddae26fc7df5a6
4edfa33f71a049c3a09fe759249b53a39468d5f7bb9cfd54e15e40e334526eef
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56945676d89eae955fcd196d4f7f44d33f68ce25d2b4fae9e16f9f5405d0eebb
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a
5f73db920d574a8ba16efc308a57e03f838227d4935e9892ec4d7403cf663517
605c854b7c1c4d15ff7275fc4508ea6020265b1a6a5548182432e04b93f1a391
6401e6ded1f04840b554a234a94dcea284a00d07d82ad26e7e22b723db42f952
64ff9f874a5fd24a871b1d9cd7ee49e4d92bc27ce63c05e94bedc4f7adcc0a11
65117e202dee2b9dd7f40715c2738d100aef3712d4e57f0bd8980f52c7153ac8
672d486d591ba926fb83e491481f0cf9fac5b31a80fe3177b89320f1df74e09c
6e1b4d3c660b9441482a49d29a891020b515732f450ceb9c2d1cd5ae94351837
6f87d87de84dc36cab28965d9e1d940c250f399860acafe55f3dac01d54399ad
70c4634f438568a86bb98789e25bd251a5b979f0e1f68c57956f5c038f53a914
725a5183b72f7625301b946259d83e50aed2bdcb6294b877a857321abf0cf656
72720e014799a24d380ed220362405a56e0af4f575eaec92fba27809b0644a7b
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
73a5c38561a9bef102be3b7b6278721916913075bce67f4600e6ca810d74b0c3
75a2ddcf7010e6ad95ad6e7471f5602c1b2ef7fa8797f04be48966e3c8096fee
764503455df7aed19f092aa14879eccf3f4d23a95aca0cb583821fdee295f769
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
7b6fc69a9da277bb118dbe07973e75598ff107f8d5c69aec6a3e0f5e6884603a
7c87ded267f6752d3d9e25aaa6199c7809719a46e63e9db27a7184205a1b1dd7
7c92e26f59ec6100ab628a8ffcd2fe4d8f78a8b735f1112feb22b7ce1b4713f6
7fd05e4991aa47a9688f43c24da6f9e3743a35e0bbaed50618deadb24f34d464
80e63f47bb601d1782367bf3015482e86cad9fa03cbfce5ec26502c016d4d47b
80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
84c9c9d4de88f5cf5e9ed1803bc3dc4a3a60be607d5b1d1c690151144e6a8a5c
8764adb2a25ac05ce078d39d18e20cf6ce2e17d2a63b9f1b763d16936446eda8
881179ed8d76a220dc210c45af07c46373896683c0d394f1595cd7213cb4d7ba
882332b3353c394f93bc0775cb09e804d9d65e6d2e25bb24ffe7a0add02185fe
882daabba3cd39140b8b06dbbc6ec4c1e2513399a0f5e300545f1eaa02aa8c3c
8cf0bb9486df56f8bfc90a4ba4d7317243f9ca37aa6ec6193214e9a0d640744c
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93d920df7b2cd78b99a9f7b58b5f66f95407408dfcc917de30d1ec190643b1a5
9455c17f04895c082b78aad0133bb5222671817dfcd4b8bfb1211746f5e5cae2
96b34914f736b96f184920bea4cf3b30a7b76583c51bf1e9caf2add39705bffd
99bea1588717259aa23413b0659c1eb6a0fe227b10eb213e8d9068fd1aa23b96
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ae36cc74ca42dc345d074f357fd7a4749d84ed0d3a39d246649057456835c99
9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678
9ecd735a36a0ae5ed396c789b1887ade973c3d7527c53f0b1360f100bc59e876
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a67a9798321dd29cb9a47798538d26bcb75f8e56f19e6f8e6292aa9b4e50455d
a7193b4a580e14658a91dd634cc0ef32ebccae115e311886a993b5e07ca5102d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a749ba0a2ea8ebf4d6ce6563ef06d0abe6660e040bfa6f0355bb371cec594f2e
a77dd3797cfd864d354ed4825408b697f098ef46278fda9552050c841db5d6ac
a7b7c47af0209642943c02f62b96e8df964e67a560b53d4a480c043eda4f84d4
a81b295b51029aa9eac46af64442efd6b08f8492104a6ca3c9bae23a58920b07
a95a022a89a99bc2c97245c984305317fc9dc910d9cf1be99af86a9229d8e079
af4e8d7260951bf87b336e473cca2c2f4a9a25e9d9dea86b6e4e18e736b09755
b161dbf9228e4b070d52ce56c7269eb6624f08b7620caececa0cb819dab2e4da
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969
b48bd60badc4fa19baa9a561d69b6a73e527e88391c93949a0e2caebccc3c4d0
b4c9b940ff725bf2c2c73932c44d43b5ca6aa4302cd2e0ee6648d80ffa52c3ea
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
b95b7840dd4e76f60f9b3d9c3a7dcff21135b740611568ab4044853964694fec
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbbaad3dfb7bbfd9ddfc56494b937a0fb7ce8182a66282dbbf0894e703dee06b
beb0bcec663d154040a628980a09cdc4c4180b1e4ec0c105617938d568bee2e5
bf5bfe4ceaf713b09eed8a345158abbf67f33c179aca5d02db390055e02efb2b
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
c815be0139a92202ff8f262cc335f6ae103594bb1d92c1c479ed604adf384a16
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbccc935557398179deeef044a5ab2353e97ca4961f313793c8ba03964c43e93
d11189f1b18e3096144c5bca03eeb3acfa96722d72dc7821a6022a35b59eac8b
d238270de539f85c1df5d20bbd5d6b8d729c433a64315629f87dbabce0bbafd9
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d3ee29fd8b50e02d83934e15ad705aed173d4dfeed878c04609fe0eee41a6df8
d69ee89e4ab6168fa82d3820e7e1d97ddb843056489c4553298ec20853f81161
d7471e3df1ba49ecc8acc2dc6d8c4c3619f1a8e094050bdb2432c1cb2548468d
d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da640ae45fbcf4fb2cb9a590a3e223ef7e61be3ce5b77eb54552f6e1d8a4d1fa
dde5f5e3043fff6c7a7f24a307eac6ac7317e7d6db0085fbbe268eb11ba08699
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f83df2ff00bc2107d22fb12c9c2f085e305f5d8eb841ae222d56f6463c76b8
e878e3e995e89c125a8187b3af26ec48cc6e89c48709316d5389e4066d7ceb5e
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
ea5d2befb0a4e0ce54a1e5014b440dcbec8a981df5921805bef7c080647dab6d
eec3ebcdd3909622bc6f7d27f48e721c2b1e1e23f1298fb9d8d17771db3e3b00
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7da2ea9165f4486462c7f1dccddb7485e6a1922d220a1c393a8fa7214829fd
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4f1b1276fc1b071a253c7234e00dc858823a86ca6da576a78660ab56152eb10
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9c7145154268a1d869a0d90ba430da6bd376fddccee2602264aa6ab5942e23b

www.presstelegram.com Open in urlscan Pro 192.0.66.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

186 Requests

89 %HTTPS

33 %IPv6

53 Domains

82 Subdomains

70 IPs

6 Countries

3396 kBTransfer

11260 kBSize

54 Cookies

42 Outgoing links

Page URL History

Redirected requests

186 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.presstelegram.com Open in urlscan Pro
192.0.66.2 Public Scan

Screenshot
Live screenshot

Full Image

186
Requests

89 %
HTTPS

33 %
IPv6

53
Domains

82
Subdomains

70
IPs

6
Countries

3396 kB
Transfer

11260 kB
Size

54
Cookies

186 HTTP transactions
6 data transactions