telegram-site.com Open in urlscan Pro
2606:4700:3032::ac43:b854 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.telegram-site.com/
Effective URL:
https://telegram-site.com/
Submission: On March 20 via automatic, source certstream-suspicious (March 20th 2023, 1:32:05 am UTC) — Scanned from DE

Summary HTTP 257 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 40 IPs in 10 countries across 50 domains to perform 257 HTTP transactions. The main IP is 2606:4700:3032::ac43:b854, located in United States and belongs to CLOUDFLARENET, US. The main domain is telegram-site.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.

This is the only time telegram-site.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 40	2606:4700:303... 2606:4700:3032::ac43:b854	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
8 18	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
3	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	89.184.81.35 89.184.81.35	28907 (MIROHOST ...) (MIROHOST Web hosting)
3 18	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2 15	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
11	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 24	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::184 2a02:6b8::184	208722 (GLOBAL_DC) (GLOBAL_DC)
27	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	35.177.4.157 35.177.4.157	16509 (AMAZON-02) (AMAZON-02)
3 3	193.3.184.228 193.3.184.228	50214 (QWARTA) (QWARTA)
1 1	193.3.184.213 193.3.184.213	50214 (QWARTA) (QWARTA)
2 3	188.42.34.65 188.42.34.65	7979 (SERVERS-COM) (SERVERS-COM)
1 2	54.195.241.43 54.195.241.43	16509 (AMAZON-02) (AMAZON-02)
2 4	52.48.197.145 52.48.197.145	16509 (AMAZON-02) (AMAZON-02)
1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1 1	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
2	37.18.16.16 37.18.16.16	205675 (HYBRID-AS) (HYBRID-AS)
2 2	185.15.175.147 185.15.175.147	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 1	168.119.9.59 168.119.9.59	24940 (HETZNER-AS) (HETZNER-AS)
1 1	89.108.127.68 89.108.127.68	197695 (AS-REG) (AS-REG)
4 4	217.66.147.36 217.66.147.36	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 1	217.65.2.150 217.65.2.150	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
1 1	23.88.12.13 23.88.12.13	24940 (HETZNER-AS) (HETZNER-AS)
1 1	91.192.148.14 91.192.148.14	42481 (BEGUN-AS) (BEGUN-AS)
2 2	193.232.150.43 193.232.150.43	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:48bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	31.220.27.135 31.220.27.135	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	81.222.128.214 81.222.128.214	20597 (ELTEL-AS) (ELTEL-AS)
1	87.242.89.90 87.242.89.90	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	194.55.244.181 194.55.244.181	34959 (PROCLOUD ...) (PROCLOUD PROCLOUD MSK)
2 2	188.42.105.220 188.42.105.220	7979 (SERVERS-COM) (SERVERS-COM)
2 2	148.251.236.118 148.251.236.118	24940 (HETZNER-AS) (HETZNER-AS)
2 2	89.108.120.68 89.108.120.68	197695 (AS-REG) (AS-REG)
1 1	178.170.192.140 178.170.192.140	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	178.170.196.9 178.170.196.9	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
33	2a02:2638::c 2a02:2638::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 7	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2 3	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
257	40

40 2606:4700:3032::ac43:b854 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.telegram-site.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
telegram-site.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.telegram-site.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:6b8:a::a (Moscow, Russian Federation) 8 redirects

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.184.81.35 (Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: c.hit.ua

c.hit.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.4.157 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-4-157.eu-west-2.compute.amazonaws.com

px.arcspire.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.3.184.228 (Russian Federation) 3 redirects

ASN50214 (QWARTA, RU)

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.3.184.213 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.34.65 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.195.241.43 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-241-43.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.48.197.145 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-197-145.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
euw-ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

cm.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.18.16.16 (Russian Federation)

ASN205675 (HYBRID-AS, DE)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.147 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.9.59 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.59.9.119.168.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.108.127.68 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: srv4.kimberlite.io

kimberlite.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.66.147.36 (St Petersburg, Russian Federation) 4 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-36-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation) 1 redirects

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.12.13 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.13.12.88.23.clients.your-server.de

nr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.148.14 (Russian Federation) 1 redirects

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.43 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:48bf (United States)

ASN13335 (CLOUDFLARENET, US)

rtb-eu-warsaw.intent.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.135 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.214 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad14.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.242.89.90 (Russian Federation)

ASN208677 (SBERCLOUD-AS, RU)

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.55.244.181 (Russian Federation)

ASN34959 (PROCLOUD PROCLOUD MSK, RU)

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.105.220 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.236.118 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-4.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.120.68 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.170.192.140 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)

yandex-dmp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.170.196.9 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr14.segmento.ru

yandex-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	criteo.net static.criteo.net — Cisco Umbrella Rank: 629 csm.eu.criteo.net — Cisco Umbrella Rank: 8170 pix.eu.criteo.net — Cisco Umbrella Rank: 7820	1 MB
47	yandex.ru 10 redirects yandex.ru — Cisco Umbrella Rank: 1730 mc.yandex.ru — Cisco Umbrella Rank: 3749 an.yandex.ru — Cisco Umbrella Rank: 3601 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 30327	307 KB
40	telegram-site.com 1 redirects www.telegram-site.com telegram-site.com cdn.telegram-site.com	723 KB
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 134	282 KB
17	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	47 KB
14	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9360	5 KB
11	yastatic.net yastatic.net — Cisco Umbrella Rank: 7398	299 KB
9	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8089 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 12906 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9155	158 KB
9	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	3 KB
8	google.de adservice.google.de — Cisco Umbrella Rank: 8720 www.google.de — Cisco Umbrella Rank: 6069	2 KB
6	mts.ru 6 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 40204 tech.rtb.mts.ru — Cisco Umbrella Rank: 47864	4 KB
4	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2213 euw-ice.360yield.com — Cisco Umbrella Rank: 12945	1010 B
4	googleadservices.com 2 redirects partner.googleadservices.com — Cisco Umbrella Rank: 860 www.googleadservices.com — Cisco Umbrella Rank: 171	17 KB
3	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1603	2 KB
3	acint.net 3 redirects acint.net — Cisco Umbrella Rank: 26782	1 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	15 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	146 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 820	65 KB
2	rutarget.ru 2 redirects yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 76783 yandex-sync.rutarget.ru — Cisco Umbrella Rank: 77026	837 B
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 18282	1 KB
2	upravel.com 2 redirects sync.upravel.com — Cisco Umbrella Rank: 40249	1 KB
2	gonet-ads.com 2 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 24502	578 B
2	adriver.ru ssp.adriver.ru — Cisco Umbrella Rank: 29012	402 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 11767	594 B
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 18781	815 B
2	digitaltarget.ru 2 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 24619	1 KB
2	hybrid.ai dm.hybrid.ai — Cisco Umbrella Rank: 34294	516 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 201	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 20496	69 B
1	bumlam.com sync.bumlam.com — Cisco Umbrella Rank: 3808	390 B
1	1dmp.io sync.1dmp.io — Cisco Umbrella Rank: 15405	155 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 10851	205 B
1	intent.ai rtb-eu-warsaw.intent.ai — Cisco Umbrella Rank: 75027	837 B
1	rambler.ru 1 redirects profile.ssp.rambler.ru — Cisco Umbrella Rank: 49627	244 B
1	bidderstack.com 1 redirects nr.bidderstack.com — Cisco Umbrella Rank: 5192	403 B
1	new-programmatic.com 1 redirects match.new-programmatic.com — Cisco Umbrella Rank: 39145	262 B
1	kimberlite.io 1 redirects kimberlite.io — Cisco Umbrella Rank: 39227	657 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 23927	178 B
1	tns-counter.ru 1 redirects cm.tns-counter.ru — Cisco Umbrella Rank: 76248	386 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 1842	466 B
1	bluevoox.com im.bluevoox.com — Cisco Umbrella Rank: 12904	241 B
1	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 31755	698 B
1	arcspire.io 1 redirects px.arcspire.io — Cisco Umbrella Rank: 71920	317 B
1	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 9126	15 KB
1	hit.ua c.hit.ua — Cisco Umbrella Rank: 196467	311 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 686	29 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	44 KB
0	semantiqo.com Failed sonar.semantiqo.com Failed
0	whiteboxdigital.ru Failed mitdmp.whiteboxdigital.ru Failed
257	50

	Domain	Requested by
33	pix.eu.criteo.net	ads.eu.criteo.com telegram-site.com
27	static.criteo.net	ads.eu.criteo.com telegram-site.com
25	cdn.telegram-site.com	telegram-site.com
24	an.yandex.ru	1 redirects yandex.ru telegram-site.com
18	yandex.ru	8 redirects telegram-site.com yandex.ru yastatic.net
14	mc.yandex.com	2 redirects telegram-site.com mc.yandex.ru
14	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com telegram-site.com www.googleadservices.com
14	telegram-site.com	telegram-site.com
11	yastatic.net	yandex.ru telegram-site.com yastatic.net
11	pagead2.googlesyndication.com	telegram-site.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	www.google.com	2 redirects tpc.googlesyndication.com
6	www.google.de
6	csm.eu.criteo.net	ads.eu.criteo.com
4	sm.rtb.mts.ru	4 redirects
4	mc.yandex.ru	1 redirects telegram-site.com yandex.ru yastatic.net
3	www.googleadservices.com	2 redirects yastatic.net
3	cm.g.doubleclick.net	telegram-site.com
3	ads.betweendigital.com	2 redirects telegram-site.com
3	acint.net	3 redirects
3	cdnjs.cloudflare.com	ads.eu.criteo.com
3	cat.fr.eu.criteo.com	ads.eu.criteo.com
3	rtb.nl3.eu.criteo.com	telegram-site.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	ads.eu.criteo.com	googleads.g.doubleclick.net
3	use.fontawesome.com	telegram-site.com use.fontawesome.com
2	x01.aidata.io	2 redirects
2	sync.upravel.com	2 redirects
2	sync.gonet-ads.com	2 redirects
2	ssp.adriver.ru	telegram-site.com
2	redirect.frontend.weborama.fr	2 redirects
2	px.adhigh.net	2 redirects
2	tech.rtb.mts.ru	2 redirects
2	euw-ice.360yield.com	2 redirects
2	dmg.digitaltarget.ru	2 redirects
2	dm.hybrid.ai	telegram-site.com
2	match.360yield.com	telegram-site.com
2	dpm.demdex.net	1 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	yandex-sync.rutarget.ru	1 redirects
1	yandex-dmp-sync.rutarget.ru	1 redirects
1	sync.dmp.otm-r.com	telegram-site.com
1	sync.bumlam.com	telegram-site.com
1	sync.1dmp.io	telegram-site.com
1	s.uuidksinc.net	1 redirects
1	rtb-eu-warsaw.intent.ai	telegram-site.com
1	profile.ssp.rambler.ru	1 redirects
1	nr.bidderstack.com	1 redirects
1	match.new-programmatic.com	1 redirects
1	kimberlite.io	1 redirects
1	exchange.buzzoola.com	1 redirects
1	cm.tns-counter.ru	1 redirects
1	t.adx.opera.com	telegram-site.com
1	im.bluevoox.com	telegram-site.com
1	ssp-rtb.sape.ru	1 redirects
1	px.arcspire.io	1 redirects
1	ysa-static.passport.yandex.ru	telegram-site.com
1	avatars.mds.yandex.net	telegram-site.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.hit.ua	telegram-site.com
1	code.jquery.com	telegram-site.com
1	www.googletagmanager.com	telegram-site.com
1	www.telegram-site.com	1 redirects
0	sonar.semantiqo.com Failed	telegram-site.com
0	mitdmp.whiteboxdigital.ru Failed	telegram-site.com
257	67

This site contains links to these domains. Also see Links.

Domain
indexiq.ru
docs.google.com
youtu.be
hit.ua

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
hit.ua R3	`2023-03-15` - `2023-06-13`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-06-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-14` - `2023-06-09`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-21` - `2023-04-21`	6 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-18` - `2023-05-20`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2023-03-06` - `2023-10-06`	7 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
*.intent.ai GTS CA 1P5	`2023-02-10` - `2023-05-11`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
sync.1dmp.io R3	`2023-01-31` - `2023-05-01`	3 months	crt.sh
*.bumlam.com R3	`2023-02-09` - `2023-05-10`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://telegram-site.com/
Frame ID: A9CDD942CEAC74D30512A9B02DF45A2D
Requests: 88 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html
Frame ID: 069309C4B70E92C753D67C3B30C93036
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2571090897727115&output=html&adk=1812271804&adf=3025194257&lmt=1679275919&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Ftelegram-site.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679275918639&bpp=4&bdt=184&idt=516&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3096634900798&frm=20&pv=2&ga_vid=1670959109.1679275919&ga_sid=1679275919&ga_hid=1127644319&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777876%2C44759876%2C44759927%2C44782467%2C31071755%2C31073107%2C31073127%2C31073141&oid=2&pvsid=3367778397263470&tmod=727374818&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=545
Frame ID: 0DE183BA2E68F3AEEFD1B203EF52805F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6B0DB780C530031B33E6EDE0392773AA
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
Frame ID: 85D4B462231EBA8188C014A709447B59
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
Frame ID: B03BDD5D07CAF6802C0E084FA4BDFD63
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBe3jwADKdMIEd9pAAwe0fkevxCbb6ybO2VGDw&u=%7ChLNqbprUX0lo0P76YI%2BXEVq6unddqE7B%2FyCXjlb%2BZbY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zob2xPiSryBYRseh1QMcVx3i61R_DMGvVu103gQctVstU5G97DXBAj-jXT5pSS3eeR-YRhSWM5_qjmof0iMm8y9smEozFH3M_BHrTTjA-MUfPlDCfwtgdKfo1GB--pwW69-HGqfWcKPNAW6_NBTvRgO34uHpoIz-vIsRKW6QV1keAZObdgBBG4f5QDA0_yZJBSNxGGYXexEdpP95JKsgbmnjIpUeRmetc6MDv-hawWfsrAQ9wzkAWn3E68aoDRvYavpHp0omnq7x4bfjZGhNQ2KSun7PPIEHkLvB4C8MSbN4lGhWHeoD7dbwqzi20KVZPU4Wvk9VW80cAnfTnyeUV-ND9Vo6S9uPnDGcBgrtCKx4t2m2NZ1EYgz2MLlUwqzrdWaS_bB_JvKuTVBh-DGcFgFRM91-hjAIvdO04nBICwawCP6SavCuzjI1w5a8bs-dk9i0w7tMH_M7NN11IWfAVJP9yverd2bpITBUvXZ0WwnEBxwzX23MA-7HtL76ahN5Tvodpvwm-kz_5xhdSXghsROMstqqBV4AADrTqii01YseDJST4YMbg5s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHi_tj7cXZNPTDOm-x_AP0b2w8AzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItMjU3MTA5MDg5NzcyNzExNcgBCakC1WC00sPmsT6oAwGqBMcBT9Co7xtt42KPTuUUrxNrQEdeiKQhJDRxCMmFKv4zrLS2uubJFKRVJ5xgZshQWzZaXtIGQ2jgOhtHG0HkZWEh7ZUqLxTbmQhXIr6hwAaD_KVziqlhhAPkm5EnbcsEs1_Bifh3WDo27ov1AZA_ndgTgYFI90HQIwjDgfZNrlS_98-jgDcCqWNfy9Xlzc-YtGC6xx3M3EpeJoixGfN7-iGefJDf2qHne4M2ACW9EZ97Oh6sJMYM5If0foC4T3gt4VZbMGc2l5ELB4AG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2fLhggry1iziedpxVp11T04XwEJg%26client%3Dca-pub-2571090897727115%26adurl%3D
Frame ID: 70E85A8D60CFE672AF0A984F691644E8
Requests: 24 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBe3jwADKdQIEd9pAAwe0ZPwXT--722rhBAdjg&u=%7ChLNqbprUX0l%2B82b56cYdV7L5o1turKAMMg5EVU76%2ByM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zob2xPiSryBYRseh1QMcVx3i61R_DMGvVrZJG1WFgMqdCLRcNHBBGtHh4n-hbLHjV0xfaz5kjhXbklFN2GIcHTFd3qnowjNy0OsnALNmLIMYqSmjREHSpYgTLO-CMPxc7rYtXk3oDXjO4fMjdJe6q97xMrcK0C-Agrhi7EmFGEb-KJeexbv3TXZhg4uOKCgkyEBakgmkAWQwrXW4edr7v1wkCCTAV6f4VFGOd_H79OdbLdDyw8XsxG1giu92SMfaPkT58az1OvtgVzlvYYN7Bo6LJtBZHruFXdSRBO2vgMY5xu-nygmv_Hcsg37l7mfT_WOYXIfACiRgM7EMUuNALKwH3ZrNypNzpEyeExuEshujJxUg1XvmUc2c0fCKHNYREHIIcPETP6HhwfdPDtV9CYRtMxkYGd-yNBs-lh-vpaAb87I4ZuHtQrg9IOmYExJ3wu6jdeeehLdrgZ8bPqYx0fPrJZxTfvCAucEVoZRAgQwlCFebjsJrBnTg4GMmQCT6U8eiTkbgLY8_4Un7QvulRY-WChS-7yjRIRg5QNc7aiIb-5axYdZM5ecHy0Jjx8T2WQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7HFRj7cXZNTTDOm-x_AP0b2w8AzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItMjU3MTA5MDg5NzcyNzExNcgBCakC1WC00sPmsT6oAwGqBMcBT9AwqwlcJhMseM3pjzfUwVbkmwMy2Gplcmq1vibcoHl-hbwlUyC4VqlG93PpMv0Tsu5ttQhTPo5KCF6T5F3Ek-gUs7OiuPoYXbaduvK6zTBhEdQqPY62tajx7Q1KeVPreZVnAgdlU0xMUIaMJI_y69kRkFwH8sXsVMDgOEYumzncjPdUrEa8u9KNBGTutE4zym3NpdN2LSyR9aaRWLwkFlq83m41ZYLAYW0LFiAIr-Xs8WA5z4UZeP05SUwPcxPzw-2rMMH_ZYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_27_uzegZvRalG8gvOESvfjHJ-1qQ%26client%3Dca-pub-2571090897727115%26adurl%3D
Frame ID: 796F97CD4E2E7F08929A2D66ED79C977
Requests: 24 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBe3jwADKdUIEd9pAAwe0YZFoHrKjXWILJSiEQ&u=%7ChLNqbprUX0nofnigx%2BR%2FXfBKdTXHWts5mPX2dxErC28%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC868MuVCbCghDyn07hiCHM7b4J0C5TF2tOZnjrqXwBvUr1CAavIRAgNRaBxOQtZX-xjKIiTjog3rPOl2niimphG1bl6qTIx_YN9qsRU5OOJoG6tsgbeeqCxZL6DRAlPXO2B-jstR30hnbLyegCIkJYTIpk08bWfQbI5Hrn3WxYyccDN3Ky152pzRJmSPwRLlElVgUpWWvDdVXpZEWEoMV6nFAC1eZnkLrnfVZ0sHFnXjFZpfxL2prY8jeDHpbEEkWAZDSsKBcahxAIzRa1iQPvhqsB2QK5E2CKMkRje9NYf1ZWTQWP15B3SCLLD4fYdBK6_ZkuTIAjbt8QK2UWuNPUq5IAaKMlQCxof2kfmoFvJQM51eVnXIAADB9jrIyM7lSndxCL5R2LZTS5MowhOknbm-_NZbri2W46sfzUUVRBQKl2KmCDFO30hbIlI4RiuMbG0kfg7zb_fBkh4j1rBkP-kZ_B2m_KsdSwL_gofSNDhKu_RxreKEx_PhNv52tk8ZoX1v6vHoGqklLOgC8rVt6b57-guzvbSiwK31f5zZpQkief3BYzgQDHZbYSb4zspqrJXw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCriEej7cXZNXTDOm-x_AP0b2w8AzJntKxXPXalvdwwI23ARABIABglQKCARdjYS1wdWItMjU3MTA5MDg5NzcyNzExNcgBCakC1WC00sPmsT6oAwGqBMgBT9CPgzt7ibvAcS_T2Rza3b5C24t9PKg6jDmZTwZoW_oTRqIRYh3gmwYMhU93abwdXtpGZPrA6BHoHbwqnIy9q4hcyuSGyvB5EH4xK7CkRKAlYs13onBtWkTBVPOFxlCjtnegZv8IP5zul5KphHKTCTukHTuuXzUJOMBOm7XWrCULo-Xd2gVH2cOTCZngHmTnexrnFeojHz4SSp-CtHJQ4IScaMqYYt_84YEUgNEcjNQb3REpbYi5SXWzTt2L_01yYho2ZPMYb-2ABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_ugTe4AgmYIZRscf91pf_Yzzj5w%26client%3Dca-pub-2571090897727115%26adurl%3D
Frame ID: 6EF97108A0EA31D49353856D95B9D71F
Requests: 27 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: 84CEC9C7137033458AF63F9D7D33EDA9
Requests: 64 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 57099F819B9CC58734E5F6BD6229F54B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 76C4B4A9BC72FF4B36B4299306C195C5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telegram-site.com - Все о месенджере Телеграм

Page URL History Show full URLs

https://www.telegram-site.com/ HTTP 301
https://telegram-site.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

257
Requests

87 %
HTTPS

44 %
IPv6

50
Domains

67
Subdomains

40
IPs

10
Countries

3334 kB
Transfer

6675 kB
Size

64
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://indexiq.ru/product/jbl-charge-5-teal/
Title: 1️⃣Беспроводная акустика JBL Charge 5 Teal для

Search URL Search Domain Scan URL

URL: https://indexiq.ru/product/xiaomi-mi-polarized-explorer-sunglasses-tyj01ts/
Title: 2️⃣Солнечные очки XiaoMi Mi Polarized Explorer

Search URL Search Domain Scan URL

URL: https://indexiq.ru/product/xiaomi-lofans-gt313-1000w-blue/
Title: 3️⃣Ручной портативный складной отпариватель XiaoMi Lofans GT313 1000W

Search URL Search Domain Scan URL

URL: https://indexiq.ru/product/zmi-wireless-power-bank-fast-charge-22-5w-10000mah-wpb01-green/
Title: 4️⃣Внешний аккумулятор ZMI Wireless Power Bank Fast Charge 22.5W 10000mAh

Search URL Search Domain Scan URL

URL: https://indexiq.ru/product/xiaomi-showsee-hair-dryer-a1-white/
Title: 5️⃣Фен для волос XiaoMi Showsee Hair Dryer A1

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/e/1FAIpQLSeHQ3TGppqqcg0ampsoPC44jfTq8dZfx8mcMzgA4nOSQKfcrA/viewform?usp=sf_link
Title: docs.google.com/forms/d…viewform

Search URL Search Domain Scan URL

URL: https://youtu.be/w-nVPHe2pL4
Title: https://youtu.be/w-nVPHe2pL4

Search URL Search Domain Scan URL

URL: http://hit.ua/?x=59227
Title:     <img src='//c.hit.ua/hit?i=59227&g=0&x=2' border='0'/>

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.telegram-site.com/ HTTP 301
https://telegram-site.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9947.1BEqhaOHMRs3_azLVwXYaTJVOVJLD5d0-KdrjbFsZPjP0L-mbnX6j3n3IgCs9cqP.DmTZZAHid8sA3iC9LRx3wDpPRd4%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9947.KE5r6V2zGyB9wQOsccEX8C543We64MEqzpxxo9CAjCebvBGnz27COlwDE3JcvjZMHSHowjDvsGNwt1h15lzlGzY5DoLfUQWOSDgiMbtcwWDmEgsPP95F6ECMAwiSmV7f5pmzSdHWQVlfd1frKJVKWTvAk0HDiFf0aPmMGOH7TR8yLcKYiWsS9Mk0W6M1XYVEEws5a69wuGmScYEktByE31klPo4E8Sm43FnbCsumHyg%2C.OAcqHB2E0giUhArYgKEccYVOwFU%2C

Request Chain 89

https://mc.yandex.com/watch/52667398?wmode=7&page-url=https%3A%2F%2Ftelegram-site.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A467%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A311118967550%3Ahid%3A478523491%3Az%3A0%3Ai%3A20230320013159%3Aet%3A1679275919%3Ac%3A1%3Arn%3A97399462%3Arqn%3A1%3Au%3A1679275919791135253%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C103%2C3%2C64%2C0%2C%2C188%2C2%2C%2C%2C%2C531%3Aco%3A0%3Acpf%3A1%3Ans%3A1679275918090%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1679275920%3At%3ATelegram-site.com%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BC%D0%B5%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%D0%B5%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/52667398/1?wmode=7&page-url=https%3A%2F%2Ftelegram-site.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A467%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A311118967550%3Ahid%3A478523491%3Az%3A0%3Ai%3A20230320013159%3Aet%3A1679275919%3Ac%3A1%3Arn%3A97399462%3Arqn%3A1%3Au%3A1679275919791135253%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C103%2C3%2C64%2C0%2C%2C188%2C2%2C%2C%2C%2C531%3Aco%3A0%3Acpf%3A1%3Ans%3A1679275918090%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1679275920%3At%3ATelegram-site.com%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BC%D0%B5%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%D0%B5%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 124

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389 HTTP 307
https://an.yandex.ru/mapuid/arcspireis/cd8d1536cfbcf79555b257

Request Chain 125

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D HTTP 302
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=3203420A90B71764400002000219E616&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/sapeis/1303420A8FB717641F0F8E2002907C18

Request Chain 126

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/fad36d67-63e3-524f-83b8-a583e7af120c

Request Chain 127

https://yandex.ru/an/mapuid/adobedmp/ HTTP 302
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=FD3D49BF6D6E5 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=FD3D49BF6D6E5

Request Chain 128

https://yandex.ru/an/mapuid/azerionis/ HTTP 302
https://match.360yield.com/match?external_user_id=EC86FAF9BE4066E2&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 130

https://yandex.ru/an/mapuid/betweenx/ HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=A62BAD86010A9249

Request Chain 131

https://yandex.ru/an/mapuid/blueseaxcom/ HTTP 302
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=73D10E1C1FA8F46A

Request Chain 133

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=D1F6E66CD55EA901&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 134

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=D1F6E66CD55EA901&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 135

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=D1F6E66CD55EA901&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 136

https://yandex.ru/an/mapuid/operacom/ HTTP 302
https://t.adx.opera.com/sync?vendor=60143&uid=479D998822CEAEB4

Request Chain 138

https://cm.tns-counter.ru/yacm HTTP 302
https://an.yandex.ru/mapuid/mediascope/22f251cd25966ffb46cbf667d4b6835914cacf9986b08a8e0760c0b304313296

Request Chain 141

https://dmg.digitaltarget.ru/1/119/i/i?i=1679275919 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1679275919989&i=1679275919 HTTP 307
https://an.yandex.ru/mapuid/dmpamberdata/-rt18FwNc3AkmuB7AxAa

Request Chain 142

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID} HTTP 302
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/azerionis/f3058aa5-842a-48db-937a-818497687288 HTTP 302
https://match.360yield.com/match?external_user_id=f3058aa5-842a-48db-937a-818497687288&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 143

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D HTTP 301
https://an.yandex.ru/mapuid/buzzooladspis/45cb92e4-dd27-484b-439c-7578b64cf601

Request Chain 144

https://kimberlite.io/rtb/sync/yandex HTTP 307
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZBe3kB5ZUfA HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZBe3kB5ZUfA HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=5a15153b-b26d-42d3-b226-d77bd463cb1c&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FWhUVO7JtQtOyJtd71GPLHA%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D59%2526em%253D0%26sign%3D3712224630 HTTP 302
https://an.yandex.ru/setud/mts_banner/WhUVO7JtQtOyJtd71GPLHA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=3712224630

Request Chain 145

https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
https://an.yandex.ru/mapuid/targetrtbis/

Request Chain 147

https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/ HTTP 302
https://an.yandex.ru/mapuid/hyperdspis/0bda3ea5-9c1a-4fce-80d4-a9b629560cf7

Request Chain 148

https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 149

https://px.adhigh.net/p/cm/yandexssp HTTP 302
https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
https://an.yandex.ru/mapuid/getintentis/uMFE0tPSNxFO.AikABlGG_KUMSg

Request Chain 150

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=2646436437 HTTP 302
https://an.yandex.ru/mapuid/dmpweborama/TRInDeoWo5O0QeK6m0PVAO

Request Chain 152

https://s.uuidksinc.net/match/501 HTTP 302
https://an.yandex.ru/mapuid/kadamis/JZUBsnPprOOjCuAKdtBc

Request Chain 153

https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=629c7a4c-f4dc-4454-89a8-067f19220c7a&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F629c7a4c-f4dc-4454-89a8-067f19220c7a HTTP 302
https://an.yandex.ru/mapuid/mtsdspis/629c7a4c-f4dc-4454-89a8-067f19220c7a

Request Chain 160

https://sync.gonet-ads.com/match/yandex?id=[buyerUid] HTTP 302
https://sync.gonet-ads.com/match/yandex?id=%5BbuyerUid%5D&chk=1 HTTP 302
https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

Request Chain 161

https://sync.upravel.com/yandex/sync HTTP 302
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://an.yandex.ru/mapuid/upravelis/76c52da4-b8b8-4223-ad51-03fe300356e2

Request Chain 162

https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/3tDwKX1AvOW1na%2BkxqN5dg?sign=2708363533

Request Chain 163

https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/dmpsegmento/CHFfOTNfU0Sy?sign=2782570760

Request Chain 164

https://yandex-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/rutargetis/KCokZHP8Q90k

Request Chain 238

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=kbcXZMm1MOqolQeLrrHIBw&random=959007550&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=959007550&crd=&is_vtc=1&random=649835969 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=959007550&crd=&is_vtc=1&random=649835969&ipr=y

Request Chain 239

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=kbcXZKXxMIOt9u8PlNWeoA8&random=193486907&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=193486907&crd=&is_vtc=1&random=3262083458 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=193486907&crd=&is_vtc=1&random=3262083458&ipr=y

257 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
telegram-site.com/
Redirect Chain

https://www.telegram-site.com/
https://telegram-site.com/

50 KB
11 KB

276ms
103ms

Document
text/html

2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.1.33

Resource Hash

34ce876583f04fa14d048586ed11c069111c38f4508964193a53a3c6dfec4d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7aaa32d98eb73687-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 20 Mar 2023 01:31:58 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0%2B5Q83AnoWyZVtF6Rnz9X1NQ173Ib%2BQteCyf9eyAfwBLY8DDhkEJKl4kJEsZ%2FkJx%2F5%2FlfOTDyuf9JzzEI3FA7rV829i2sTXvDRGtQiWs10InnPxYFEBdcpxHosImUUPA8maIcOm4Lm9Mdv8uPCJaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
x-powered-by: PHP/7.1.33

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: DYNAMIC
cf-ray: 7aaa32d84dbf3687-FRA
content-type: text/html; charset=iso-8859-1
date: Mon, 20 Mar 2023 01:31:58 GMT
expires: Tue, 21 Mar 2023 01:31:58 GMT
location: https://telegram-site.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OyXH9ZCx5XJiaZ6N4r34T4jcD9GgOw4P036xIn7dbaCyOwnOr88uQDK9hjdGd8I4%2BjW7XIpjNjN%2ByIDpPII6FlJh8QwaxMPUiFcjlKCieMcgPsXjJPQTs8UIovClfMsqmPJ0PGbOuW9WMkdT0zHNMursQos%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000;

GET
H2 200 bootstrap.css
telegram-site.com/assets/982330ef/css/ 119 KB
20 KB 17ms
16ms Stylesheet
text/css 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram-site.com/assets/982330ef/css/bootstrap.css?v=1641213208

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cd8bf6a27c4b10e29b0bc5ba881979940b1a6e5ac6e2e954a9551c8067d7e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1452343
cf-polished: origSize=145933
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 03 Jan 2022 12:33:28 GMT
server: cloudflare
etag: W/"23a0d-5d4acba4556c7-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIxpOMZM3hawz%2FMdy5ZGIyYW5HnsTqKsVayWIKp1icM8H338kCFSmnx29cqX3xNQszQAtkepGuoItwWTXDLyytBFC%2BJgSXAnXZkShtLFsHZUsQVlMXHG7fsW8mLScL14TqCBl%2BzBWnLQ8lAWGlneVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7aaa32da5f543687-FRA
expires: Sun, 02 Apr 2023 06:06:15 GMT

GET
H2 200 site.css
telegram-site.com/css/ 37 KB
9 KB 19ms
18ms Stylesheet
text/css 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram-site.com/css/site.css?v=1672212538

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc7ca579dcf3b4adb65c4c351e5d125ff8abbb3dd274eb37b39a858f994cdf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1452343
cf-polished: origSize=48816
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Dec 2022 07:28:58 GMT
server: cloudflare
etag: W/"beb0-5f0de525eb055-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAr8vkD7dKRCCgZKRSFegSmCnVOOOiAJHdg7walFmyZmsIggfXdtbAs0VfoGfWQr1MWaPGVZR4YT%2FO8doKJt1S8skS9ycy22K18uOX1sthmqjIm2EoAyIbK9s7PztEjpMGx2Oo3uarBJQODj3ht6fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7aaa32da5f563687-FRA
expires: Sun, 02 Apr 2023 06:06:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
48 KB 79ms
44ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2571090897727115

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcb3adabd38f38a3e3e38dde7def374beae3cf25538f1689a62a344ddf64f213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegram-site.com/
Origin: https://telegram-site.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48662
x-xss-protection: 0
server: cafe
etag: 14405752623738522507
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 01:31:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 47ms
20ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-126131317-3

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1fb6261205bd5fb7326792fee2f732b212d3de67e6fb4f61aa6db05049d04d6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44686
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Mar 2023 01:31:58 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 282 KB
84 KB 195ms
68ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

3fa5a0225082a13e7e8975d598ff69cd4c22d4719d4896f1f204ca69c97d27a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1679275918630244-18203500586024387057-sas3-0998-46d-sas-l7-balancer-8080-BAL-1799
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 20 Mar 2023 02:31:58 GMT

GET
H2 200 channel-sexytalesclub.jpg
cdn.telegram-site.com/images/channels/7/3/5/1/ 20 KB
20 KB 81ms
68ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/channels/7/3/5/1/channel-sexytalesclub.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcc286dac5597e827827c5d09c7a3342a310879c28ce2c58a1c46486f91fd8d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 11 Jan 2021 18:31:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5ffc9969-4f9e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzaqrAytT%2F031yqpnmBE%2BuG6ToSBfF%2BBjPJ%2B%2FvEHADCx4PVbTa3c6F586GiKZinhFJ3evtSLhK4lCjI537CQA0%2FgQYbGloO%2Bhkc8MWF%2FhqrZ4CTIfkk%2BWQghkRmP5Ek5GTazNp6d2%2F5egZDqBx9BJqiw1lg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32da9f8e3687-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20382

GET
H2 200 channel-mangalib_club.jpg
cdn.telegram-site.com/images/channels/7/3/5/4/ 37 KB
37 KB 82ms
69ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/channels/7/3/5/4/channel-mangalib_club.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c756c30458696b4fe2cde63c3bbcd4b80aae000471d46147e1c683aeb9c39f39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 10 May 2021 18:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "60997d34-9202"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmMN8GAWq4jOerASMqNChOXP0KVM6bPGujM6VZ8uzrnYsDwDa2O316RmV1cQvoWmaOFv6ENnoFPTrLEQdOt5Ug45GrMP9UBEM4ZiNKaX08QdUnZBeF%2FeauAiQ1m8yB81ddGUdQFqp7dZEvtqTy8F1Iwaxsw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32da9f883687-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37378

GET
H2 200 channel-pornotalescom.jpg
cdn.telegram-site.com/images/channels/7/3/5/3/ 41 KB
41 KB 26ms
13ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/channels/7/3/5/3/channel-pornotalescom.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66918529dbeae81426179f3d932899daf2f179d4d465a9a3a31fb433bebb51d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: HIT
last-modified: Sun, 31 Jan 2021 14:34:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4640
etag: "6016bff5-a28e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nq2jc6wEfwwm%2FvkxVhlciVMxs1jXGOAlAO9tj0RWKNLtSgpPb%2Baeuxkp%2BILG6rUPGWfiUuUaTJXUDbKl8hpGwJVVPAst8CWAL3FQVqrh%2BlCrKE1bFg3crZ9ph43eJZ6lZ4GeWNecmWfyD0CO%2BI1PlTp3Ez4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32da9f8d3687-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41614

GET
H2 200 channel-mir_audiobooks.jpg
cdn.telegram-site.com/images/channels/7/0/6/4/ 21 KB
21 KB 92ms
79ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/channels/7/0/6/4/channel-mir_audiobooks.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cd27089eae3bc5075ea8cdb62f5a82e33ce3d63227e8697a9a1212ef35ee7db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 04 Dec 2019 09:44:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5de77ff3-5413"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eanmnkU%2FsslxxUMz6gpFN5mN%2FzXEsbb8TyuO7BU7NgNhId022d%2FJO9yDzuvYuk5tBaTjBJZJfYIvRH2IEhy8nK688rvgU3RSybwFT6cslfKsFBVbWbsHpFPYdD%2BPuXiivBNXhFbC%2BQoeclkp6xhV2F5FoJw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32da9f893687-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21523

GET
H2 200 channel-mir_literatury.jpg
cdn.telegram-site.com/images/channels/6/8/0/4/ 25 KB
25 KB 69ms
57ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/channels/6/8/0/4/channel-mir_literatury.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c24579f96ec01ba55d27f13b2e7b261861707fc735a5a4be6d3e7c74a16b69d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 07 Mar 2019 15:03:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5c8132d6-6309"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRU7wPTkKtDkVUcvzmtKT0PXRGsE6KHhJGXnHfm%2FZQc%2Biwd9UGHgk7M8Jhji7J4GQI5rVsDLAXObdGyb1zdeMz8JAWpG7QFlOXV7zFEE8XM9FCjnJY4Mz93C68I6JMVB9dMAd74Rdx0SVbJAendq950xoi0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32da9f8c3687-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25353

GET
H3 200 channel-video_smeh_tut.jpg
cdn.telegram-site.com/images/channels/7/1/0/7/ 15 KB
15 KB 64ms
61ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/channels/7/1/0/7/channel-video_smeh_tut.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2549593dee3a460761aa7094f3b13ef9a75375561a8fa9f21fa11ffb56a4c465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 15 Dec 2019 20:30:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5df697ca-3b98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qs6%2Bsj86xh%2F1qfP22SNt17QBqxkp0N9jTqdsPS16ciW0OkzerfCNn3wXv%2FQznnqr0DarQJZoCTrS4UWUurLd8zJTndVpypRKzTR5C0dfb1ntIDEuKJe3hWOafmLO4wIxxgqiCLHlREMtSgiq8YEZVsCIlHI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32dabb5d362c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15256

GET
H3 200 channel-pozdravunchik.jpg
cdn.telegram-site.com/images/channels/7/2/4/7/ 16 KB
16 KB 70ms
67ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/channels/7/2/4/7/channel-pozdravunchik.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba3cf9987abed00770997047bd98ba474d72c6e0fbb0f27ff2b1735011bab8e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 13 Feb 2020 07:10:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e44f64a-3e75"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xu51fyoE6KPaD7EE%2Bw1uDRtmb4fRYfwPt6K7ANjAkWYSybZAYdFwr45PVhRoTmVunP7H1pstq8fWAaDsp7DvYFOBuIOA5PE5BUe5au0610YR9K5kLER2H%2F07z1QlQH1rlH8eDquAwpubl52xn9zM7nxOOLU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32dabb5e362c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15989

GET
H3 200 channel-fak_tu.jpg
cdn.telegram-site.com/images/channels/1/2/3/0/8/ 3 KB
4 KB 70ms
67ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/channels/1/2/3/0/8/channel-fak_tu.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fb23bc38ebf6bec45057e479098e3ebeb1138ab3b8944fb53971fd9c8d0c950

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 16 Mar 2022 21:10:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62325257-ccd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUb0Kd9MD7%2B0aSklAtm8F4ELaK0zIbiQMYvIARmqcyBmk1H332oBa%2FE6E1wkzXeUngfZM2TmkE39BgelChv7rTF3nTZueDeTwrxiBeXUK5wh20z3yc%2FPDuwy%2BJ6pNS8WblRjyszZjWnQrJVwQ%2BAWAlRvMm0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32dabb5f362c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3277

GET
H3 200 channel-AvokadroNum.jpg
cdn.telegram-site.com/images/channels/1/3/8/5/9/ 1 KB
2 KB 89ms
86ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/channels/1/3/8/5/9/channel-AvokadroNum.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42fc8e23359986d6bf5b00afef7b60a913fa5cbcd734952b4e710f42243f083c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 04 Jul 2022 20:05:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62c34802-5b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcs2m%2BQCJ%2FHwcbC2AqfQRH5m3lF2k7rCJPXmLeOJs%2FByOMeHnN40Up2P9cOmh0xUCE%2FZtmy%2FoBtIfTJdgmXQ%2Budn%2BVr7u29aNf8rwB1kSvg%2BfQGDhl%2BEkQoX73nJ5efgwa72HmXf3JHEyAAilyMZAylKZkE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32dabb60362c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1464

GET
H3 200 channel-index_iq.jpg
cdn.telegram-site.com/images/channels/1/3/8/5/8/ 2 KB
2 KB 91ms
88ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/channels/1/3/8/5/8/channel-index_iq.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d68bcbbf40aac5e4160b561c95b4cb4fcb4108d4442b5ae618911a4a3613298

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 04 Jul 2022 20:05:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62c34802-6bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8K7MLC0jXn3SIX4WfdgvgVPm8PAtT85%2FiaKWtaiGFr5vVp%2Bi352Aq15KXjel4jklNwRjWRYm4EcETQ%2FTeFZT7ns08%2F6Kb%2Fx4fRdTWe0GrSjgFUHnfG%2FwI9C4c%2F6C%2BEOJABWkd2c1CZQJUIRl%2BZWA6yteKgE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32dabb61362c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1725

GET
H3 200 channel-bard_four.jpg
cdn.telegram-site.com/images/channels/1/3/8/5/7/ 3 KB
3 KB 90ms
86ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/channels/1/3/8/5/7/channel-bard_four.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68442626abc66fd5ba5431778dbec37c3a4dbb75c2185ce4b3953e391d1bb359

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 04 Jul 2022 20:05:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62c34802-bf1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkeqTccWuboKQ1XZ5P%2BbqhHSchQA3kwH%2Fx54FOTTuqSsPR3M79%2Bz2EkY98ZUhxAlyzK4lsJ5SV63betcfQvj%2FkTwZiu1m83JlwwM4q0ENytbjifQouFGWmagIAlp9p6PFVxX%2BvZxrkR5wkZS9ZaYO%2BI4EIE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32dabb62362c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3057

GET
H3 200 channel-marillokelhere.jpg
cdn.telegram-site.com/images/channels/1/3/8/5/6/ 4 KB
4 KB 71ms
66ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/channels/1/3/8/5/6/channel-marillokelhere.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e265d221d41ada3c2650940cbb8c76b4673daec181ba89a2c2a025f8f7088119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 04 Jul 2022 20:05:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62c34802-e75"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgIFZr1Y9w%2BhTNmfRiL2zO3bFOSnp%2F7AwLlXR9%2FDooikfcojZ%2Bg33U4T6S863yyEkQH4l126xy46m4w6ifswCIzwuNbGkJv%2BnXvDnrARc0K94tYnamLl9FfQ%2Bewr%2BcAMvyd7%2Bxhtdzo%2BLaaBUkfKiSv7PAA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32dabb63362c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3701

GET
H3 200 channel-chertilavideogames.jpg
cdn.telegram-site.com/images/channels/1/3/8/5/5/ 3 KB
4 KB 68ms
64ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/channels/1/3/8/5/5/channel-chertilavideogames.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f30fb0d9eabbfe39cc68974e536671d66fb9ded0e2fada1e317c89c255c3e035

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 03 Jul 2022 20:05:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62c1f6a3-c46"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IoefIjzadeyCs5RJZkdWIyGYg4jSrfS8gIkyx7f%2BdWzk6UMt0woEs%2FYWD3HamMkB9SzIndt2v73O6UJcW4cAykaIs9pwFTgVyUR8bqSaYyA0xzggvocgPfDnzVKf5VwA7DHrqcfL%2F0FolQ1M1LbtIQ2gTrA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32dabb64362c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3142

GET
H3 200 channel-kino_pro_best.jpg
cdn.telegram-site.com/images/channels/1/3/8/5/4/ 4 KB
4 KB 90ms
85ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/channels/1/3/8/5/4/channel-kino_pro_best.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00727b44f71be0b22cb1e67b71e026e28270c385070ab1aab034ba905843b133

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 03 Jul 2022 20:05:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62c1f6a3-f24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8EJiGToiGTKKBBa0iDDOcGhPGZH1TlT8777CeiniqoEFrGjn9BGRLW7kX4Tp6IxqpxXJkpZ2edk9IO0OBpt6zTp1X%2FboQ2hNCNdp%2Fgjt63EzrV8HXGV%2B6AdMa9GpGuI99ZJ4%2BrrC5UzNNOyOPJ0DrDXzjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32dabb65362c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3876

GET
H3 200 channel-kuratortut1.jpg
cdn.telegram-site.com/images/channels/1/3/8/5/3/ 2 KB
2 KB 71ms
67ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/channels/1/3/8/5/3/channel-kuratortut1.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b50c8b73033551506ff8b052e17ad186fec5f444c6a3e5fd18b18e2eb1e40b63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 03 Jul 2022 20:05:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62c1f6a3-73e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gTnH15NB6SsaSyxFLrNiCpbvtWHNNbwRJ%2F0JMFR%2FOcgC15aK7GIlMXvwMmxm6gPOnaIVcrMX48ps8CIJZHpixCN734DPFaWW14mVguWNevMRSCx7YXfZXisqlNvIA2Q595Bl7%2Byeydovih9Aaz9FRvWCRSs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32dabb66362c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1854

GET
H3 200 channel-psiholog_online17.jpg
cdn.telegram-site.com/images/channels/1/3/8/5/2/ 3 KB
3 KB 92ms
87ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/channels/1/3/8/5/2/channel-psiholog_online17.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb17d5844b4c4dd0a8689c5eaf5dd4b54781c7acfa65858bedf7f6a02798d722

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 03 Jul 2022 20:05:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62c1f6a3-ada"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjLahDnL0Z%2Fs3Cs%2BQm1EHquj7JvP21%2B2SJjhJMRN142jIAyNHWaFUeGHRTl%2BLfXI7vRnY6XGWV5y1lurC1pjylvCJrlkaJozhuUO%2FHKnn3uz7zJ5gIGVsZCmtUY76zLC5IykIR32IFxCu%2Blb%2Fgl0yg52e8o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32dabb67362c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2778

GET
H3 200 1.jpg
cdn.telegram-site.com/images/stickers/1/5/9/8/ 60 KB
61 KB 80ms
75ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/stickers/1/5/9/8/1.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b66c6d2e52976d7d0742d448b5a74a91721356d0c6f9f0214449c60855d987b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 28 Dec 2022 10:43:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63ac1dd5-f1d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QnPEruGCdc0YDkUhcfqJUe074vdAtDf6862gvvM4IgaQNMOXojyN5Mm6RSEMaEdOyeNvxMUL6L3gzqDoZFS0Ux124BcMJAKA9iso0QYm0NisIijs%2BkZQ1TE5TaJrT80ZrAo21SYnQleHk%2FP2z630dwFRmTI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32dabb68362c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61912

GET
H3 200 1.jpg
cdn.telegram-site.com/images/stickers/1/5/9/7/ 50 KB
50 KB 61ms
57ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/stickers/1/5/9/7/1.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5975a149a056c90e4c51535430c08cd4b45c32a9e2dc9c21e45ae797c91a09f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 03 Dec 2021 16:23:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61aa446b-c7d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mu%2BxbXvrV70eu%2BQBDS9Vwop3I3dKuF0N%2BAObj5gyOE9NSa8MBicw6LiBakrfehVgxeACBh9e%2BjFCkBVNuN7fWcsfdvcU67kcc9c%2BeqvA4%2Fn0ExwHwWCKguqhDutmTRZBfC9wUu53xkuuPHK1vtH%2BjcQs4cE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32dabb69362c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51154

GET
H3 200 1.jpg
cdn.telegram-site.com/images/stickers/1/5/9/6/ 24 KB
24 KB 72ms
67ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/stickers/1/5/9/6/1.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe1394a00035ea53a91634a2cf5a39eb319b22a4abb203453d00aa9dc122cd51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 03 Dec 2021 16:23:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61aa4465-5ffe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ilvBKKQi84EWNbiDBIOrDaiiX49qIwosry9l%2BtkC11z6RHve%2Fc54SattV3R7qrUImIqC0%2B9RpsCRAfCHPwtzay5aKb2w1TDc0dCgyTiObUMje4AosEgleovH5Mt7v9aj6eEbL%2Bwext90FjEYqaZRMIZR2lQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32dabb6a362c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24574

GET
H3 200 1.jpg
cdn.telegram-site.com/images/stickers/1/5/9/5/ 55 KB
56 KB 92ms
88ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/stickers/1/5/9/5/1.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 620879f7083ad0effb67a8e59951525a664f86c1624a5f3d3e9ab184f109d669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 03 Dec 2021 16:22:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61aa445f-dd34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPCdMGzBm3Fn4Ad8tRlr0344O0dcdsb2OPkjWyWOZbmm13AU8iw9XvwkDFJ9GcbZV4SbiPvxnDfDD11777Rq6WBqJyjJ%2ByNM1Yaszi5lDdfBriMJIgN2xawkh%2BNtTwz8X6tXznif1bMruf%2F22IWxQmzSBlA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32dabb6b362c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56628

GET
H3 200 1.jpg
cdn.telegram-site.com/images/stickers/1/5/9/4/ 86 KB
86 KB 65ms
61ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/stickers/1/5/9/4/1.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbb22f202246a19d9141d95e44a025527832f3ae8739842e755358fd34c02510

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 03 Dec 2021 16:22:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61aa445c-156ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2iRX0I02ICpwWzhT%2B68%2F156C0Dns1Fn4XRaNn3aWCh1Izoa3hJAkhlqqZxDYk7stP5I8EteV1mZL6cN4%2FuPCocdz23xQt%2BPNKtjUW%2BpJVzgPchS%2BjFKc1Tyu8wdb0DbjdrCifzu5R3QGWOziqoyyowBPQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32dabb6c362c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 87789

GET
H3 200 1.jpg
cdn.telegram-site.com/images/stickers/1/5/9/3/ 40 KB
40 KB 96ms
91ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/stickers/1/5/9/3/1.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c47415a8c0b792e981a96b266d9d33ec1cbf26d5128e0c319e3dd1a3d6718d7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 03 Dec 2021 16:22:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61aa4458-9e48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tc7FFlkAloCJgWGsP2U7JtHALAB5r%2BYBvUSn4dpay6odBdCvIq1IV9OmCH0o33a2lAM7foRP0DxkYiabeak3tbvYIoDZgUeAgW6gwI%2FwokscNkaanZ7en7PnqBJz4hh%2BB9LKqIYOyjxEWYMarRMKkiWAMkY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32dabb6d362c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40520

GET
H3 200 channel-nichego_li4nogo.jpg
cdn.telegram-site.com/images/channels/1/3/3/9/2/ 3 KB
3 KB 82ms
77ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/channels/1/3/3/9/2/channel-nichego_li4nogo.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31d532eeed2d330a3edefe3f8f60f0914e4029ac13e2b429ddb0be3224db690d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 12 May 2022 20:06:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "627d68cf-b2f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cIBXFs4vUMlb22CiHL8EWtXQPZ%2BjEOMtmbJUQfVEbKsOdWW1qwAvKgqIU7jqy%2FkhKXJMPQrWfa3k4SxyZCPzC1S6tEwK1ZLYnPwzRLPHsbQAxHksInY2HkWhJaWtoi7pUuqV1ysQyBsjCtfgxJ4UszjnZDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32dabb6e362c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2863

GET
H3 200 channel-rybaaadori.jpg
cdn.telegram-site.com/images/channels/1/3/8/5/1/ 3 KB
3 KB 85ms
80ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/channels/1/3/8/5/1/channel-rybaaadori.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78a36e889cf516b757621095bb9efa06b6604eb2a71e0893eaaaf007216e4a64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 03 Jul 2022 20:05:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62c1f6a3-a79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GpGEqG%2FqiZqdm3qjOEvSl9wQlyzbqwkDoYf8obmDrfGrG7diSEM%2BT2qAEbNl%2FRT2LClHQUe%2FZ4lkx8RA0wT9pIeCpp8wwpEGKuEu5fo2nDEuQxygk662TygI1C5SMU5Xsuhe7vCWnPf9B7%2BRRVbC01mpR0g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32dabb6f362c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2681

GET
H3 200 channel-edisonfamilia.jpg
cdn.telegram-site.com/images/channels/1/3/8/5/0/ 3 KB
4 KB 87ms
82ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.telegram-site.com/images/channels/1/3/8/5/0/channel-edisonfamilia.jpg
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd19c79bf0b4b348418971e7762d2d1d954de992d1d75b6e29299beaa7ec8736

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 03 Jul 2022 20:05:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62c1f6a3-da0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9XpmhNzPr8MpsEIyFOJ9AUQTxl2%2BejoctHq%2BmoxBMiGPiB7sr9h9VDCfRVOik0bnOKSXF7JZaeHd25witj13ihigYUy3B%2F%2B4h42goDLaxP%2B%2BXl6obQtly%2BcoU%2B1N3AvqGs%2BvzXiTuSfAWPQgTKq7EmeGi7I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=72000
accept-ranges: bytes
cf-ray: 7aaa32dabb70362c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3488

GET
H3 200 email-decode.min.js Show response
telegram-site.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
8ms Script
application/javascript 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram-site.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 22:56:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6407c11e-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1q9LZxhYd5e5T8dnpWHLXRpZdM0HbR2dkrZIZ6x0i6OL3wBVHA4EbX9BtU54MceAaPcfZXOMw%2FNXxi6wH0ggPQXsH3jhSk3QP6FOPjCbGvRxttvPqyQVN8tXgnQRdSa0FCeKh9GPX5eWEgDl1Maz9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7aaa32da7b2c362c-FRA
expires: Wed, 22 Mar 2023 01:31:58 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
29 KB 40ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer: https://telegram-site.com/
Origin: https://telegram-site.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-14e4a"
vary: Accept-Encoding
x-hw: 1679275918.dop222.fr8.t,1679275918.cds270.fr8.hn,1679275918.cds140.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29811

GET
H2 200 all.css
use.fontawesome.com/releases/v5.0.10/css/ 36 KB
8 KB 44ms
16ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TMQS3MPZ4SVB9PPQ
age: 2039032
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: YZnA6KoycVTuD1ojVTx0ib1jo1cVVXgHJetkNiupUFBD/eur749pSPXsHxF5xgG9ArO6AyDjPLM=
last-modified: Wed, 30 Jun 2021 15:26:49 GMT
server: cloudflare
etag: W/"d1acb8ad33b1526acbfd3f0028b859b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLvemhMh7RpWg2VuqizrGn8JzKzEk9SSjlC1GI2q3Yu0RN0ZQc2Wqxos1MXZ5OamrkN9G6H9K7JAQ17D4ufu2OJjtywksQB3alh02t5lZIP6IsAq7JjYnzS0xgiiwGwSGO0guU8IYeLqpsW%2F%2BwuJVOoT"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7aaa32daa8149b43-FRA

GET
H3 200 jquery.js Show response
telegram-site.com/assets/9d550eab/ 141 KB
42 KB 23ms
20ms Script
application/javascript 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram-site.com/assets/9d550eab/jquery.js?v=1641213208

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62b46a88093ca9336d141c098421d901b0dde9be7a60fd9dbe962da0a91f5980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1452028
cf-polished: origSize=288580
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 03 Jan 2022 12:33:28 GMT
server: cloudflare
etag: W/"46744-5d4acba452bcf-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sllkR7qNDo2pvaY92061CA46jw6fAl1F%2FHJDtkKxvqL9L3%2BVXFHH7evlJad5c6CUSr3lY0gqUBKEuCqL1jtJ5UAZeaQNgzk%2Fwa9ZXQYbFa2CmgUsSC%2F2ttMR0JI%2FzLZKqutP1POMJao2mp3Ghk1cag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7aaa32da8b36362c-FRA
expires: Sun, 02 Apr 2023 06:11:30 GMT

GET
H3 200 yii.js Show response
telegram-site.com/assets/7122dc3a/ 8 KB
3 KB 16ms
12ms Script
application/javascript 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram-site.com/assets/7122dc3a/yii.js?v=1641213208

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8829956a7dc32483c4f0dca9ad5d05f91acf91b5444b0ea7f3ead22a4d4af9df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1452028
cf-polished: origSize=20934
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 03 Jan 2022 12:33:28 GMT
server: cloudflare
etag: W/"51c6-5d4acba4523ff-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lIPSOvxpZO9esgRLT62wlOlimswnoyj2ZH7PCXRQBfLBuplNtB49f%2BbwWLn3skGZfCsTqZ6rJdmvtBuFC%2FiWUp9wuvTftARmEGePLrUHbjEoRkClpgU77LpbIX7nKvryvM5b3m2fHgAxgqz2z4GOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7aaa32da8b37362c-FRA
expires: Sun, 02 Apr 2023 06:11:30 GMT

GET
H3 200 bootstrap.js Show response
telegram-site.com/assets/982330ef/js/ 50 KB
13 KB 36ms
32ms Script
application/javascript 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram-site.com/assets/982330ef/js/bootstrap.js?v=1641213208

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1452028
cf-polished: origSize=75484
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 03 Jan 2022 12:33:28 GMT
server: cloudflare
etag: W/"126dc-5d4acba45acb8-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TybaG71Dydg%2Fg7GrmHOsBwQyCOEkNWiVJLdKUqtEH2vrMxSxfG%2B1ErXrcyEHEg9QjyVbssrbv16mHe2WZ2Qq2W%2FhW3%2FCbcsCag6Zz%2B3%2FrtqG%2BhsdBigjl77%2FujKAzAcheL7wKwWifBwfEHfMvV%2BMYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7aaa32da8b38362c-FRA
expires: Sun, 02 Apr 2023 06:11:30 GMT

GET
H3 200 top-logo-icon.svg
telegram-site.com/images/ 342 B
767 B 18ms
18ms Image
image/svg+xml 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://telegram-site.com/images/top-logo-icon.svg

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/css/site.css?v=1672212538

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dda1baa9d7ee54230d7630091b721ff51667bc36436b8ebde72de327f9d04422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/css/site.css?v=1672212538
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1202750
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 13 Feb 2019 14:03:38 GMT
server: cloudflare
etag: W/"156-581c7022f2040"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ThEofgOq24eSQcQ4IRWdhqZI1G%2FLG5uQhlhNu8hoS%2Frle89al0yfOfUK2EFUsyZMXIXEeEQ5k5clN14w9cl5PjuqMDBGcgZcUrQR1gZbm09P9caz6NiohJm4A0itZbtJ6ds8WHR%2FHTlJOXACfO5x8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 7aaa32da8b39362c-FRA
expires: Wed, 05 Apr 2023 03:26:08 GMT

GET
H3 200 news.jpg
telegram-site.com/images/categories/ 31 KB
32 KB 12ms
11ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://telegram-site.com/images/categories/news.jpg

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/css/site.css?v=1672212538

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9ace4d828c6a5722f2be94b36ecddc4df005186a948597cb069494bfff71b78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/css/site.css?v=1672212538
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 201889
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31827
last-modified: Tue, 05 Mar 2019 16:26:07 GMT
server: cloudflare
etag: "7c53-5835b5489e0b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuvbZLQXXJnKdHIgczO%2Fpjcl3DDnbOtPCnvlzA1nBGSt%2B8cRCN7nW1I6U%2FpsBNKi7DrxT%2FumVhwB7GZSfsz3KEzAeZgDfc5bFX1vBa7Gt%2F15Ofpbv2dRlAySWRr3AAdi7gRPXjmjZb9e9M%2BWdPIQgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7aaa32da8b3c362c-FRA
expires: Sun, 16 Apr 2023 17:27:09 GMT

GET
H3 200 blogs.jpg
telegram-site.com/images/categories/ 42 KB
42 KB 32ms
31ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://telegram-site.com/images/categories/blogs.jpg

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/css/site.css?v=1672212538

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d055bf0ad7f8a282709e111aaefabd815053ff490ff29cad20ccafff6bcdfa32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/css/site.css?v=1672212538
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 667500
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42917
last-modified: Tue, 05 Mar 2019 16:26:05 GMT
server: cloudflare
etag: "a7a5-5835b546e9c4f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYQ4xGRN11Fevz1wI78AxoO%2B%2B%2Bol8t2LBum9hB1aDkgi%2FydVdBKH7USw89tYBS415MGvg6JRleJKn3MoqzZKCUYrBWSpoiBM7i6EBH3jzL4LlMEW3hvKwp0DJeUs56pDa2ahoDcAAjU1oZMCCPW3hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7aaa32da8b3d362c-FRA
expires: Tue, 11 Apr 2023 08:06:58 GMT

GET
H3 200 tech.jpg
telegram-site.com/images/categories/ 11 KB
12 KB 32ms
32ms Image
image/jpeg 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://telegram-site.com/images/categories/tech.jpg

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/css/site.css?v=1672212538

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bba5997e3326f224f1522bbce7a12759fe219d356b34f12dafc04ee79dccd4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/css/site.css?v=1672212538
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 935908
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11768
last-modified: Tue, 05 Mar 2019 16:26:07 GMT
server: cloudflare
etag: "2df8-5835b5492ed1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJgm1cYIPpRjMQTSjSoafd86Jv21tNrOYpqbPM2scxGLvB1s5cQD35vf8o620iET0ixjM5RjHyCs4WQXsiNPaevDbtMLA%2FiYnimW4A7vfVEpJbfXQdraEUac4SZPZBSH%2Fv%2FTjJFXRRofyenloTUo%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7aaa32da8b3e362c-FRA
expires: Sat, 08 Apr 2023 05:33:30 GMT

GET
H3 200 channel.svg
telegram-site.com/images/ 1 KB
1 KB 18ms
18ms Image
image/svg+xml 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://telegram-site.com/images/channel.svg

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/css/site.css?v=1672212538

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b9a053f3c13d766e72a76c6df535c824a738d8232ce8e310c86a524c41dc955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/css/site.css?v=1672212538
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1452028
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 07 May 2019 17:03:28 GMT
server: cloudflare
etag: W/"407-5884f32298997"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfCfgzdDMUR6Hm4wVRcAjvsNQcnpQBGiCOKgKYmrRMwN0%2BTJhfW8TU9VqwibiCMoK4Llh82cY3GkcQJSJ1wiNEPPs7ULurwg5rbCEYh5o6Bk7T5YrhmCjY0cOtuqNPQbYvE7zLy95ipQRkyV2v7vCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 7aaa32da8b3f362c-FRA
expires: Sun, 02 Apr 2023 06:11:30 GMT

GET
H3 200 ic_report-o.svg
telegram-site.com/images/ 310 B
759 B 36ms
36ms Image
image/svg+xml 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://telegram-site.com/images/ic_report-o.svg

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/css/site.css?v=1672212538

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4296b96e93ffe4b60dfc5398114305d8d122b2c7896776210a98087d91543502

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/css/site.css?v=1672212538
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1438882
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 22 Feb 2019 09:47:37 GMT
server: cloudflare
etag: W/"136-582787b2e4a07"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQBaaxH5A9CGoTj0HBvUIOECHEYI2xNA%2Fh3eVjMq8IZOfD4I6FkHM%2BITd7bx8A5tn3SUYEYcVKpSY2nCcQiCknpsdo3mrNUgbL25XvWX%2F0vYWYYcL1PLlil9Ri5KlmXXxCoaSODnVxwt7Tn%2BPhtn0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 7aaa32da8b40362c-FRA
expires: Sun, 02 Apr 2023 09:50:36 GMT

GET
H3 200 ic_launch-o.svg
telegram-site.com/images/ 270 B
734 B 37ms
36ms Image
image/svg+xml 2606:4700:3032::ac43:b854
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://telegram-site.com/images/ic_launch-o.svg

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/css/site.css?v=1672212538

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:b854 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca26366eedc297fa6e2c0dd960bdee214b83799c112f5e00e531c3aeba83ec27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/css/site.css?v=1672212538
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1153749
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 22 Feb 2019 09:47:38 GMT
server: cloudflare
etag: W/"10e-582787b3070ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mV2n4lUPxJB6QdyVM7LDpI9AYjMYrmLO2gfoDA5F1Gsrsjnyb%2F1isYGheRebzakuS9DiDo2E8Ini1p44fC2fOU05oY9lgsc3vp5MTrk%2FT%2FSwuCyT2hCcnJwowPW9Kj9vDOAxPHgklnspPHXPauIvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 7aaa32da8b41362c-FRA
expires: Wed, 05 Apr 2023 17:02:49 GMT

GET
H2 200 hit
c.hit.ua/ 43 B
311 B 603ms
42ms Image
image/gif 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.hit.ua/hit?i=59227&g=0&x=2&s=1&c=1&t=0&w=1600&h=1200&d=24&0.8751533515456753&r=&u=https%3A//telegram-site.com/
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.81.35 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="UNI"
pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
server: nginx/1.17.9
expires: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 211 KB
73 KB 672ms
109ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Mar 2023 11:37:34 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6412d54e-11fef"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73711
expires: Mon, 20 Mar 2023 02:31:59 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 43 KB
44 KB 320ms
302ms Font
font/woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a

Request headers

Referer: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin: https://telegram-site.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: WG9FDD8QQCCSTV47
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44068
x-amz-id-2: GzV8wjfytJcrQNQ97OEy/Z008RFmVWlWMvyET79rSw7roZTww3tj8FpbNhBunpQBZRUVvnGrafM=
last-modified: Wed, 30 Jun 2021 15:27:03 GMT
server: cloudflare
etag: "84f351b3972185aed620f78489e48b2d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkhKKc3NEV2PZsHS966r9YGpdM4JNzHBoVCnaYlTclkXTTFWcCETqukMAukyIlAcP0RzQGLAv%2FYCTMhgx1%2FrbSOZO0waUf%2F6%2FGIrxs6dYgPTPcBXQz9SudxehnYvRoxIzOIUvLXc3httRa51JVsg1Dmf"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7aaa32db4982698f-FRA

GET
H3 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 12 KB
13 KB 239ms
221ms Font
font/woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2cdb4f2ed4b585d772068df75c01d0a360d45d27294188fccf5ceb4255fdc83

Request headers

Referer: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin: https://telegram-site.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: WG95P9QWYK0E06N6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12216
x-amz-id-2: Gzr6VLEttaLPbftdi1/s1EDOBXKHSkPjNekPynvJPuafJ76ou/r+8SaYJ8EhEqXwxYiEmKgX09s=
last-modified: Wed, 30 Jun 2021 15:27:03 GMT
server: cloudflare
etag: "12717b4a013de862452c4ffcf4e1c264"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3RjaKrGI6czfYajIxOz%2F1TTtdOpjNnQBddXKCmDlIELRQ0TGHcVjavIeSylg9NRllprtd6RJnf5FzXc1R5%2F47401WAmAxniE5frjBlcMOR1zACkbjf071xVCysxZAAYg8UgDOaYkdt%2F%2FDtsLcrXIjzqQ"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7aaa32db4980698f-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 514ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126131317-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 20 Mar 2023 01:19:33 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 746
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 20 Mar 2023 03:19:33 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/ 350 KB
117 KB 57ms
42ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2571090897727115&plah=telegram-site.com&bust=31073141

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2571090897727115

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

645d4ed84103b8eb3924575a089aeca3a50b874c575b01ecb043d43765ddd37c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119662
x-xss-protection: 0
server: cafe
etag: 1682477186537909490
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 01:31:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/ Frame 0693 10 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2571090897727115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegram-site.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 01:22:51 GMT
etag: 2378337311435320485
expires: Mon, 03 Apr 2023 01:22:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1c0942547d39e10f5f56.js Show response
yastatic.net/partner-code-bundles/740439/ 14 KB
5 KB 390ms
75ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/740439/1c0942547d39e10f5f56.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

f4bce345b803ef7f919e0b6ea6c859e117a5f3eaced263673c8df465e1ba03e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://telegram-site.com/
Origin: https://telegram-site.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4801
last-modified: Fri, 17 Mar 2023 14:40:47 GMT
server: nginx/1.17.9
etag: "0f27d284b228a63c12e8fd65dc82f835"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 19 Mar 2053 08:05:28 GMT

GET
H2 200 2653ae2625bf7646a0ff.js Show response
yastatic.net/partner-code-bundles/740439/ 112 KB
24 KB 405ms
91ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/740439/2653ae2625bf7646a0ff.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ad4b3de6b581bf6aa1ece4849cb2b4951b13600e4773fab72a46643c37113fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://telegram-site.com/
Origin: https://telegram-site.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24281
last-modified: Fri, 17 Mar 2023 14:40:47 GMT
server: nginx/1.17.9
etag: "08e2d8f22ee48cb89e9e22da144b47f3"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 19 Mar 2053 08:05:27 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 414ms
101ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://telegram-site.com/
Origin: https://telegram-site.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 19 Mar 2053 08:07:20 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 371ms
60ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://telegram-site.com/
Origin: https://telegram-site.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 23521d79f7f080d7
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Mar 2024 07:20:45 GMT

GET
H2 200 07cea2bf8567304efc16.js Show response
yastatic.net/partner-code-bundles/740439/ 23 KB
8 KB 407ms
105ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/740439/07cea2bf8567304efc16.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a11f2941badaaa878950e793964a43d1c9ffeefede062e3096210c37aa2c5b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://telegram-site.com/
Origin: https://telegram-site.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7926
last-modified: Fri, 17 Mar 2023 14:40:47 GMT
server: nginx/1.17.9
etag: "d3f56f53f5797e6f42afdcf2496dada4"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 19 Mar 2053 08:05:28 GMT

GET
H2 200 45fed2c61a3e3cf37ba1.js Show response
yastatic.net/partner-code-bundles/740439/ 242 KB
45 KB 407ms
106ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/740439/45fed2c61a3e3cf37ba1.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a8a26fe8323893b23f7b8529a9a9adbb48752033ff3dc373549e929f81de4d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://telegram-site.com/
Origin: https://telegram-site.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 45626
last-modified: Fri, 17 Mar 2023 14:40:48 GMT
server: nginx/1.17.9
etag: "6e62d5dbe288a1be07819fb13acb7ca9"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 19 Mar 2053 08:03:11 GMT

GET
H2 404 2163124 Show response
yandex.ru/ads/meta/ 31 B
419 B 71ms
71ms XHR
text/html 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/2163124?target-ref=https%3A%2F%2Ftelegram-site.com%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C56%3B706838%2C0%2C71%3B735973%2C0%2C28%3B739738%2C0%2C20%3B729110%2C0%2C33%3B734894%2C0%2C92%3B739994%2C0%2C67%3B681847%2C0%2C56&pcode-flags-map=eJydWNty2zYQ%2FZWO%2BppJeQVJv4EkKGFEEiwASlEyGYwSK7Y6vnQcO3Gdyb93QVA2SdtQ2ifTlM4BsHt290A%2FZisslFiwtcK5KnFKSlUwrmitUlzXhM9OPvyYfdte3O1mJzPJWzJ7M7vdfb2lp%2FA%2FQr4fRLOfH9880TSc5W0mhWK1anAriJUhcpPANwykxmlJFMlY9URSUiH1ZlY0J0w%2FwKcpU5hXI9rd%2Fd8T1tAPO9acio42Y20tFSc55STTlLhp7DvznCDwHs8GB1FVW0rKWVkCWy31A%2BFqjWW2ILmStCKKFYUg0s7re070FLO0lZLpY5VsHOvf%2FejLGIeSEHW4JmM5GSG7nI1j9KtkXeJkF6MV4YKyeoSEb8ZhMMYmSeh02LamJcM5MevjahTR25u73QAWeLGf9DCIpRCdyCaYaSIHIJCnIKRWLBWErybC3F1tP13sRkgfeYkJc0HfqQrWWhA6X0hVS%2FuSQegnbgfc4Don7xRvVc4qTGsbLHQiz0eP66WcLWGzsJaac5pbkW4UxujFBRWoV3KaWuGe66Cgg78ntaeKFvS5prlcKFrhObFiAzeInSfsoVhSxnVSOc5pK377RYYN1vs2G1a4XOONsCP9qI9zXjRQmaJhNQhD1xFrxzXkOY4zxgaOHwxqIdPQWtrXC4Gml1LBIMpEa%2FewniLvrLKAJaPIew6nhW6ca11EoM7%2Fw3DYwAqX7ShbvvMyuiSY16piHCoWc4on5%2FZGi4aO00e54ZRxKjcq3UCrIOuGcXvAUIT62jvoom%2BemeBWYOJG8UCRVKgMc86kwlkGWRKWLhEmfui6I2ynYgGSlgsdpgbnOa3ndpIgDMzOu7YPUpabhijfvusgjsJBeiqeQZwETWkJUbMvl0ToVaQehFlJs%2BWR1Q8c3ZQxw1dBgy0oDBeqD1HgzF7NSez1k8Xsoycxc0EyLdSmxJsUZ8vBBLNRIscLfG%2BUjgXpGj5MUiLo3Kp45IYeMnmoyRogBVT5QpVsTjM7Lvb7lgbbLCivtGY5qQ%2BTpuEktTdVBF3Rc0fihanDQUngAmBeQwR0oxQZ1zNFCGvtIzdxg2BEtqCy28mABOKxlMxO5Eee5w%2FdzsTX5KTAkH54UdCaSgJqz5Zgq6yFioLQQWi0PVFhLtWfLWmJJj92vhAhFD66Abng4OMmOyNQwFxLmdbQqCgM4%2FLIriI36qWTYRhJrO4TiAtdkLTgGAxTZx%2FsmYziBCWPvqHgFGjKjTJ4bSEa%2B%2BHG%2BHSpBH1vrSOEEr9P9wAhjnmsZ%2BsmgRM9skDTzjWD1bciFAfIna6sKnCt2L6W5zkm1gNBauPxS6qMUeD6h3KD%2BQ3OG44KolHgVY2h6BqY8QbPrwXP%2BKLYf34KObefAdIUu8Pa0D3DNJkXQt%2FNg2P3AJR4qHcnpiLEkjZK8q4BHmvJKIGriQFPli5Kpu1ursxGj5DEfRW8RtKJa8TxZX%2BvLrf36ny3Pzu%2FfYWuu8GoJUlxqsBxWq9DDoy2USmaal4vQCUDwdQworuGO2%2BhvesLBjTdjNCVvUIj1wn6ycm5Mp1etmBRTKV3ge6aSjtfHLkMApMp1RK%2F33TNQXUGbwj7Mfuyu%2F18Xm1vzvZXsxM3BJt0ef1pf7ETn7cX%2B6uz2Yn3c8QawlwciMC0RfB7Ki21EvQdc7jAh9nldn%2Fx9uYO9vbP9up0dw%2FPf%2Bwvt2e7r6NXZ9vL7s3pw%2B7KfH37bX97bR4v3w7%2BOb3a92818yMDvLjZPlxcP5z3Hz%2FcmL93N9u3V7vvX5994a%2Ft9eW%2Bg358%2BYjDintKrT196KDzEVjrEx9JPCDdadvBLViNrGSTmz9cjcfXa7ihGdHUWILEoMvxed%2FrlMRz6%2BUBJos3aJQFAblygjMJ19cjwNB3vOceidYNeANtkv6jQ4L7MdyQXyUctDLoPfY8PDHxzuKstFcxbvdgfkpaQylhWmpHyMD%2BiyM%2FNjgo9uPJZB8Uf1tDGYClh%2FDhXORL1V%2FnBThYCOw4%2B5ksJ6FMIr8%2FOWCnd%2FLIh4%2FjyS8HUb%2Bb4aDJmNBBh45e5ilsjk7a4efbi7FyEugTpp5hRJlfA5QkFZBIazOO%2FCBO9GD%2F%2BS%2Bl2JQC&pcode-icookie=xTGNZvx4dFHwTaWRFFCLhYyN6fT%2FSHg5PhgBZrP3ZM%2B0OSYwG%2FemS1g68pxlmrJKIcyEXQyJtjZhCHmV%2BqZLAXYdwi8%3D&imp-id=7&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=47828755808258&ad-session-id=144821679275918855&target-id=86136870&tga-with-creatives=1&top-ancestor=https%3A%2F%2Ftelegram-site.com&top-ancestor-undetermined=0&pcode-version=740439&pcodever=740439&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1580%2C%22h%22%3A1100%2C%22width%22%3A1580%2C%22height%22%3A1100%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A1200%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo5NDJ9ChKjoKzkqGmAGKyjh7VV234_O8m6J0psDrOJYuKwHZOJGHqVX_LV9MrU9pyQEvx9DmfrO-XYZmKr2YkTZpMyPCkpt7393m8H9VJQzxBWAvWEMRBjJCIFfJzTiShzYnVuKwggRhhhABgjMSCLLBGdKaZxGK2GyM4Q0mRHDkCX6ANlDqQ5wA2UAyKQBaqAcEFQDAzAL3y8BUi0wLQBLq9NnG3jmeblyAHcQHqBymzjXACzoUTmQL4cZQsQb4WreXIA4oLhLJPSQCMhC_Al5EPziB9QihwoAtnAHBr2Y5mEZCR8tiUk9qXQ_Yrof6x5pReseeKcUrLlqVsZj9GhPyAKpAtPMZRJlw28-T6QObME_oiXkOQLdTPiFIadB_QygLNUkzixoTA9sczrh2gLc8m3tO9VVpAQQ3MtOHPPfU5fh84BzACkAJS6yFyMaOEN0D2-BMFSLk2wBgZ7BidChDAjiy2RMUOIAmxUGXhYMuBVsEd6GZ5nV5g9B4D5J7I9pHy5_R_p7vz-trSQ8IwA5KHJHDrOai2yBIzBvXlzL6r0OQEPSwq8Urs__ZU6UN957n1A2pXU_9QEfe4lyNKaRWQzoOGAACAKHaApwPgfAF5_KCQUecWR7RUV-5d8mVIERC45vAXv9R2MI_tdRgb0AJQA1ABIAez8_VOcXHglN5tGEKh-APUxfRlaXF5JlGBDCAh7HAC7QMAOIecwOQDy4PBfGp7SEwLuiLWa6SNE4AM9A-TgpnKfJ54R1e5BlpyzH4NNe73TLF8Jiq_f_Ht8RIUaXAiYUAIDbHCHtNKFAftkmt2db9SzqEts5fd8BSweKAN8nsFr8h4b7ZKFWKIb3jz1yezjbOEuxvwJ-oJSLc9hgci_Lsj9InJT2MDmhJ9oqWujXAPtqJk5uU_Q5QdI1EYrbWgJ6ZhCs8VqjmzooK5Lw-kFmqbfiwz_rw8wqPqUAawlqGY2My8ZP62fTDzykQI2BOCDAwyAzyhRgwc-CoDJvCy0BhoLMwttFNMzsxisBkvEjPmtgIWrWWWhiQxxNsc0EUTc9JGRwWSlNlhDM3dmCM2GyGyAiFuEW43BEm4bYBb6-pdXLi3dGT-Fi8GLe92z8N678FMv6dJNJNzQTu-nZSQIe4aGp6Jb5sv1AWl9LD85REmhZc17Fem0AJGu4sw-bjRT7nq7RJntI5wr4vr72wtTxFTWy5oifmOAMLnt3Fzip0ESIaQMTfRG93VSmXL61YkmMhojM11k8uCKl0uBpHKKV9r9dFYfZ3jvt3UMwTznQ65eUcaQHiEzC70VcWawxEYjRNyUppiam5nFHCM-HHHJhccYmxzDLTKt2Ngtz7Q7T5MTaCYmg4XORLOCjdSx2SXyy7cwrMzIWLiszEUqXhauEbefxgswUcTMQmURpWTBc4EyWeloDQN8mbRY92XmALSfVD3nluia0ZEuKZC9owpLwnSttqhU-p7eFFLTh5RmhyGkoxuyz9jsLYY6xfueCEsoUQPdg8tFZUmELEDpNon-WfF4u_kcyRgxzKj5srSx2RxZjFFsYqBdGVoOQdJMtJFlcJB6sYkZejJGFi7GfZl6ePKRJ55dLloOZhakoYlGwGs-yblG8IIXkYRJQrMXdxTMIYpNlEEHQ2yI6EITQkctqlCetE_bBB_UYaAME19Aibyrcdy9l78UoyVkQMKNPQyHj-99H2tk5O5yG5mAmzdT9UbutLPAec-a-BjGrG3d2q_23t_DWrqeUmyf3T_6B1dfFdlkgWPryzFNC-Fm5sU2eeDtQ83r_NHvx_2YyJrgkN3Nhqvzuu8Y0yPOMX28CT_iaS7CEgIXvOYE2lccsE8PtIthuMJbAh3LrhJtPh7T0L3f84LY8HvnMtFnn6gCpZgMITU2nJisZqThcGAXwKkKX8wsEh_WK-xiRUycj5GKcRJJxsi0h8gcHOhtbOi86tWYJJgk4oy7ssBdaAAVFPZ50aBQnLiD_5kbDCWuGfEjP7Egjrd-RRqGhnl26xHslZJPLxXFyyZCEie8fgAYWIzl2AQL2MhpQ8_GyR82pv-09pym1Qs1V15CxgOcb4hX0wnTz2tjUwTbQ7ROn9WDUC_uaEo4ggXqS_hAO5uZ6jvxaC-29rA0EjB4Mk1spostVkY7g4WKEeNsOfQ4rDHZb42VFbWxo7GhQ8_fihaeF3bJ0mAI93xppbWzqQNKKsZ14DhF7-5HsF4vryXuij93m-OSJs-xfeoQ7sNEijnc3qbLN352szy8RMPeSRN39ciqpss6UNTmf6SZeGza5zyHQdqqAFclFvYYHQdfvRbmXotssbG6rqtDu739yrfsPZK-F97_IvvuPiFcA9THXcFOMqzgLXpOG3-YOylGx-ME9bB-TqieSZ_P3gJU7XX-IPntX4Kghmhxl-BwVMml7BQc3a2I9vO299op-P4-U8uY6i7kYUKe_dZ-_-AMRjuEkltQlO2VXcGE_1SGQRJxbB0jWNlrtOj4GZoU_iyODZ4QdqlU-54r8f_sGOYU2NvvsXILNn6PIWo337yTPJ1gp3EmluKDXbNc7rbZBXnL6HuXx92gKh_EFJlJwgeIcooLxcdElUjnbAbG8k0881deMdX7-wRwuANsxBO-iQywFwbNYNUwX8Lzv_dmD8MsfLLlYgUD2CHmZEODnp2_MQRh3C334T6x3mao3r4Fl5_MGvsIAJMiBDhe2giFxQkwNs1hIaxDhxYtB38r6ztAciVAOyfyweFy5ZFOKaj6hO_nnF5CgWHmJpnSsGBMw0IKY0OHhs8WQElJaf8_VoC2m6hyAMsdkxK-h4hFpCLp6MAr5XKf94S0t19JyBoT9L6VdNxOPBgHk7BsrsFCZsIOMcT8DeKYdisY7nQqRWSsnvXIq2j5XnzyjnMXo3QPgOTOiX4l8AYnpU1CDDNxMLAVYKEkcaJDy1fICzcZi0DynpaQYJikSUwRXkgVHtr9Mja-iq_YswkH5OJlVi321-I4gjExbHhInpPZUtrK4dM8lSnowlnhty5LSBefywWpuiL2KSzH22Q72vHiltK_8z6vpBjeBa9tN9LRwZb2ONl5W8E_t34_zt8vA3qi0B3kulT57w5cRnTtj0rdhKACk3u3Tq5uOfhvGJvYn8ipCgWglO770likKLX6W7CH7C8o2oKhWRgEJTPsOFO4rx6xgIxhFsXTK8ZCy-BgQ8Pf-gBuew-5W1867VHpW29zGXedb3262D-UMcw1oF3nFQsdmh0tJ2ZmR4-yPhXjjftHrLwOUU3RmnN5t16FBMxWpq2EZxw2miGam5wfS7V4O5-YSDOtVp_cM-r7vYnLmanodHJFz2aPsEr5d74mBplXQQWOiznLmPwEcul96PFRcGEzbwBijUa1p26Ho_sLpq_y9tDhO3k_FL5vNSTYHcK9lzgvX-29B8o7oXzfQd9pQoFiEKO4JoWVCrHgorShwcRIs0aV4GmC8hghT41E3mrhiyPwfoXrWOIM_k1tLdPAK4O2MfQCvtywS9MQ59gp58d7AT0efH5d-WJK0tDhyFc_WxFVc8bOnW80WBmQRCaHxWo05AN3KXSXFGOIiKlAjY6qYCmGuDBsp6YDNoK7ESnejluPutVcYz5ZAHFSrLZhYzqDKELE0ZIkNCHE7BdBKvOgcsgB8-Gz6vm0fJzhmE8_3D2VZqZ6U0jQWkkW85kCrd66TeXzhu8zBEC2EyBOeveRateScmIJ2HvHe-Owa9muZbL5uyRAnc-BNIrouUdtbXTtkhx1aDS85wr3Jl_a0wwTZUdEuFBPEhaOSY7n7rnY0UkfG4ZSg5UmgpHgEc_NjCapN-kkQFm61K0TNzOkGn0WmsjVAn3NOjeeCzMSX7CRG0YFf7hmj1dt-_CNTYthlkhcmIPS4DBEiAxZHKhjeVosMbXx-MPIHIDexowHvu0mfIhbKf0U9JEpa8Lk_oP9Q4rLJ8PstiC3_kLl4kBN-h88eVS6xoanfc3V3aH-4PxJ6fNbVbtic19MeYv95Lukky_n_zfNndQ31O0WODtNV3_Ryco1upl558jl_VF_5VvlugLTHabZ4NaS6QRTNGIs1-fQlcgE__WN2JV27husvLtetm3ON8f48aaqFXZyESfVaW0GRFQoMoS0sYkuymwZWRRbqnzMVuVrw7XFeai_EeXA1e93yh9F9vJgs6FHw5mXEo6d9HbsPjZMmu_wHzwBrDUOwbPmBQB5aIlNVoCK6DOwEVFbQlNkOnXuDH7Te0Ub8omerxFsjsJ52tkDWEt4-Mmq5esJnKzqCpS_wXg_VQn8or4KK3qP23WafkURIo3NxgwsZOw29uvkgPV3bWiaoOg31ZYdP0pdYDKwCahwS8frWJqBBh74GSyrKbJERuOSjXJnA1VsRpJRxjvTdRcODjsbWK0wQ4Oa9lRDChZyVJw2SDKHrUnHFoAwOOQfXN0Z7iYY9RI4tCGlMYoyMGOrKUNgQrgUo7b1P-xsnPk6H9Iv5uOHWWzVVbFqp9zOQ61bbxu3U9EvSNkbRykKKI8floWeE2aRJFSob7csU4RoUzV6T68tva2toVWKJpmtiAEA0R2g0eMEBfWKTuZGqdlvP259dWUWXmOoGl-gy3cEpeDS_geEhwvypOFEVFaEu-dV9-xq273UGhLqiQ4bJb8-qbBqlnjlUK9-3HrN2i7OPPlmA0UjKe8wnLzddOoqe8sY1LS3MEY_CHl1v7qwAxnrzYhdnHW5c_YnoC9T5NdEKveIjwbycKtr74k2O9W1nvku53W7cct410rh7URbQLOhlY7ivOFKv6r5iHb3lPB96qTtbrgnFO-pmTa3ureEGCpaSOgwc0MxqzjROhBcKENxbljTtvtnwnmwGa3GEKmhw32Qn_3idJKxe1lyoko93RR9k0vriZ37KOaOB8o3hEv9VCCDa12iGjO4ETUVo8XK0EVZLyG9p1STXA54vgUE3_2TnXfiXCIfld8t0D248DwztLyblLooUXYwnlu7ZLmO7ULdEXSFy7sAqZk8jJY9Fh6l0_H83KR6DRp9kXyZOdKmSt20onmFatw2XpriaaaRtSqbvfXJcDvRqlr0&uniformat=true&callback=Ya%5B9126777420581%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7979e62bc495dc69dc0ad02ba27cf9d9c7eab30fca0f6823856e02400d2b2bb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegram-site.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1679275918917158-2887913270413453061-sas3-0998-46d-sas-l7-balancer-8080-BAL-9859
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 20 Mar 2023 01:31:58 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/html; charset=windows-1251
access-control-allow-origin: https://telegram-site.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 20 Mar 2023 01:31:58 GMT

GET
H2 200 2ec9a88e40a26b53acde.js Show response
yastatic.net/partner-code-bundles/740439/ 7 KB
3 KB 102ms
102ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/740439/2ec9a88e40a26b53acde.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0cbfa5f698d5111459b88f967fa1619f9d4357847bccce75fdd38ca83712b549

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://telegram-site.com/
Origin: https://telegram-site.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 2065
last-modified: Fri, 17 Mar 2023 14:40:47 GMT
server: nginx/1.17.9
etag: "22b4a3ae1208661453bbc27bf6c72af0"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 19 Mar 2053 08:05:28 GMT

GET
H2 200 2396ad2a3e1227eb5f46.js Show response
yastatic.net/partner-code-bundles/740439/ 581 KB
111 KB 102ms
102ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/740439/2396ad2a3e1227eb5f46.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

39d3e1e1e0b06dd72f09fbc42344b6b347151727c6879ae693cdf669ff405203

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://telegram-site.com/
Origin: https://telegram-site.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 113390
last-modified: Fri, 17 Mar 2023 14:40:47 GMT
server: nginx/1.17.9
etag: "16ab2e52dfd0b4027baae01c1ea5ba4d"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 19 Mar 2053 08:05:28 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
207 B 14ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1127644319&t=pageview&_s=1&dl=https%3A%2F%2Ftelegram-site.com%2F&ul=en-us&de=UTF-8&dt=Telegram-site.com%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BC%D0%B5%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%D0%B5%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=31000411&gjid=1084325892&cid=1670959109.1679275919&tid=UA-126131317-3&_gid=1866138750.1679275919&_r=1&gtm=457e33f0&z=379061739

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://telegram-site.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://telegram-site.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
470 B 15ms
15ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=telegram-site.com&callback=_gfp_s_&client=ca-pub-2571090897727115

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2571090897727115&plah=telegram-site.com&bust=31073141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0564f60d333c643a7abad92b1e951636c40950c853a6be483f44f50f3349c16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 40ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=telegram-site.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 39ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=telegram-site.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&id=w0&cls=navbar-inverse%20navbar-fixed-top%20navbar&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0DE1 132 KB
22 KB 178ms
177ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2571090897727115&output=html&adk=1812271804&adf=3025194257&lmt=1679275919&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Ftelegram-site.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679275918639&bpp=4&bdt=184&idt=516&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3096634900798&frm=20&pv=2&ga_vid=1670959109.1679275919&ga_sid=1679275919&ga_hid=1127644319&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777876%2C44759876%2C44759927%2C44782467%2C31071755%2C31073107%2C31073127%2C31073141&oid=2&pvsid=3367778397263470&tmod=727374818&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=545

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfeb231a6463e0f1961b66705b25abb958f11bc16ea5fd13139ff36c56a5737f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegram-site.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 22358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 01:31:59 GMT
expires: Mon, 20 Mar 2023 01:31:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 162 KB
57 KB 209ms
104ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

cf0e934daa92ef101fcdf4f64d318324f197533bc3a8ad60630a947cef5d7073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://telegram-site.com/
Origin: https://telegram-site.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Mar 2023 11:37:34 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6412d54e-e3bd"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58301
expires: Mon, 20 Mar 2023 02:31:59 GMT

GET
H2 200 2163124 Show response
yandex.ru/ads/meta/ 100 KB
29 KB 222ms
222ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/2163124?target-ref=https%3A%2F%2Ftelegram-site.com%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C56%3B706838%2C0%2C71%3B735973%2C0%2C28%3B739738%2C0%2C20%3B729110%2C0%2C33%3B734894%2C0%2C92%3B739994%2C0%2C67%3B681847%2C0%2C56&pcode-flags-map=eJydWNty2zYQ%2FZWO%2BppJeQVJv4EkKGFEEiwASlEyGYwSK7Y6vnQcO3Gdyb93QVA2SdtQ2ifTlM4BsHt290A%2FZisslFiwtcK5KnFKSlUwrmitUlzXhM9OPvyYfdte3O1mJzPJWzJ7M7vdfb2lp%2FA%2FQr4fRLOfH9880TSc5W0mhWK1anAriJUhcpPANwykxmlJFMlY9URSUiH1ZlY0J0w%2FwKcpU5hXI9rd%2Fd8T1tAPO9acio42Y20tFSc55STTlLhp7DvznCDwHs8GB1FVW0rKWVkCWy31A%2BFqjWW2ILmStCKKFYUg0s7re070FLO0lZLpY5VsHOvf%2FejLGIeSEHW4JmM5GSG7nI1j9KtkXeJkF6MV4YKyeoSEb8ZhMMYmSeh02LamJcM5MevjahTR25u73QAWeLGf9DCIpRCdyCaYaSIHIJCnIKRWLBWErybC3F1tP13sRkgfeYkJc0HfqQrWWhA6X0hVS%2FuSQegnbgfc4Don7xRvVc4qTGsbLHQiz0eP66WcLWGzsJaac5pbkW4UxujFBRWoV3KaWuGe66Cgg78ntaeKFvS5prlcKFrhObFiAzeInSfsoVhSxnVSOc5pK377RYYN1vs2G1a4XOONsCP9qI9zXjRQmaJhNQhD1xFrxzXkOY4zxgaOHwxqIdPQWtrXC4Gml1LBIMpEa%2FewniLvrLKAJaPIew6nhW6ca11EoM7%2Fw3DYwAqX7ShbvvMyuiSY16piHCoWc4on5%2FZGi4aO00e54ZRxKjcq3UCrIOuGcXvAUIT62jvoom%2BemeBWYOJG8UCRVKgMc86kwlkGWRKWLhEmfui6I2ynYgGSlgsdpgbnOa3ndpIgDMzOu7YPUpabhijfvusgjsJBeiqeQZwETWkJUbMvl0ToVaQehFlJs%2BWR1Q8c3ZQxw1dBgy0oDBeqD1HgzF7NSez1k8Xsoycxc0EyLdSmxJsUZ8vBBLNRIscLfG%2BUjgXpGj5MUiLo3Kp45IYeMnmoyRogBVT5QpVsTjM7Lvb7lgbbLCivtGY5qQ%2BTpuEktTdVBF3Rc0fihanDQUngAmBeQwR0oxQZ1zNFCGvtIzdxg2BEtqCy28mABOKxlMxO5Eee5w%2FdzsTX5KTAkH54UdCaSgJqz5Zgq6yFioLQQWi0PVFhLtWfLWmJJj92vhAhFD66Abng4OMmOyNQwFxLmdbQqCgM4%2FLIriI36qWTYRhJrO4TiAtdkLTgGAxTZx%2FsmYziBCWPvqHgFGjKjTJ4bSEa%2B%2BHG%2BHSpBH1vrSOEEr9P9wAhjnmsZ%2BsmgRM9skDTzjWD1bciFAfIna6sKnCt2L6W5zkm1gNBauPxS6qMUeD6h3KD%2BQ3OG44KolHgVY2h6BqY8QbPrwXP%2BKLYf34KObefAdIUu8Pa0D3DNJkXQt%2FNg2P3AJR4qHcnpiLEkjZK8q4BHmvJKIGriQFPli5Kpu1ursxGj5DEfRW8RtKJa8TxZX%2BvLrf36ny3Pzu%2FfYWuu8GoJUlxqsBxWq9DDoy2USmaal4vQCUDwdQworuGO2%2BhvesLBjTdjNCVvUIj1wn6ycm5Mp1etmBRTKV3ge6aSjtfHLkMApMp1RK%2F33TNQXUGbwj7Mfuyu%2F18Xm1vzvZXsxM3BJt0ef1pf7ETn7cX%2B6uz2Yn3c8QawlwciMC0RfB7Ki21EvQdc7jAh9nldn%2Fx9uYO9vbP9up0dw%2FPf%2Bwvt2e7r6NXZ9vL7s3pw%2B7KfH37bX97bR4v3w7%2BOb3a92818yMDvLjZPlxcP5z3Hz%2FcmL93N9u3V7vvX5994a%2Ft9eW%2Bg358%2BYjDintKrT196KDzEVjrEx9JPCDdadvBLViNrGSTmz9cjcfXa7ihGdHUWILEoMvxed%2FrlMRz6%2BUBJos3aJQFAblygjMJ19cjwNB3vOceidYNeANtkv6jQ4L7MdyQXyUctDLoPfY8PDHxzuKstFcxbvdgfkpaQylhWmpHyMD%2BiyM%2FNjgo9uPJZB8Uf1tDGYClh%2FDhXORL1V%2FnBThYCOw4%2B5ksJ6FMIr8%2FOWCnd%2FLIh4%2FjyS8HUb%2Bb4aDJmNBBh45e5ilsjk7a4efbi7FyEugTpp5hRJlfA5QkFZBIazOO%2FCBO9GD%2F%2BS%2Bl2JQC&pcode-icookie=xTGNZvx4dFHwTaWRFFCLhYyN6fT%2FSHg5PhgBZrP3ZM%2B0OSYwG%2FemS1g68pxlmrJKIcyEXQyJtjZhCHmV%2BqZLAXYdwi8%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=47828755808258&ad-session-id=144821679275918855&target-id=89685016&tga-with-creatives=1&top-ancestor=https%3A%2F%2Ftelegram-site.com&top-ancestor-undetermined=0&pcode-version=740439&pcodever=740439&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1140%2C%22h%22%3A0%2C%22width%22%3A1140%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A230%2C%22top%22%3A603%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%7D&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo5NDJ9ChKjoKzkqGmAGKyjh7VV234_O8m6J0psDrOJYuKwHZOJGHqVX_LV9MrU9pyQEvx9DmfrO-XYZmKr2YkTZpMyPCkpt7393m8H9VJQzxBWAvWEMRBjJCIFfJzTiShzYnVuKwggRhhhABgjMSCLLBGdKaZxGK2GyM4Q0mRHDkCX6ANlDqQ5wA2UAyKQBaqAcEFQDAzAL3y8BUi0wLQBLq9NnG3jmeblyAHcQHqBymzjXACzoUTmQL4cZQsQb4WreXIA4oLhLJPSQCMhC_Al5EPziB9QihwoAtnAHBr2Y5mEZCR8tiUk9qXQ_Yrof6x5pReseeKcUrLlqVsZj9GhPyAKpAtPMZRJlw28-T6QObME_oiXkOQLdTPiFIadB_QygLNUkzixoTA9sczrh2gLc8m3tO9VVpAQQ3MtOHPPfU5fh84BzACkAJS6yFyMaOEN0D2-BMFSLk2wBgZ7BidChDAjiy2RMUOIAmxUGXhYMuBVsEd6GZ5nV5g9B4D5J7I9pHy5_R_p7vz-trSQ8IwA5KHJHDrOai2yBIzBvXlzL6r0OQEPSwq8Urs__ZU6UN957n1A2pXU_9QEfe4lyNKaRWQzoOGAACAKHaApwPgfAF5_KCQUecWR7RUV-5d8mVIERC45vAXv9R2MI_tdRgb0AJQA1ABIAez8_VOcXHglN5tGEKh-APUxfRlaXF5JlGBDCAh7HAC7QMAOIecwOQDy4PBfGp7SEwLuiLWa6SNE4AM9A-TgpnKfJ54R1e5BlpyzH4NNe73TLF8Jiq_f_Ht8RIUaXAiYUAIDbHCHtNKFAftkmt2db9SzqEts5fd8BSweKAN8nsFr8h4b7ZKFWKIb3jz1yezjbOEuxvwJ-oJSLc9hgci_Lsj9InJT2MDmhJ9oqWujXAPtqJk5uU_Q5QdI1EYrbWgJ6ZhCs8VqjmzooK5Lw-kFmqbfiwz_rw8wqPqUAawlqGY2My8ZP62fTDzykQI2BOCDAwyAzyhRgwc-CoDJvCy0BhoLMwttFNMzsxisBkvEjPmtgIWrWWWhiQxxNsc0EUTc9JGRwWSlNlhDM3dmCM2GyGyAiFuEW43BEm4bYBb6-pdXLi3dGT-Fi8GLe92z8N678FMv6dJNJNzQTu-nZSQIe4aGp6Jb5sv1AWl9LD85REmhZc17Fem0AJGu4sw-bjRT7nq7RJntI5wr4vr72wtTxFTWy5oifmOAMLnt3Fzip0ESIaQMTfRG93VSmXL61YkmMhojM11k8uCKl0uBpHKKV9r9dFYfZ3jvt3UMwTznQ65eUcaQHiEzC70VcWawxEYjRNyUppiam5nFHCM-HHHJhccYmxzDLTKt2Ngtz7Q7T5MTaCYmg4XORLOCjdSx2SXyy7cwrMzIWLiszEUqXhauEbefxgswUcTMQmURpWTBc4EyWeloDQN8mbRY92XmALSfVD3nluia0ZEuKZC9owpLwnSttqhU-p7eFFLTh5RmhyGkoxuyz9jsLYY6xfueCEsoUQPdg8tFZUmELEDpNon-WfF4u_kcyRgxzKj5srSx2RxZjFFsYqBdGVoOQdJMtJFlcJB6sYkZejJGFi7GfZl6ePKRJ55dLloOZhakoYlGwGs-yblG8IIXkYRJQrMXdxTMIYpNlEEHQ2yI6EITQkctqlCetE_bBB_UYaAME19Aibyrcdy9l78UoyVkQMKNPQyHj-99H2tk5O5yG5mAmzdT9UbutLPAec-a-BjGrG3d2q_23t_DWrqeUmyf3T_6B1dfFdlkgWPryzFNC-Fm5sU2eeDtQ83r_NHvx_2YyJrgkN3Nhqvzuu8Y0yPOMX28CT_iaS7CEgIXvOYE2lccsE8PtIthuMJbAh3LrhJtPh7T0L3f84LY8HvnMtFnn6gCpZgMITU2nJisZqThcGAXwKkKX8wsEh_WK-xiRUycj5GKcRJJxsi0h8gcHOhtbOi86tWYJJgk4oy7ssBdaAAVFPZ50aBQnLiD_5kbDCWuGfEjP7Egjrd-RRqGhnl26xHslZJPLxXFyyZCEie8fgAYWIzl2AQL2MhpQ8_GyR82pv-09pym1Qs1V15CxgOcb4hX0wnTz2tjUwTbQ7ROn9WDUC_uaEo4ggXqS_hAO5uZ6jvxaC-29rA0EjB4Mk1spostVkY7g4WKEeNsOfQ4rDHZb42VFbWxo7GhQ8_fihaeF3bJ0mAI93xppbWzqQNKKsZ14DhF7-5HsF4vryXuij93m-OSJs-xfeoQ7sNEijnc3qbLN352szy8RMPeSRN39ciqpss6UNTmf6SZeGza5zyHQdqqAFclFvYYHQdfvRbmXotssbG6rqtDu739yrfsPZK-F97_IvvuPiFcA9THXcFOMqzgLXpOG3-YOylGx-ME9bB-TqieSZ_P3gJU7XX-IPntX4Kghmhxl-BwVMml7BQc3a2I9vO299op-P4-U8uY6i7kYUKe_dZ-_-AMRjuEkltQlO2VXcGE_1SGQRJxbB0jWNlrtOj4GZoU_iyODZ4QdqlU-54r8f_sGOYU2NvvsXILNn6PIWo337yTPJ1gp3EmluKDXbNc7rbZBXnL6HuXx92gKh_EFJlJwgeIcooLxcdElUjnbAbG8k0881deMdX7-wRwuANsxBO-iQywFwbNYNUwX8Lzv_dmD8MsfLLlYgUD2CHmZEODnp2_MQRh3C334T6x3mao3r4Fl5_MGvsIAJMiBDhe2giFxQkwNs1hIaxDhxYtB38r6ztAciVAOyfyweFy5ZFOKaj6hO_nnF5CgWHmJpnSsGBMw0IKY0OHhs8WQElJaf8_VoC2m6hyAMsdkxK-h4hFpCLp6MAr5XKf94S0t19JyBoT9L6VdNxOPBgHk7BsrsFCZsIOMcT8DeKYdisY7nQqRWSsnvXIq2j5XnzyjnMXo3QPgOTOiX4l8AYnpU1CDDNxMLAVYKEkcaJDy1fICzcZi0DynpaQYJikSUwRXkgVHtr9Mja-iq_YswkH5OJlVi321-I4gjExbHhInpPZUtrK4dM8lSnowlnhty5LSBefywWpuiL2KSzH22Q72vHiltK_8z6vpBjeBa9tN9LRwZb2ONl5W8E_t34_zt8vA3qi0B3kulT57w5cRnTtj0rdhKACk3u3Tq5uOfhvGJvYn8ipCgWglO770likKLX6W7CH7C8o2oKhWRgEJTPsOFO4rx6xgIxhFsXTK8ZCy-BgQ8Pf-gBuew-5W1867VHpW29zGXedb3262D-UMcw1oF3nFQsdmh0tJ2ZmR4-yPhXjjftHrLwOUU3RmnN5t16FBMxWpq2EZxw2miGam5wfS7V4O5-YSDOtVp_cM-r7vYnLmanodHJFz2aPsEr5d74mBplXQQWOiznLmPwEcul96PFRcGEzbwBijUa1p26Ho_sLpq_y9tDhO3k_FL5vNSTYHcK9lzgvX-29B8o7oXzfQd9pQoFiEKO4JoWVCrHgorShwcRIs0aV4GmC8hghT41E3mrhiyPwfoXrWOIM_k1tLdPAK4O2MfQCvtywS9MQ59gp58d7AT0efH5d-WJK0tDhyFc_WxFVc8bOnW80WBmQRCaHxWo05AN3KXSXFGOIiKlAjY6qYCmGuDBsp6YDNoK7ESnejluPutVcYz5ZAHFSrLZhYzqDKELE0ZIkNCHE7BdBKvOgcsgB8-Gz6vm0fJzhmE8_3D2VZqZ6U0jQWkkW85kCrd66TeXzhu8zBEC2EyBOeveRateScmIJ2HvHe-Owa9muZbL5uyRAnc-BNIrouUdtbXTtkhx1aDS85wr3Jl_a0wwTZUdEuFBPEhaOSY7n7rnY0UkfG4ZSg5UmgpHgEc_NjCapN-kkQFm61K0TNzOkGn0WmsjVAn3NOjeeCzMSX7CRG0YFf7hmj1dt-_CNTYthlkhcmIPS4DBEiAxZHKhjeVosMbXx-MPIHIDexowHvu0mfIhbKf0U9JEpa8Lk_oP9Q4rLJ8PstiC3_kLl4kBN-h88eVS6xoanfc3V3aH-4PxJ6fNbVbtic19MeYv95Lukky_n_zfNndQ31O0WODtNV3_Ryco1upl558jl_VF_5VvlugLTHabZ4NaS6QRTNGIs1-fQlcgE__WN2JV27husvLtetm3ON8f48aaqFXZyESfVaW0GRFQoMoS0sYkuymwZWRRbqnzMVuVrw7XFeai_EeXA1e93yh9F9vJgs6FHw5mXEo6d9HbsPjZMmu_wHzwBrDUOwbPmBQB5aIlNVoCK6DOwEVFbQlNkOnXuDH7Te0Ub8omerxFsjsJ52tkDWEt4-Mmq5esJnKzqCpS_wXg_VQn8or4KK3qP23WafkURIo3NxgwsZOw29uvkgPV3bWiaoOg31ZYdP0pdYDKwCahwS8frWJqBBh74GSyrKbJERuOSjXJnA1VsRpJRxjvTdRcODjsbWK0wQ4Oa9lRDChZyVJw2SDKHrUnHFoAwOOQfXN0Z7iYY9RI4tCGlMYoyMGOrKUNgQrgUo7b1P-xsnPk6H9Iv5uOHWWzVVbFqp9zOQ61bbxu3U9EvSNkbRykKKI8floWeE2aRJFSob7csU4RoUzV6T68tva2toVWKJpmtiAEA0R2g0eMEBfWKTuZGqdlvP259dWUWXmOoGl-gy3cEpeDS_geEhwvypOFEVFaEu-dV9-xq273UGhLqiQ4bJb8-qbBqlnjlUK9-3HrN2i7OPPlmA0UjKe8wnLzddOoqe8sY1LS3MEY_CHl1v7qwAxnrzYhdnHW5c_YnoC9T5NdEKveIjwbycKtr74k2O9W1nvku53W7cct410rh7URbQLOhlY7ivOFKv6r5iHb3lPB96qTtbrgnFO-pmTa3ureEGCpaSOgwc0MxqzjROhBcKENxbljTtvtnwnmwGa3GEKmhw32Qn_3idJKxe1lyoko93RR9k0vriZ37KOaOB8o3hEv9VCCDa12iGjO4ETUVo8XK0EVZLyG9p1STXA54vgUE3_2TnXfiXCIfld8t0D248DwztLyblLooUXYwnlu7ZLmO7ULdEXSFy7sAqZk8jJY9Fh6l0_H83KR6DRp9kXyZOdKmSt20onmFatw2XpriaaaRtSqbvfXJcDvRqlr0&uniformat=true&callback=Ya%5B6559410696388%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8ad7543b517ca837e565575ebf38bc70449e786c648a0a720f3421dafd91486f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegram-site.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1679275919325784-5053139727636538721-sas3-0998-46d-sas-l7-balancer-8080-BAL-88
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 20 Mar 2023 01:31:59 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://telegram-site.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 20 Mar 2023 01:31:59 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9947.1BEqhaOHMRs3_azLVwXYaTJVOVJLD5d0-KdrjbFsZPjP0L-mbnX6j3n3IgCs9cqP.DmTZZAHid8sA3iC9LRx3wDpPRd4%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9947.KE5r6V2zGyB9wQOsccEX8C543We64MEqzpxxo9CAjCebvBGnz27COlwDE3JcvjZMHSHowjDvsGNwt1h15lzlGzY5DoLfUQWOSDgiMbtcwWDmEgsPP95F6ECMAwiSmV7f5pmzSdHWQVl...

43 B
482 B

55ms
54ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9947.KE5r6V2zGyB9wQOsccEX8C543We64MEqzpxxo9CAjCebvBGnz27COlwDE3JcvjZMHSHowjDvsGNwt1h15lzlGzY5DoLfUQWOSDgiMbtcwWDmEgsPP95F6ECMAwiSmV7f5pmzSdHWQVlfd1frKJVKWTvAk0HDiFf0aPmMGOH7TR8yLcKYiWsS9Mk0W6M1XYVEEws5a69wuGmScYEktByE31klPo4E8Sm43FnbCsumHyg%2C.OAcqHB2E0giUhArYgKEccYVOwFU%2C

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9947.KE5r6V2zGyB9wQOsccEX8C543We64MEqzpxxo9CAjCebvBGnz27COlwDE3JcvjZMHSHowjDvsGNwt1h15lzlGzY5DoLfUQWOSDgiMbtcwWDmEgsPP95F6ECMAwiSmV7f5pmzSdHWQVlfd1frKJVKWTvAk0HDiFf0aPmMGOH7TR8yLcKYiWsS9Mk0W6M1XYVEEws5a69wuGmScYEktByE31klPo4E8Sm43FnbCsumHyg%2C.OAcqHB2E0giUhArYgKEccYVOwFU%2C
date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
113 B 55ms
55ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Mar 2023 11:37:34 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6412d54e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 20 Mar 2023 02:31:59 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/ 149 KB
51 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/reactive_library_fy2021.js?bust=31073141

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1760011f7f0f74858e92f5830c2296944f05cb92cd163ad5212570602bb1c458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52123
x-xss-protection: 0
server: cafe
etag: 3617373211890295045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 01:31:59 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 19ms
17ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=telegram-site.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
17ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=telegram-site.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/ Frame 6B0D 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegram-site.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 23:21:33 GMT
etag: 2378337311435320485
expires: Sun, 02 Apr 2023 23:21:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/ Frame 85D4 10 KB
4 KB 12ms
11ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegram-site.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 23:21:33 GMT
etag: 2378337311435320485
expires: Sun, 02 Apr 2023 23:21:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/ Frame B03B 10 KB
4 KB 11ms
10ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegram-site.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 23:21:33 GMT
etag: 2378337311435320485
expires: Sun, 02 Apr 2023 23:21:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 70E8 149 KB
50 KB 261ms
110ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBe3jwADKdMIEd9pAAwe0fkevxCbb6ybO2VGDw&u=%7ChLNqbprUX0lo0P76YI%2BXEVq6unddqE7B%2FyCXjlb%2BZbY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zob2xPiSryBYRseh1QMcVx3i61R_DMGvVu103gQctVstU5G97DXBAj-jXT5pSS3eeR-YRhSWM5_qjmof0iMm8y9smEozFH3M_BHrTTjA-MUfPlDCfwtgdKfo1GB--pwW69-HGqfWcKPNAW6_NBTvRgO34uHpoIz-vIsRKW6QV1keAZObdgBBG4f5QDA0_yZJBSNxGGYXexEdpP95JKsgbmnjIpUeRmetc6MDv-hawWfsrAQ9wzkAWn3E68aoDRvYavpHp0omnq7x4bfjZGhNQ2KSun7PPIEHkLvB4C8MSbN4lGhWHeoD7dbwqzi20KVZPU4Wvk9VW80cAnfTnyeUV-ND9Vo6S9uPnDGcBgrtCKx4t2m2NZ1EYgz2MLlUwqzrdWaS_bB_JvKuTVBh-DGcFgFRM91-hjAIvdO04nBICwawCP6SavCuzjI1w5a8bs-dk9i0w7tMH_M7NN11IWfAVJP9yverd2bpITBUvXZ0WwnEBxwzX23MA-7HtL76ahN5Tvodpvwm-kz_5xhdSXghsROMstqqBV4AADrTqii01YseDJST4YMbg5s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHi_tj7cXZNPTDOm-x_AP0b2w8AzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItMjU3MTA5MDg5NzcyNzExNcgBCakC1WC00sPmsT6oAwGqBMcBT9Co7xtt42KPTuUUrxNrQEdeiKQhJDRxCMmFKv4zrLS2uubJFKRVJ5xgZshQWzZaXtIGQ2jgOhtHG0HkZWEh7ZUqLxTbmQhXIr6hwAaD_KVziqlhhAPkm5EnbcsEs1_Bifh3WDo27ov1AZA_ndgTgYFI90HQIwjDgfZNrlS_98-jgDcCqWNfy9Xlzc-YtGC6xx3M3EpeJoixGfN7-iGefJDf2qHne4M2ACW9EZ97Oh6sJMYM5If0foC4T3gt4VZbMGc2l5ELB4AG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2fLhggry1iziedpxVp11T04XwEJg%26client%3Dca-pub-2571090897727115%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e13afaeed10f5193d318548c3ff8deefbd3134182d0ef64ca7ba4cbd1b03faf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 01:31:59 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=rYip4RGSEzh_X97IWSr0yp91yG4Njt5aRIwd34ANdzOlTzov37xctzoLXbF9klSwGLnnk1fOARgeTjNLY0QJJ6f1lKOQYFEL8Ry-ulLdx2SeSs5cUgwUqEMksIbysu1HyPAECFoMyWFx-1FQiVI106R_wY4VLmo_YsaR9Q2ErbLR2GAbnsHjDDXTYXBTG3OzdufDQJ7c3yCF7s0LgVhZVUcLsWgDSd0zcmYkQBPLV5psTFF96sAlPrTru1c"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 74251667
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 6B0D 3 KB
1 KB 44ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 20:49:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 20:49:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 6B0D 20 KB
9 KB 37ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 13:25:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B0D 158 KB
49 KB 46ms
16ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Mar 2023 01:31:59 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 796F 149 KB
50 KB 226ms
85ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBe3jwADKdQIEd9pAAwe0ZPwXT--722rhBAdjg&u=%7ChLNqbprUX0l%2B82b56cYdV7L5o1turKAMMg5EVU76%2ByM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zob2xPiSryBYRseh1QMcVx3i61R_DMGvVrZJG1WFgMqdCLRcNHBBGtHh4n-hbLHjV0xfaz5kjhXbklFN2GIcHTFd3qnowjNy0OsnALNmLIMYqSmjREHSpYgTLO-CMPxc7rYtXk3oDXjO4fMjdJe6q97xMrcK0C-Agrhi7EmFGEb-KJeexbv3TXZhg4uOKCgkyEBakgmkAWQwrXW4edr7v1wkCCTAV6f4VFGOd_H79OdbLdDyw8XsxG1giu92SMfaPkT58az1OvtgVzlvYYN7Bo6LJtBZHruFXdSRBO2vgMY5xu-nygmv_Hcsg37l7mfT_WOYXIfACiRgM7EMUuNALKwH3ZrNypNzpEyeExuEshujJxUg1XvmUc2c0fCKHNYREHIIcPETP6HhwfdPDtV9CYRtMxkYGd-yNBs-lh-vpaAb87I4ZuHtQrg9IOmYExJ3wu6jdeeehLdrgZ8bPqYx0fPrJZxTfvCAucEVoZRAgQwlCFebjsJrBnTg4GMmQCT6U8eiTkbgLY8_4Un7QvulRY-WChS-7yjRIRg5QNc7aiIb-5axYdZM5ecHy0Jjx8T2WQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7HFRj7cXZNTTDOm-x_AP0b2w8AzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItMjU3MTA5MDg5NzcyNzExNcgBCakC1WC00sPmsT6oAwGqBMcBT9AwqwlcJhMseM3pjzfUwVbkmwMy2Gplcmq1vibcoHl-hbwlUyC4VqlG93PpMv0Tsu5ttQhTPo5KCF6T5F3Ek-gUs7OiuPoYXbaduvK6zTBhEdQqPY62tajx7Q1KeVPreZVnAgdlU0xMUIaMJI_y69kRkFwH8sXsVMDgOEYumzncjPdUrEa8u9KNBGTutE4zym3NpdN2LSyR9aaRWLwkFlq83m41ZYLAYW0LFiAIr-Xs8WA5z4UZeP05SUwPcxPzw-2rMMH_ZYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_27_uzegZvRalG8gvOESvfjHJ-1qQ%26client%3Dca-pub-2571090897727115%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1c0686fa2009740e92032edf93084867c91c2d76d56280f78c2a778e81b7477a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 01:31:59 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=3OurYhGSEzh_X97I9rNSRPeK79HvsQCSKAHiyBmr9iKuke4tOSrZR6DRZEwqlZlv44l_dO7ckqf_7cQXaEE8dP5dvM90QsLwh2FiVvm0wcRkpaThBP5mRRrHVpyigTM-L6uN3yteDuTlB5-6gnpilwYUKS_bsGQER6dVbpL-NwvJloYygHNgj8mUZiZgm1W1Wr_df2_BvRw0ktEFLHDTrpdwib_Z8qS3KabBdc5i3r0DAApr0ESvXhjLKMw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 65124368
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 85D4 3 KB
1 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 20:49:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 20:49:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 85D4 20 KB
8 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 13:25:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 85D4 158 KB
48 KB 47ms
26ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Mar 2023 01:31:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B03B 0
0 57ms
56ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4i7jj7cXZNXTDOm-x_AP0b2w8AzJntKxXPXalvdwwI23ARABIABglQKCARdjYS1wdWItMjU3MTA5MDg5NzcyNzExNcgBCakC1WC00sPmsT6oAwGqBMUBT9CPgzt7ibvAcS_T2Rza3b5C24t9PKg6jDmZTwZoW_oTRqIRYh3gmwYMhU93abwdXtpGZPrA6BHoHbwqnIy9q4hcyuSGyvB5EH4xK7CkRKAlYs13onBtWkTBVPOFxlCjtnegZv8IP5zul5KphHKTCTukHTuuXzUJOMBOm7XWrCULo-Xd2gVH2cOTCZngHmTnexrnFeojHz4SSp-CtHJQooa9-k0X_sxDfZW3UOy6dN0P16cjQ5A7_b2O6C804WFq57Cyd0yABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI1NzEwOTA4OTc3MjcxMTUYAA&sigh=W9U6-E8amZc&uach_m=[UACH]&cid=CAQSGwDUE5ymBrPWy1F6gVkmuUyBcTQjf6kSPNINqxgB

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Mar 2023 01:31:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 20 Mar 2023 01:31:59 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame B03B 0
0 47ms
14ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMz6RO0HfJ2DYgICAAAAt3CXEN-o4RIQjrcXZIYYpbFE-wb5yPQAABIAAAoOQVFVQkFRWUJBUUVCQVE&wp=ZBe3jwADKdUIEd9pAAwe0YZFoHrKjXWILJSiEQ

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 157566
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6EF9 196 KB
57 KB 261ms
129ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBe3jwADKdUIEd9pAAwe0YZFoHrKjXWILJSiEQ&u=%7ChLNqbprUX0nofnigx%2BR%2FXfBKdTXHWts5mPX2dxErC28%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC868MuVCbCghDyn07hiCHM7b4J0C5TF2tOZnjrqXwBvUr1CAavIRAgNRaBxOQtZX-xjKIiTjog3rPOl2niimphG1bl6qTIx_YN9qsRU5OOJoG6tsgbeeqCxZL6DRAlPXO2B-jstR30hnbLyegCIkJYTIpk08bWfQbI5Hrn3WxYyccDN3Ky152pzRJmSPwRLlElVgUpWWvDdVXpZEWEoMV6nFAC1eZnkLrnfVZ0sHFnXjFZpfxL2prY8jeDHpbEEkWAZDSsKBcahxAIzRa1iQPvhqsB2QK5E2CKMkRje9NYf1ZWTQWP15B3SCLLD4fYdBK6_ZkuTIAjbt8QK2UWuNPUq5IAaKMlQCxof2kfmoFvJQM51eVnXIAADB9jrIyM7lSndxCL5R2LZTS5MowhOknbm-_NZbri2W46sfzUUVRBQKl2KmCDFO30hbIlI4RiuMbG0kfg7zb_fBkh4j1rBkP-kZ_B2m_KsdSwL_gofSNDhKu_RxreKEx_PhNv52tk8ZoX1v6vHoGqklLOgC8rVt6b57-guzvbSiwK31f5zZpQkief3BYzgQDHZbYSb4zspqrJXw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCriEej7cXZNXTDOm-x_AP0b2w8AzJntKxXPXalvdwwI23ARABIABglQKCARdjYS1wdWItMjU3MTA5MDg5NzcyNzExNcgBCakC1WC00sPmsT6oAwGqBMgBT9CPgzt7ibvAcS_T2Rza3b5C24t9PKg6jDmZTwZoW_oTRqIRYh3gmwYMhU93abwdXtpGZPrA6BHoHbwqnIy9q4hcyuSGyvB5EH4xK7CkRKAlYs13onBtWkTBVPOFxlCjtnegZv8IP5zul5KphHKTCTukHTuuXzUJOMBOm7XWrCULo-Xd2gVH2cOTCZngHmTnexrnFeojHz4SSp-CtHJQ4IScaMqYYt_84YEUgNEcjNQb3REpbYi5SXWzTt2L_01yYho2ZPMYb-2ABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_ugTe4AgmYIZRscf91pf_Yzzj5w%26client%3Dca-pub-2571090897727115%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d50126351f7075372c0eedc8ea635d0d70fbe3e6f4a80bdc11d28028ceb292b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 01:31:59 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=D-kefhGSEzh_X97IFN8mchyB9VeO-OCjhCGsZSfKF1i6MpLt9H8LWen5Cu6K4T2639cjPh8lTrcjmahGfxeLldRf-iCq5p3Se7oWLPYrweBilvdpB0cQpqZv91-fbzbSBSvvvj5cLRBXHz0YZ5JEE1LJ6mdFZeG9h7x8yoCx3HihvfbUFvAo7auXc0X1T0geuOhHJE6X5Td5C3fRaPhPQfeYA7a-mBV3YDohroypspHovmNfznbv2v5U4ceJjNAYdzc8sQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 103867947
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame B03B 3 KB
1 KB 27ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 20:49:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 20:49:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame B03B 20 KB
8 KB 23ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 13:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 13:25:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B03B 158 KB
48 KB 43ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Mar 2023 01:31:59 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/52667398/
Redirect Chain

https://mc.yandex.com/watch/52667398?wmode=7&page-url=https%3A%2F%2Ftelegram-site.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A467%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US...
https://mc.yandex.com/watch/52667398/1?wmode=7&page-url=https%3A%2F%2Ftelegram-site.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A467%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-...

446 B
556 B

59ms
59ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/52667398/1?wmode=7&page-url=https%3A%2F%2Ftelegram-site.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A467%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A311118967550%3Ahid%3A478523491%3Az%3A0%3Ai%3A20230320013159%3Aet%3A1679275919%3Ac%3A1%3Arn%3A97399462%3Arqn%3A1%3Au%3A1679275919791135253%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C103%2C3%2C64%2C0%2C%2C188%2C2%2C%2C%2C%2C531%3Aco%3A0%3Acpf%3A1%3Ans%3A1679275918090%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1679275920%3At%3ATelegram-site.com%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BC%D0%B5%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%D0%B5%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d5952a95a7b4d31153b5334f4ad5107a8e24bdc416b890d8afd8a86830a8625d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 20-Mar-2023 01:31:59 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://telegram-site.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 446
x-xss-protection: 1; mode=block
expires: Mon, 20-Mar-2023 01:31:59 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 20-Mar-2023 01:31:59 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/52667398/1?wmode=7&page-url=https%3A%2F%2Ftelegram-site.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A467%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A311118967550%3Ahid%3A478523491%3Az%3A0%3Ai%3A20230320013159%3Aet%3A1679275919%3Ac%3A1%3Arn%3A97399462%3Arqn%3A1%3Au%3A1679275919791135253%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C103%2C3%2C64%2C0%2C%2C188%2C2%2C%2C%2C%2C531%3Aco%3A0%3Acpf%3A1%3Ans%3A1679275918090%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1679275920%3At%3ATelegram-site.com%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BC%D0%B5%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%D0%B5%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://telegram-site.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 20-Mar-2023 01:31:59 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 200ms
53ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://telegram-site.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://telegram-site.com
access-control-max-age: 1728000
content-encoding: gzip
date: Mon, 20 Mar 2023 01:31:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 159ms
58ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegram-site.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Mar 2023 01:31:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://telegram-site.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:31:59 GMT

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/5221035/VzHAIX5tyiukwrphMftSyg/ 14 KB
15 KB 259ms
98ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5221035/VzHAIX5tyiukwrphMftSyg/y300
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 92a55161e23f2ac396f916743cc5aa0c5bc750bf31912c094143939ee34215ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
last-modified: Wed, 11 Jan 2023 01:19:44 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 14746
x-request-id: fab80bc9d8db0749

GET
H2 200 icon-192.png
yastatic.net/s3/games-static/favicons/ 24 KB
24 KB 131ms
69ms Image
image/png 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yastatic.net/s3/games-static/favicons/icon-192.png

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24134
last-modified: Thu, 14 Apr 2022 12:22:42 GMT
server: nginx/1.17.9
etag: "7819c957eaa80af5bf14f760d49b64a7"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=216013
x-nginx-request-id: 13b95abf984a42cc
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 13:27:09 GMT

GET
DATA 200
OK truncated
/ Frame B03B 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1723a384d58117b5e6c507ce0f57f858d0e612a140c67dd55df257ae9f9e95ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 84CE 24 KB
7 KB 52ms
33ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://telegram-site.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Mon, 20 Mar 2023 01:31:59 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Wed, 19 Mar 2053 08:03:05 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H2 200 2163124 Show response
mc.yandex.com/watch/ 408 B
468 B 62ms
61ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/2163124?wmode=7&page-url=https%3A%2F%2Ftelegram-site.com%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A425370177181%3Ahid%3A478523491%3Az%3A0%3Ai%3A20230320013159%3Aet%3A1679275920%3Ac%3A1%3Arn%3A868939627%3Au%3A1679275919791135253%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1679275918090%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1679275920%3At%3ATelegram-site.com%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BC%D0%B5%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%D0%B5%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC&t=gdpr(14)mc(p-1)clc(0-0-0)lt(8600)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

60b7a6286bed78b9e3e451a0c2b1a220468628caef694cd22dc7eaf80b8cff18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 20-Mar-2023 01:31:59 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://telegram-site.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 408
x-xss-protection: 1; mode=block
expires: Mon, 20-Mar-2023 01:31:59 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 796F 2 KB
1 KB 70ms
26ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBe3jwADKdQIEd9pAAwe0ZPwXT--722rhBAdjg&u=%7ChLNqbprUX0l%2B82b56cYdV7L5o1turKAMMg5EVU76%2ByM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zob2xPiSryBYRseh1QMcVx3i61R_DMGvVrZJG1WFgMqdCLRcNHBBGtHh4n-hbLHjV0xfaz5kjhXbklFN2GIcHTFd3qnowjNy0OsnALNmLIMYqSmjREHSpYgTLO-CMPxc7rYtXk3oDXjO4fMjdJe6q97xMrcK0C-Agrhi7EmFGEb-KJeexbv3TXZhg4uOKCgkyEBakgmkAWQwrXW4edr7v1wkCCTAV6f4VFGOd_H79OdbLdDyw8XsxG1giu92SMfaPkT58az1OvtgVzlvYYN7Bo6LJtBZHruFXdSRBO2vgMY5xu-nygmv_Hcsg37l7mfT_WOYXIfACiRgM7EMUuNALKwH3ZrNypNzpEyeExuEshujJxUg1XvmUc2c0fCKHNYREHIIcPETP6HhwfdPDtV9CYRtMxkYGd-yNBs-lh-vpaAb87I4ZuHtQrg9IOmYExJ3wu6jdeeehLdrgZ8bPqYx0fPrJZxTfvCAucEVoZRAgQwlCFebjsJrBnTg4GMmQCT6U8eiTkbgLY8_4Un7QvulRY-WChS-7yjRIRg5QNc7aiIb-5axYdZM5ecHy0Jjx8T2WQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7HFRj7cXZNTTDOm-x_AP0b2w8AzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItMjU3MTA5MDg5NzcyNzExNcgBCakC1WC00sPmsT6oAwGqBMcBT9AwqwlcJhMseM3pjzfUwVbkmwMy2Gplcmq1vibcoHl-hbwlUyC4VqlG93PpMv0Tsu5ttQhTPo5KCF6T5F3Ek-gUs7OiuPoYXbaduvK6zTBhEdQqPY62tajx7Q1KeVPreZVnAgdlU0xMUIaMJI_y69kRkFwH8sXsVMDgOEYumzncjPdUrEa8u9KNBGTutE4zym3NpdN2LSyR9aaRWLwkFlq83m41ZYLAYW0LFiAIr-Xs8WA5z4UZeP05SUwPcxPzw-2rMMH_ZYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_27_uzegZvRalG8gvOESvfjHJ-1qQ%26client%3Dca-pub-2571090897727115%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 796F 2 KB
1 KB 60ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 796F 308 B
636 B 59ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 796F 293 B
622 B 57ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 796F 43 B
348 B 109ms
23ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=KCMBdtf-d25BDl79y1zj0KUH4QXgERK6p6Ha9MR81evyMWdADsXJGsSmOSvMq3ApYgF0GnjvMR7pJVjSrQOtfXAf1UNE0M3iF0K2wueC8v-4v7_DeH-7zEJ2n2GKE1IXPJwvqgpHTKnMH-UBc1x4_RZDI-ZYANOU0_YLy6sLBzwUx08Bnpj1gWWnSg1N1MIOo60hnwxgXO9ezFF0uB_9oPGuromsq1IBt1oLDsWRpl7GebMxvAyiHXg1FTzWkJKuWm1IEcMnbCcaHb_qWPKwcWfILmLnVahqao_lqpjvkQxOWoQ0rLp2USKUKPQ64eVQMcF42qTqxGDRtS0wvNfZ6QUDPnlC4qhKXY_adpjlC_m5n7vwQb--B_4TsD6E4CqvwHRmwMzTx3toy8XuDh7cKAFexcHvrR5UE6IMS1EbkWlHeVz1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3498155
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 796F 12 KB
5 KB 49ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2690003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsLFjVt4nz8OY5jmuJ2Waysyh5%2BpBejJInHLO41HMPF6kShVJghH2R%2B3Wp%2FCBwZhux5zf6rcTxYoQ1b%2Bg163FPMWK86Eq3vpYGQXyTZ59K6MWQBvxEb%2BeIY3MlpKasBrSeNr1zfmzyT6yYxT2ypRtygn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7aaa32e26a839bdc-FRA
expires: Sat, 09 Mar 2024 01:31:59 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 796F 12 KB
6 KB 32ms
18ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:31:59 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 796F 0
128 B 58ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=3OurYhGSEzh_X97I9rNSRPeK79HvsQCSKAHiyBmr9iKuke4tOSrZR6DRZEwqlZlv44l_dO7ckqf_7cQXaEE8dP5dvM90QsLwh2FiVvm0wcRkpaThBP5mRRrHVpyigTM-L6uN3yteDuTlB5-6gnpilwYUKS_bsGQER6dVbpL-NwvJloYygHNgj8mUZiZgm1W1Wr_df2_BvRw0ktEFLHDTrpdwib_Z8qS3KabBdc5i3r0DAApr0ESvXhjLKMw&sds=2&rev=85089&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 796F 2 KB
1 KB 24ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 796F 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 70E8 2 KB
1 KB 25ms
24ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBe3jwADKdMIEd9pAAwe0fkevxCbb6ybO2VGDw&u=%7ChLNqbprUX0lo0P76YI%2BXEVq6unddqE7B%2FyCXjlb%2BZbY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zob2xPiSryBYRseh1QMcVx3i61R_DMGvVu103gQctVstU5G97DXBAj-jXT5pSS3eeR-YRhSWM5_qjmof0iMm8y9smEozFH3M_BHrTTjA-MUfPlDCfwtgdKfo1GB--pwW69-HGqfWcKPNAW6_NBTvRgO34uHpoIz-vIsRKW6QV1keAZObdgBBG4f5QDA0_yZJBSNxGGYXexEdpP95JKsgbmnjIpUeRmetc6MDv-hawWfsrAQ9wzkAWn3E68aoDRvYavpHp0omnq7x4bfjZGhNQ2KSun7PPIEHkLvB4C8MSbN4lGhWHeoD7dbwqzi20KVZPU4Wvk9VW80cAnfTnyeUV-ND9Vo6S9uPnDGcBgrtCKx4t2m2NZ1EYgz2MLlUwqzrdWaS_bB_JvKuTVBh-DGcFgFRM91-hjAIvdO04nBICwawCP6SavCuzjI1w5a8bs-dk9i0w7tMH_M7NN11IWfAVJP9yverd2bpITBUvXZ0WwnEBxwzX23MA-7HtL76ahN5Tvodpvwm-kz_5xhdSXghsROMstqqBV4AADrTqii01YseDJST4YMbg5s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHi_tj7cXZNPTDOm-x_AP0b2w8AzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItMjU3MTA5MDg5NzcyNzExNcgBCakC1WC00sPmsT6oAwGqBMcBT9Co7xtt42KPTuUUrxNrQEdeiKQhJDRxCMmFKv4zrLS2uubJFKRVJ5xgZshQWzZaXtIGQ2jgOhtHG0HkZWEh7ZUqLxTbmQhXIr6hwAaD_KVziqlhhAPkm5EnbcsEs1_Bifh3WDo27ov1AZA_ndgTgYFI90HQIwjDgfZNrlS_98-jgDcCqWNfy9Xlzc-YtGC6xx3M3EpeJoixGfN7-iGefJDf2qHne4M2ACW9EZ97Oh6sJMYM5If0foC4T3gt4VZbMGc2l5ELB4AG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2fLhggry1iziedpxVp11T04XwEJg%26client%3Dca-pub-2571090897727115%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 70E8 2 KB
1 KB 25ms
25ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 70E8 308 B
636 B 26ms
26ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 70E8 293 B
621 B 27ms
26ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 70E8 43 B
347 B 28ms
24ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=c2mNzdf-d25BDl79y1zj0KUH4QWkLPwD6QN-Uzvdd4PIOb8ipioXAbrr0ADZ1jVbgWFr9e9dfcBbNDj7lLHX2dRyUJAgXlTuPXQ6244xoUJrZceP9Km5kd7RUO6PQcjim0_CJNuPDYCdUnlCdet28W2bbPMKFR9uAm9Ep8bdJktuuS7zU18q6-1cF30o-X-EnwbfKL0eFStYOOKo2PZrus6lu8sLq7VmqZwUyZwI8IxCu9WzjNdc54bYO5AFqgK-xbEX8GjcIqPmfFIDVVwhFDrf4H20aZhcQ4iiwHnYN6v6j69aDYrFsL0NZ95JX540m-kC5i00qXNmodR76M_PbH5scRiVOtAyz3g40mJ3llUlb2s49O4dK6UEHC2to1v2q9gX3zMPYo7ADxZeh2ijhyRbl6VWca4dS9F2kzGL7fsnd5R-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3628206
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/52667398/ 43 B
74 B 56ms
55ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/52667398/1?page-url=https%3A%2F%2Ftelegram-site.com%2F&charset=utf-8&hittoken=1679275919_3c6993f7c4e18fa01ce724e836aefce2bf2a100dfb1ae7328bd994cec6dfbd23&browser-info=pa%3A1%3Aar%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A1%3Als%3A311118967550%3Ahid%3A478523491%3Az%3A0%3Ai%3A20230320013159%3Aet%3A1679275920%3Ac%3A1%3Arn%3A1035366152%3Arqn%3A2%3Au%3A1679275919791135253%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1679275918090%3Aadb%3A2%3Ast%3A1679275920&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(2)lt(8600)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegram-site.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 20-Mar-2023 01:31:59 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://telegram-site.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 20-Mar-2023 01:31:59 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6EF9 2 KB
1 KB 29ms
28ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBe3jwADKdUIEd9pAAwe0YZFoHrKjXWILJSiEQ&u=%7ChLNqbprUX0nofnigx%2BR%2FXfBKdTXHWts5mPX2dxErC28%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC868MuVCbCghDyn07hiCHM7b4J0C5TF2tOZnjrqXwBvUr1CAavIRAgNRaBxOQtZX-xjKIiTjog3rPOl2niimphG1bl6qTIx_YN9qsRU5OOJoG6tsgbeeqCxZL6DRAlPXO2B-jstR30hnbLyegCIkJYTIpk08bWfQbI5Hrn3WxYyccDN3Ky152pzRJmSPwRLlElVgUpWWvDdVXpZEWEoMV6nFAC1eZnkLrnfVZ0sHFnXjFZpfxL2prY8jeDHpbEEkWAZDSsKBcahxAIzRa1iQPvhqsB2QK5E2CKMkRje9NYf1ZWTQWP15B3SCLLD4fYdBK6_ZkuTIAjbt8QK2UWuNPUq5IAaKMlQCxof2kfmoFvJQM51eVnXIAADB9jrIyM7lSndxCL5R2LZTS5MowhOknbm-_NZbri2W46sfzUUVRBQKl2KmCDFO30hbIlI4RiuMbG0kfg7zb_fBkh4j1rBkP-kZ_B2m_KsdSwL_gofSNDhKu_RxreKEx_PhNv52tk8ZoX1v6vHoGqklLOgC8rVt6b57-guzvbSiwK31f5zZpQkief3BYzgQDHZbYSb4zspqrJXw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCriEej7cXZNXTDOm-x_AP0b2w8AzJntKxXPXalvdwwI23ARABIABglQKCARdjYS1wdWItMjU3MTA5MDg5NzcyNzExNcgBCakC1WC00sPmsT6oAwGqBMgBT9CPgzt7ibvAcS_T2Rza3b5C24t9PKg6jDmZTwZoW_oTRqIRYh3gmwYMhU93abwdXtpGZPrA6BHoHbwqnIy9q4hcyuSGyvB5EH4xK7CkRKAlYs13onBtWkTBVPOFxlCjtnegZv8IP5zul5KphHKTCTukHTuuXzUJOMBOm7XWrCULo-Xd2gVH2cOTCZngHmTnexrnFeojHz4SSp-CtHJQ4IScaMqYYt_84YEUgNEcjNQb3REpbYi5SXWzTt2L_01yYho2ZPMYb-2ABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_ugTe4AgmYIZRscf91pf_Yzzj5w%26client%3Dca-pub-2571090897727115%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6EF9 2 KB
1 KB 29ms
29ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6EF9 308 B
636 B 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 6EF9 293 B
621 B 16ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 6EF9 43 B
347 B 19ms
18ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=A-iAd3snO68UYrYiDu2RaQt1qcyeRWISP-B1hAfpaL-p7urhFe2p2sHAPg47tu4mD2OApqA95z9TTb7S1IOSyMFFsQw0q60q2RndXyuYxTpxlz-G8-OMOqbjYH0nM0cxCKNzC_PVEYABVjGMIHUqfXl2bmyxPNIUtPzcwAMlzpz_c5qVfiB82wuiavXyf7-Er8N7qEg5nBu3Pm8ZnW-XpL_mL4yL302GhDw3PljyfT7lyUxhFd_00MC9y31Hr1GO1O1mv295zxEwzyYV8WfzCs7MAbBQfAYSNPBlIyD9V9TcbMzXnuULWB27wnzjDtkcbTTxb1K1TTEfjoripnoCzIhNl0f12Xl89d-HBoFOfYH3qWY6pQ0bvz0Th5Zo4x3umBCzZOnDP0Zt-XozABUdkMvl8jqssvvaAQL-APGwwZPilgK3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3019968
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 70E8 12 KB
5 KB 21ms
20ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2690003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtWvOUmdRAoYo8fhMke%2FibsnmC13HU8GYjqXTkseFmk3dDr1a6gzuQjPS7Z8eu9SIOSCtF0YWvZrxqQWmcwHXlRcaa%2BfR6RG7YwmzkfiD657%2FGfPA6aDczFZltcqNYfYjgrkPZN52uERrvEJzJya28pZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7aaa32e2cb009bdc-FRA
expires: Sat, 09 Mar 2024 01:31:59 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 70E8 12 KB
6 KB 22ms
22ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
H2 200 1OaKkZko0H0200000000U9nJx8lsL9BiPj4r_7wUPM_fiWb2bltRnLCOWC0J9XBgofyM5xk5KP4XbH4edldz_8tL8F5I4AyMfBQL4KHsWlX0mCGma_6jD8IzaF4G6uIrah6M2SBQovZyZuNXA9X_bf4PA7AL4QJrBYE330F3NyPPGF6vJ22HfKodWD9hcNu1sMUP_... Show response
yandex.ru/an/rtbcount/ 43 B
395 B 68ms
58ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1OaKkZko0H0200000000U9nJx8lsL9BiPj4r_7wUPM_fiWb2bltRnLCOWC0J9XBgofyM5xk5KP4XbH4edldz_8tL8F5I4AyMfBQL4KHsWlX0mCGma_6jD8IzaF4G6uIrah6M2SBQovZyZuNXA9X_bf4PA7AL4QJrBYE330F3NyPPGF6vJ22HfKodWD9hcNu1sMUP_WF1AoQ1wmx-fxwVPs1uUdBP4w_lh0n_cLX0Jc1c1PAzp8f0SYepIFDSPf1zAu6a0iXMbetCx6uiPtkQc9XECiDyVHMiyYwO_CdiuCGFSJHBTveKs3ChMDwQRs3v3mECEv3O1v3ODraWNljW_v1bPto1iU_aw_PlMK0UNC3AUPArzGKNMFe2QqD30yjDrhxlJvzTFdoOyoihI7S7MmFB1BQ-xKidJNgyg4bt1jkLmy4BsDwVwxZM-6rRJzvADfY91zWyJh0nFsBZpN1tj38hYF0jJ2nCDt_91hFx9vmraNrvkK-3GiLR-rdiREOc1YR6bXlOcNQmyvnW5t_0_l30rPETBzvDpFh1phE0uwtv2ev3l1iu_hBiu60404Mjj5i0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegram-site.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1679275919857108-2797480477824151163-sas3-0998-46d-sas-l7-balancer-8080-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 20 Mar 2023 01:31:59 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: https://telegram-site.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 20 Mar 2023 01:31:59 GMT

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
396 B 57ms
55ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegram-site.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Mar 2023 01:31:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://telegram-site.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:31:59 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 59ms
49ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://telegram-site.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://telegram-site.com
access-control-max-age: 1728000
content-encoding: gzip
date: Mon, 20 Mar 2023 01:31:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 84CE 95 B
400 B 215ms
53ms Image
image/png 2a02:6b8::5:114
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 20 Mar 2023 01:32:00 GMT
Strict-Transport-Security: max-age=315360000; includeSubDomains
Server: nginx/1.14.2
X-RT-IH: 0.0001
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Tue, 21 Mar 2023 01:32:00 GMT

GET
H2

200

cd8d1536cfbcf79555b257
an.yandex.ru/mapuid/arcspireis/ Frame 84CE
Redirect Chain

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389
https://an.yandex.ru/mapuid/arcspireis/cd8d1536cfbcf79555b257

43 B
82 B

55ms
55ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/arcspireis/cd8d1536cfbcf79555b257

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Mar 2023 01:32:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:32:00 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/arcspireis/cd8d1536cfbcf79555b257
date: Mon, 20 Mar 2023 01:31:59 GMT
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

1303420A8FB717641F0F8E2002907C18
an.yandex.ru/mapuid/sapeis/ Frame 84CE
Redirect Chain

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14
https://acint.net/rmatch?dp=14&euid=3203420A90B71764400002000219E616&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D
https://an.yandex.ru/mapuid/sapeis/1303420A8FB717641F0F8E2002907C18

43 B
80 B

56ms
55ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/1303420A8FB717641F0F8E2002907C18

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Mar 2023 01:32:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:32:00 GMT

Redirect headers

date: Mon, 20 Mar 2023 01:32:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://an.yandex.ru/mapuid/sapeis/1303420A8FB717641F0F8E2002907C18
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

fad36d67-63e3-524f-83b8-a583e7af120c
an.yandex.ru/mapuid/betweendigitalis/ Frame 84CE
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1
https://an.yandex.ru/mapuid/betweendigitalis/fad36d67-63e3-524f-83b8-a583e7af120c

43 B
80 B

57ms
55ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/fad36d67-63e3-524f-83b8-a583e7af120c

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Mar 2023 01:32:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:32:00 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/fad36d67-63e3-524f-83b8-a583e7af120c
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 84CE
Redirect Chain

https://yandex.ru/an/mapuid/adobedmp/
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=FD3D49BF6D6E5
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=FD3D49BF6D6E5

42 B
942 B

35ms
34ms

Image
image/gif

54.195.241.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=FD3D49BF6D6E5

Protocol

HTTP/1.1

Server

54.195.241.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-241-43.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-09eff2095.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: OW9oosxWSNk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v046-017db7cbf.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: pkq4NbPyQmE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=FD3D49BF6D6E5
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

match
match.360yield.com/ Frame 84CE
Redirect Chain

https://yandex.ru/an/mapuid/azerionis/
https://match.360yield.com/match?external_user_id=EC86FAF9BE4066E2&publisher_dsp_id=429&publisher_call_type=redirect

43 B
198 B

83ms
31ms

Image
image/gif

52.48.197.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?external_user_id=EC86FAF9BE4066E2&publisher_dsp_id=429&publisher_call_type=redirect
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H2
Server: 52.48.197.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-197-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 20 Mar 2023 01:32:00 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 20 Mar 2023 01:31:59 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1679275919858860-17428521002859467185-sas3-0998-46d-sas-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://match.360yield.com/match?external_user_id=EC86FAF9BE4066E2&publisher_dsp_id=429&publisher_call_type=redirect
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:31:59 GMT

GET
H2 200 /
yandex.ru/an/mapuid/behaviorx/ Frame 84CE 0
0 67ms
60ms Image
text/html 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yandex.ru/an/mapuid/behaviorx/
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2

200

match
ads.betweendigital.com/ Frame 84CE
Redirect Chain

https://yandex.ru/an/mapuid/betweenx/
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=A62BAD86010A9249

68 B
607 B

17ms
17ms

Image
image/png

188.42.34.65
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=A62BAD86010A9249
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H2
Server: 188.42.34.65 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 20 Mar 2023 01:31:59 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1679275919859393-10505201974299990525-sas3-0998-46d-sas-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=A62BAD86010A9249
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:31:59 GMT

GET
H/1.1

204
No Content

pixel
im.bluevoox.com/ Frame 84CE
Redirect Chain

https://yandex.ru/an/mapuid/blueseaxcom/
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=73D10E1C1FA8F46A

0
241 B

317ms
98ms

Image
text/plain

52.45.175.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=73D10E1C1FA8F46A
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: HTTP/1.1
Server: 52.45.175.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-175-185.compute-1.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Connection: close
Date: Mon, 20 Mar 2023 01:32:00 GMT
Server: openresty

Redirect headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 20 Mar 2023 01:31:59 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1679275919859732-4405248173214736047-sas3-0998-46d-sas-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=73D10E1C1FA8F46A
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:31:59 GMT

GET
H2 200 /
yandex.ru/an/mapuid/eplanningrtb/ Frame 84CE 0
0 66ms
59ms Image
text/html 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yandex.ru/an/mapuid/eplanningrtb/
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 84CE
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=D1F6E66CD55EA901&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
232 B

46ms
17ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=D1F6E66CD55EA901&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 20 Mar 2023 01:31:59 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1679275919860345-13201188110457854670-sas3-0998-46d-sas-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=D1F6E66CD55EA901&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:31:59 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 84CE
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=D1F6E66CD55EA901&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
232 B

45ms
17ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=D1F6E66CD55EA901&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 20 Mar 2023 01:31:59 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1679275919860636-9987894709068693454-sas3-0998-46d-sas-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=D1F6E66CD55EA901&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:31:59 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 84CE
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=D1F6E66CD55EA901&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
409 B

46ms
16ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=D1F6E66CD55EA901&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 20 Mar 2023 01:31:59 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1679275919860875-4719405790507014441-sas3-0998-46d-sas-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=D1F6E66CD55EA901&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:31:59 GMT

GET
H2

200

sync
t.adx.opera.com/ Frame 84CE
Redirect Chain

https://yandex.ru/an/mapuid/operacom/
https://t.adx.opera.com/sync?vendor=60143&uid=479D998822CEAEB4

35 B
466 B

270ms
67ms

Image
image/gif

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60143&uid=479D998822CEAEB4
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
server: nginx
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 20 Mar 2023 01:31:59 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1679275919910663-5057477944518569713-sas3-0998-46d-sas-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://t.adx.opera.com/sync?vendor=60143&uid=479D998822CEAEB4
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:31:59 GMT

GET
H2 200 /
yandex.ru/an/mapuid/xapadsssp/ Frame 84CE 43 B
159 B 115ms
109ms Image
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yandex.ru/an/mapuid/xapadsssp/

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 20 Mar 2023 01:31:59 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1679275919910933-8350893629585692099-sas3-0998-46d-sas-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:31:59 GMT

GET
H2

200

22f251cd25966ffb46cbf667d4b6835914cacf9986b08a8e0760c0b304313296
an.yandex.ru/mapuid/mediascope/ Frame 84CE
Redirect Chain

https://cm.tns-counter.ru/yacm
https://an.yandex.ru/mapuid/mediascope/22f251cd25966ffb46cbf667d4b6835914cacf9986b08a8e0760c0b304313296

43 B
80 B

56ms
55ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediascope/22f251cd25966ffb46cbf667d4b6835914cacf9986b08a8e0760c0b304313296

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Mar 2023 01:32:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:32:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
server: ms-counter-4.0.4/1.22.1
content-type: text/html
location: https://an.yandex.ru/mapuid/mediascope/22f251cd25966ffb46cbf667d4b6835914cacf9986b08a8e0760c0b304313296
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 204 match
dm.hybrid.ai/ Frame 84CE 0
279 B 144ms
43ms Image
text/plain 37.18.16.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=182

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://yastatic.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 122
x-xss-protection: 1; mode=block
expires: -1

GET
H2 204 yandexdmp-match
dm.hybrid.ai/ Frame 84CE 0
237 B 144ms
43ms Image
text/plain 37.18.16.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/yandexdmp-match

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 124
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

-rt18FwNc3AkmuB7AxAa
an.yandex.ru/mapuid/dmpamberdata/ Frame 84CE
Redirect Chain

https://dmg.digitaltarget.ru/1/119/i/i?i=1679275919
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1679275919989&i=1679275919
https://an.yandex.ru/mapuid/dmpamberdata/-rt18FwNc3AkmuB7AxAa

43 B
80 B

56ms
55ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpamberdata/-rt18FwNc3AkmuB7AxAa

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Mar 2023 01:32:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:32:00 GMT

Redirect headers

Date: Mon, 20 Mar 2023 01:32:00 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 70
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://an.yandex.ru/mapuid/dmpamberdata/-rt18FwNc3AkmuB7AxAa
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

match
match.360yield.com/ Frame 84CE
Redirect Chain

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID}
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D
https://an.yandex.ru/mapuid/azerionis/f3058aa5-842a-48db-937a-818497687288
https://match.360yield.com/match?external_user_id=f3058aa5-842a-48db-937a-818497687288&publisher_dsp_id=429&publisher_call_type=redirect

43 B
198 B

31ms
31ms

Image
image/gif

52.48.197.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?external_user_id=f3058aa5-842a-48db-937a-818497687288&publisher_dsp_id=429&publisher_call_type=redirect
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H2
Server: 52.48.197.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-197-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 20 Mar 2023 01:32:00 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Mar 2023 01:32:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://match.360yield.com/match?external_user_id=f3058aa5-842a-48db-937a-818497687288&publisher_dsp_id=429&publisher_call_type=redirect
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:32:00 GMT

GET
H2

200

45cb92e4-dd27-484b-439c-7578b64cf601
an.yandex.ru/mapuid/buzzooladspis/ Frame 84CE
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D
https://an.yandex.ru/mapuid/buzzooladspis/45cb92e4-dd27-484b-439c-7578b64cf601

43 B
365 B

55ms
55ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/buzzooladspis/45cb92e4-dd27-484b-439c-7578b64cf601

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Mar 2023 01:32:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:32:00 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/buzzooladspis/45cb92e4-dd27-484b-439c-7578b64cf601
date: Mon, 20 Mar 2023 01:31:59 GMT
server: nginx
content-length: 113
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

404

WhUVO7JtQtOyJtd71GPLHA
an.yandex.ru/setud/mts_banner/ Frame 84CE
Redirect Chain

https://kimberlite.io/rtb/sync/yandex
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZBe3kB5ZUfA
https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZBe3kB5ZUfA
https://tech.rtb.mts.ru/?dsp_uid=5a15153b-b26d-42d3-b226-d77bd463cb1c&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FWhUVO7JtQtOyJtd71GPLHA%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
https://an.yandex.ru/setud/mts_banner/WhUVO7JtQtOyJtd71GPLHA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=3712224630

43 B
104 B

55ms
55ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/WhUVO7JtQtOyJtd71GPLHA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=3712224630

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Mar 2023 01:32:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:32:00 GMT

Redirect headers

Date: Mon, 20 Mar 2023 01:32:00 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/WhUVO7JtQtOyJtd71GPLHA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=3712224630
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

/
an.yandex.ru/mapuid/targetrtbis/ Frame 84CE
Redirect Chain

https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
https://an.yandex.ru/mapuid/targetrtbis/

43 B
80 B

56ms
55ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/targetrtbis/

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Mar 2023 01:32:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:32:00 GMT

Redirect headers

Date: Mon, 20 Mar 2023 01:32:00 GMT
Server: nginx/1.22.1
Vary: Origin
Access-Control-Allow-Origin: *
Location: https://an.yandex.ru/mapuid/targetrtbis/
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET pixel
mitdmp.whiteboxdigital.ru/ Frame 84CE 0
0

GET
H2

200

0bda3ea5-9c1a-4fce-80d4-a9b629560cf7
an.yandex.ru/mapuid/hyperdspis/ Frame 84CE
Redirect Chain

https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/
https://an.yandex.ru/mapuid/hyperdspis/0bda3ea5-9c1a-4fce-80d4-a9b629560cf7

43 B
80 B

55ms
55ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/hyperdspis/0bda3ea5-9c1a-4fce-80d4-a9b629560cf7

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Mar 2023 01:32:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:32:00 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/hyperdspis/0bda3ea5-9c1a-4fce-80d4-a9b629560cf7
Access-Control-Allow-Origin: *
Date: Mon, 20 Mar 2023 01:32:00 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

/
an.yandex.ru/mapuid/ramblerssp/ Frame 84CE
Redirect Chain

https://profile.ssp.rambler.ru/sync3.302?pid=188
https://an.yandex.ru/mapuid/ramblerssp/

43 B
80 B

56ms
55ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Mar 2023 01:32:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:32:00 GMT

Redirect headers

date: Mon, 20 Mar 2023 01:32:00 GMT
strict-transport-security: max-age=0
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location: //an.yandex.ru/mapuid/ramblerssp/
content-type: application/x-javascript; charset=Windows-1251
x-passed: 2bal1
content-length: 0

GET
H2

200

uMFE0tPSNxFO.AikABlGG_KUMSg
an.yandex.ru/mapuid/getintentis/ Frame 84CE
Redirect Chain

https://px.adhigh.net/p/cm/yandexssp
https://px.adhigh.net/p/cm/yandexssp?bounced=1
https://an.yandex.ru/mapuid/getintentis/uMFE0tPSNxFO.AikABlGG_KUMSg

43 B
80 B

55ms
55ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/getintentis/uMFE0tPSNxFO.AikABlGG_KUMSg

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Mar 2023 01:32:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:32:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
server: nginx
x-backend-id: f24-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://an.yandex.ru/mapuid/getintentis/uMFE0tPSNxFO.AikABlGG_KUMSg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

TRInDeoWo5O0QeK6m0PVAO
an.yandex.ru/mapuid/dmpweborama/ Frame 84CE
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=2646436437
https://an.yandex.ru/mapuid/dmpweborama/TRInDeoWo5O0QeK6m0PVAO

43 B
80 B

55ms
55ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpweborama/TRInDeoWo5O0QeK6m0PVAO

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Mar 2023 01:32:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:32:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
via: 1.1 google
last-modified: Mon, 20 Mar 2023 01:32:00 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://an.yandex.ru/mapuid/dmpweborama/TRInDeoWo5O0QeK6m0PVAO
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 y
rtb-eu-warsaw.intent.ai/um/ Frame 84CE 68 B
837 B 68ms
39ms Image
image/png 2606:4700:20::ac43:48bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb-eu-warsaw.intent.ai/um/y

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48bf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:32:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 68
pragma: no-cache
last-modified: Mon, 20 Mar 2023 01:32:00 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVlA6hCVvrRRCGjydNxghJ78KfXQR3fdu1cMEUI%2FAaxqTTlCFKhL6JY1vPoQF49fvuZVFMzPZ6MZU0KH0yLXOCwF7Lede91KRrAKTk8v4xVsSodgWOLQmMOicRLsKQ2V7dNfo5Jo2U46r%2FVsuowX9QtHsxl%2B"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
cf-ray: 7aaa32e54bd95c4a-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2

200

JZUBsnPprOOjCuAKdtBc
an.yandex.ru/mapuid/kadamis/ Frame 84CE
Redirect Chain

https://s.uuidksinc.net/match/501
https://an.yandex.ru/mapuid/kadamis/JZUBsnPprOOjCuAKdtBc

43 B
80 B

55ms
55ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/kadamis/JZUBsnPprOOjCuAKdtBc

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Mar 2023 01:32:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:32:00 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/kadamis/JZUBsnPprOOjCuAKdtBc
date: Mon, 20 Mar 2023 01:32:00 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

629c7a4c-f4dc-4454-89a8-067f19220c7a
an.yandex.ru/mapuid/mtsdspis/ Frame 84CE
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=yandex&id=map
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map
https://tech.rtb.mts.ru/?dsp_uid=629c7a4c-f4dc-4454-89a8-067f19220c7a&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F629c7a4c-f4dc-4454-89a8-067f19220c7a
https://an.yandex.ru/mapuid/mtsdspis/629c7a4c-f4dc-4454-89a8-067f19220c7a

43 B
80 B

54ms
54ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mtsdspis/629c7a4c-f4dc-4454-89a8-067f19220c7a

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Mar 2023 01:32:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:32:00 GMT

Redirect headers

Date: Mon, 20 Mar 2023 01:32:00 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/mapuid/mtsdspis/629c7a4c-f4dc-4454-89a8-067f19220c7a
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET scr.php
sonar.semantiqo.com/dmp/ Frame 84CE 0
0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 84CE 42 B
201 B 283ms
56ms Image
image/gif 81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 20 Mar 2023 01:32:00 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 84CE 42 B
201 B 255ms
58ms Image
image/gif 81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 20 Mar 2023 01:32:00 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 pixel.gif
sync.1dmp.io/ Frame 84CE 12 B
155 B 178ms
42ms Image
text/html 87.242.89.90
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 87.242.89.90 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:32:00 GMT
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
server: elb
accept-ranges: bytes
etag: "63d8131e-c"
content-length: 12
content-type: text/html

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame 84CE 43 B
390 B 41ms
7ms Image
image/gif 31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=yandex
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 20 Mar 2023 01:32:00 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 204 yandexortb
sync.dmp.otm-r.com/match/ Frame 84CE 0
69 B 175ms
46ms Image
text/plain 194.55.244.181
PROCLOUD PROCLOUD...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/yandexortb
Requested by: Host: telegram-site.com
URL: https://telegram-site.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.181 , Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 20 Mar 2023 01:32:00 GMT
server: nginx/1.23.2

GET
H2

200

NjcyMmEwMWYyN2UyNDU2ZQ
an.yandex.ru/mapuid/gonetisnew/ Frame 84CE
Redirect Chain

https://sync.gonet-ads.com/match/yandex?id=[buyerUid]
https://sync.gonet-ads.com/match/yandex?id=%5BbuyerUid%5D&chk=1
https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

43 B
80 B

54ms
54ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Mar 2023 01:32:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:32:00 GMT

Redirect headers

date: Mon, 20 Mar 2023 01:32:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
location: https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

76c52da4-b8b8-4223-ad51-03fe300356e2
an.yandex.ru/mapuid/upravelis/ Frame 84CE
Redirect Chain

https://sync.upravel.com/yandex/sync
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://an.yandex.ru/mapuid/upravelis/76c52da4-b8b8-4223-ad51-03fe300356e2

43 B
80 B

55ms
55ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/upravelis/76c52da4-b8b8-4223-ad51-03fe300356e2

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Mar 2023 01:32:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:32:00 GMT

Redirect headers

date: Mon, 20 Mar 2023 01:32:00 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://an.yandex.ru/mapuid/upravelis/76c52da4-b8b8-4223-ad51-03fe300356e2
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

3tDwKX1AvOW1na%2BkxqN5dg
an.yandex.ru/mapuid/dmpaidatame/ Frame 84CE
Redirect Chain

https://x01.aidata.io/0.gif?pid=YANDEX
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
https://an.yandex.ru/mapuid/dmpaidatame/3tDwKX1AvOW1na%2BkxqN5dg?sign=2708363533

43 B
80 B

56ms
55ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpaidatame/3tDwKX1AvOW1na%2BkxqN5dg?sign=2708363533

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Mar 2023 01:32:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:32:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
last-modified: Mon, 20 Mar 2023 01:31:59 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://an.yandex.ru/mapuid/dmpaidatame/3tDwKX1AvOW1na%2BkxqN5dg?sign=2708363533
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 20 Mar 2023 01:31:59 GMT

GET
H2

200

CHFfOTNfU0Sy
an.yandex.ru/mapuid/dmpsegmento/ Frame 84CE
Redirect Chain

https://yandex-dmp-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/dmpsegmento/CHFfOTNfU0Sy?sign=2782570760

43 B
80 B

56ms
56ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpsegmento/CHFfOTNfU0Sy?sign=2782570760

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Mar 2023 01:32:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:32:00 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/dmpsegmento/CHFfOTNfU0Sy?sign=2782570760
Date: Mon, 20 Mar 2023 01:32:00 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

KCokZHP8Q90k
an.yandex.ru/mapuid/rutargetis/ Frame 84CE
Redirect Chain

https://yandex-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/rutargetis/KCokZHP8Q90k

43 B
80 B

55ms
55ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/rutargetis/KCokZHP8Q90k

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Mar 2023 01:32:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 01:32:00 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/rutargetis/KCokZHP8Q90k
Date: Mon, 20 Mar 2023 01:32:00 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 6EF9 12 KB
5 KB 20ms
20ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 268910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98P6Bu%2BWbksrp4Y8yYpFQKY%2BlJi6sUveBjvxuqjdcOLzttJWsdDDqTiCNvEYWw57zJs0dFuF7kIbetBVpwLlXVdvS4EMAaZVo7LRAM1nV0UuJtUIMTB6GAswqV9xHHzHfmeiX99q5X%2FPXa%2BFrHMUmNI9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7aaa32e30bd96964-FRA
expires: Sat, 09 Mar 2024 01:31:59 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6EF9 12 KB
6 KB 16ms
16ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:31:59 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/2163124/ 43 B
74 B 62ms
61ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/2163124/1?page-url=https%3A%2F%2Ftelegram-site.com%2F&charset=utf-8&cnt-class=1&hittoken=1679275919_477dca811780d9c514e98ce0bdbec63de89a076383e93bc005cf435048bae84f&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A467%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A425370177181%3Ahid%3A478523491%3Az%3A0%3Ai%3A20230320013159%3Aet%3A1679275920%3Ac%3A1%3Arn%3A27756153%3Arqn%3A1%3Au%3A1679275919791135253%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C103%2C3%2C64%2C0%2C%2C188%2C2%2C%2C%2C%2C531%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1679275918090%3Aadb%3A2%3Ast%3A1679275920&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(1)lt(8600)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegram-site.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 20-Mar-2023 01:31:59 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://telegram-site.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 20-Mar-2023 01:31:59 GMT

GET
H2 200 2163124 Show response
mc.yandex.com/watch/ 43 B
74 B 55ms
55ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/2163124?page-url=https%3A%2F%2Ftelegram-site.com%2F&charset=utf-8&cnt-class=1&hittoken=1679275919_477dca811780d9c514e98ce0bdbec63de89a076383e93bc005cf435048bae84f&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A425370177181%3Ahid%3A478523491%3Az%3A0%3Ai%3A20230320013159%3Aet%3A1679275920%3Ac%3A1%3Arn%3A864647692%3Arqn%3A2%3Au%3A1679275919791135253%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1679275918090%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1679275920%3At%3ATelegram-site.com%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BC%D0%B5%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%D0%B5%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(2)lt(8600)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 20-Mar-2023 01:31:59 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://telegram-site.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 20-Mar-2023 01:31:59 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 70E8 0
127 B 19ms
17ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=rYip4RGSEzh_X97IWSr0yp91yG4Njt5aRIwd34ANdzOlTzov37xctzoLXbF9klSwGLnnk1fOARgeTjNLY0QJJ6f1lKOQYFEL8Ry-ulLdx2SeSs5cUgwUqEMksIbysu1HyPAECFoMyWFx-1FQiVI106R_wY4VLmo_YsaR9Q2ErbLR2GAbnsHjDDXTYXBTG3OzdufDQJ7c3yCF7s0LgVhZVUcLsWgDSd0zcmYkQBPLV5psTFF96sAlPrTru1c&sds=2&rev=85089&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 70E8 2 KB
1 KB 18ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 70E8 2 KB
1 KB 17ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 6EF9 38 KB
38 KB 61ms
30ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 6EF9 46 KB
46 KB 78ms
47ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6EF9 4 KB
4 KB 164ms
16ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F230313%2F083d2df2aad24ff99da4ddde5249fccb_bonprix_logo_rgb_pos.png&v=3&w=196&s=Gl3WtmIapnHP-HOYJSHwVoTA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

53db5de5f5524dc372b21d1d0a677d993b739b30b6e5c4276c45083ec28fabc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30545960
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3866
expires: Thu, 07 Mar 2024 14:31:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6EF9 16 KB
16 KB 164ms
17ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1572257596%2F19305493-37ZPPG7n.jpg&v=3&w=800&s=z1P7cnRGCJ8xe570klEDNtNi&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d6146780779c2950fe7b895d70d665ca62b06ad838d72d5a53e97c7b774e50f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=149446
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16028
expires: Tue, 21 Mar 2023 19:02:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6EF9 354 B
619 B 163ms
16ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&s=jBnWN17oJ5tiMqvOBZjs9kr3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28246223
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 354
expires: Fri, 09 Feb 2024 23:42:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6EF9 29 KB
29 KB 164ms
17ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1638961041%2F21303067-7VinWC8z.jpg&v=3&w=800&s=kkth5MAJkk7IYAl3TbypXhzO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b46dfa6990193c068a64ce6f10d2f2f44a3938ac1640fbf31d21621c2349b444

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=451696
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29508
expires: Sat, 25 Mar 2023 07:00:16 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6EF9 11 KB
11 KB 198ms
51ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1602135346%2F20236107-Sc3V3J8Z.jpg&v=3&w=800&s=4jlE25usojVM_d5dpZyJ1wLZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5c011b9796b130fc6cc45d82da81739370903fc8ae70a126c76fe74a7975c8c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=280828
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11448
expires: Thu, 23 Mar 2023 07:32:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6EF9 14 KB
14 KB 185ms
38ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1636032321%2F21255122-b4hZp9es.jpg&v=3&w=800&s=12fn7BFfllUE7AA-CZlIULHP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

6310a48c9a19fb485867d18243307ed9ed3be181b20e4ae7ae244c2445498694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=109669
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13950
expires: Tue, 21 Mar 2023 07:59:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6EF9 11 KB
12 KB 58ms
57ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F20068163-wgzsvn3g.jpg&v=3&w=800&s=SGd1j5zivr9fAnsFXZD8hxb1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

0d3d1a533068bc28da3c90468c519eeaa2c79f438c2b617cab1068c64e67e1c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:32:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=300329
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11514
expires: Thu, 23 Mar 2023 12:57:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6EF9 8 KB
8 KB 60ms
59ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1635342891%2F21272115-WfLqe6lm.jpg&v=3&w=800&s=jDrmb8Cahm_6TswSCO6vhAvT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

cbb5d0cd99752f39042ab89b65c414c46d91111198c4c805e45e8e807e77f46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=50648
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7914
expires: Mon, 20 Mar 2023 15:36:08 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6EF9 13 KB
13 KB 60ms
60ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F18248383-mJlUfzMk.jpg&v=3&w=800&s=NXYFU0iZGDYXs5GmDvco_G1G&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

17e75ada74535f579a90eb81a0c95fa979bade0003c00c0f1cc76b1bda482b87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=141594
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12948
expires: Tue, 21 Mar 2023 16:51:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6EF9 8 KB
8 KB 59ms
58ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1640273072%2F21318590-rzxpcwVA.jpg&v=3&w=800&s=4UIxG3mjoa_dlUhOejZJ3A9_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e378fbe32c17f1d03ccc9f7ef0957512438504b2f0e3f46d1f5c38cae9932f8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=113816
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8210
expires: Tue, 21 Mar 2023 09:08:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6EF9 14 KB
15 KB 61ms
60ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22247807-jmQe3p5W.jpg&v=3&w=800&s=fAYPonrOhsqLZsreq9VP0UZb&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

4d331a48af2fdb5bdd5b3b0ccb3c35c0307c714f2eb45271d7ffce8e98ece86c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=324499
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14682
expires: Thu, 23 Mar 2023 19:40:19 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6EF9 305 B
569 B 60ms
59ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_5.png&v=3&w=400&s=WxeZ40iswIdbUILCBA5EYhvv

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c1f9d8e277b69e27fbad364e41ef7754749a72df331f6298b425144883f9a7cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28249956
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 305
expires: Sat, 10 Feb 2024 00:44:36 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6EF9 42 KB
42 KB 61ms
60ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F1726%2F230220%2Fac706fc40f5d4a978f24baebb6b852fc_img_horizontal_1.jpg&v=3&w=1200&s=9WeKIVIwY8Aeiqlhu8PPz6dE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

30eda38dea6c2a71487ddeed57de56a298c0dbe5e8e8a7665d5345bb548ab78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28718499
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 42518
expires: Thu, 15 Feb 2024 10:53:39 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6EF9 0
127 B 17ms
17ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=D-kefhGSEzh_X97IFN8mchyB9VeO-OCjhCGsZSfKF1i6MpLt9H8LWen5Cu6K4T2639cjPh8lTrcjmahGfxeLldRf-iCq5p3Se7oWLPYrweBilvdpB0cQpqZv91-fbzbSBSvvvj5cLRBXHz0YZ5JEE1LJ6mdFZeG9h7x8yoCx3HihvfbUFvAo7auXc0X1T0geuOhHJE6X5Td5C3fRaPhPQfeYA7a-mBV3YDohroypspHovmNfznbv2v5U4ceJjNAYdzc8sQ&sds=2&rev=85089&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6EF9 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6EF9 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
DATA 200
OK truncated
/ Frame 85D4 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 164bd80da6c8b84e7409bd2dd7e1cf15e81e07dd3ac59371381c7ae854982355

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 796F 46 KB
46 KB 21ms
20ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 796F 38 KB
38 KB 17ms
16ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:31:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 796F 5 KB
5 KB 145ms
61ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=100&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F230313%2F083d2df2aad24ff99da4ddde5249fccb_bonprix_logo_rgb_pos.png&v=3&w=356&s=oBg7PLHUZgk6FUX2IgeL3bHa

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

dce19dbf6566973efea074fa29a17fcfab2576c1265f6a13c1bb51bd6ad5ea44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30545960
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4904
expires: Thu, 07 Mar 2024 14:31:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 796F 133 KB
133 KB 145ms
60ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F1726%2F230220%2F79aa09ff228e4829b2a6f990deced554_img_vertical_1.jpg&v=3&w=1200&s=pIvNbEaMY-cafFrLUHes0fIh

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

216c9694c0db180e9bec6a2ba5bd0290b410750e75f40c7aa8acd4959ed94117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:32:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28718917
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 136226
expires: Thu, 15 Feb 2024 11:00:37 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 796F 11 KB
11 KB 134ms
50ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1602135346%2F20236107-Sc3V3J8Z.jpg&v=3&w=400&s=e1Fw_anLwICRVaG_eKbuNFHU&b=400

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5c011b9796b130fc6cc45d82da81739370903fc8ae70a126c76fe74a7975c8c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=280828
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11448
expires: Thu, 23 Mar 2023 07:32:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 796F 16 KB
16 KB 135ms
51ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1572257596%2F19305493-37ZPPG7n.jpg&v=3&w=400&s=BjyPLb_T-MFxq0aSBo5BhvmZ&b=400

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d6146780779c2950fe7b895d70d665ca62b06ad838d72d5a53e97c7b774e50f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=149446
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16028
expires: Tue, 21 Mar 2023 19:02:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 796F 8 KB
8 KB 142ms
58ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1635342891%2F21272115-WfLqe6lm.jpg&v=3&w=400&s=uZhz8CpGn4TJo4GLUq1oQzZA&b=400

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

cbb5d0cd99752f39042ab89b65c414c46d91111198c4c805e45e8e807e77f46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=50648
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7914
expires: Mon, 20 Mar 2023 15:36:08 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 85D4 0
18 B 54ms
53ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeY1Hj7cXZNTTDOm-x_AP0b2w8AzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItMjU3MTA5MDg5NzcyNzExNcgBCakC1WC00sPmsT6oAwGqBMQBT9AwqwlcJhMseM3pjzfUwVbkmwMy2Gplcmq1vibcoHl-hbwlUyC4VqlG93PpMv0Tsu5ttQhTPo5KCF6T5F3Ek-gUs7OiuPoYXbaduvK6zTBhEdQqPY62tajx7Q1KeVPreZVnAgdlU0xMUIaMJI_y69kRkFwH8sXsVMDgOEYumzncjPdUrEa8u9KNBGTutE4zym3NpdN2LSyR9aaRWLxmFHsuWeGpdj1cdc7bK4bwpvHmR2oX1wetsMCfu_MRXwt2aWm4j4AG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjU3MTA5MDg5NzcyNzExNRgA&sigh=wcWiyd7i7fo&uach_m=[UACH]&cid=CAQSGwDUE5ymBrPWy1F6gVkmuUyBcTQjf6kSPNINqxgB&vis=1

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Mar 2023 01:32:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 85D4 0
125 B 13ms
13ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMC-MLQB9AOdg2ICAgAAALdwlxDfqOESEI63F2T0QpbnGU031asQAAASAAAKDkFRVUJBUVlCQVFFQkFR&wp=ZBe3jwADKdQIEd9pAAwe0ZPwXT--722rhBAdjg

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 188624
content-length: 0

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 70E8 46 KB
46 KB 18ms
17ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:32:00 GMT

GET
DATA 200
OK truncated
/ Frame 6B0D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d91e8ad2349019e7ea4ce712710eaa411a7d82272e46ea630c94b757d9bb5499

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 70E8 38 KB
38 KB 17ms
17ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:32:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6B0D 0
18 B 53ms
53ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2aARj7cXZNPTDOm-x_AP0b2w8AzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItMjU3MTA5MDg5NzcyNzExNcgBCakC1WC00sPmsT6oAwGqBMQBT9Co7xtt42KPTuUUrxNrQEdeiKQhJDRxCMmFKv4zrLS2uubJFKRVJ5xgZshQWzZaXtIGQ2jgOhtHG0HkZWEh7ZUqLxTbmQhXIr6hwAaD_KVziqlhhAPkm5EnbcsEs1_Bifh3WDo27ov1AZA_ndgTgYFI90HQIwjDgfZNrlS_98-jgDcCqWNfy9Xlzc-YtGC6xx3M3EpeJoixGfN7-iHcfrFNXS57aDyqFIZtLDmDMwqmkswi_AVAtr0evcczzU7emuMlKIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjU3MTA5MDg5NzcyNzExNRgA&sigh=43JO3hXUPIE&uach_m=[UACH]&cid=CAQSGwDUE5ymBrPWy1F6gVkmuUyBcTQjf6kSPNINqxgB&vis=1

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Mar 2023 01:32:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 6B0D 0
125 B 14ms
13ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMC-MLQB9AOdg2ICAgAAALdwlxDfqOESEI63F2RodU0BwyDlHuWuAAASAAAKDkFRVUJBUVlCQVFFQkFR&wp=ZBe3jwADKdMIEd9pAAwe0fkevxCbb6ybO2VGDw

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 170740
content-length: 0

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 70E8 5 KB
5 KB 17ms
16ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

dce19dbf6566973efea074fa29a17fcfab2576c1265f6a13c1bb51bd6ad5ea44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:32:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30545960
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4904
expires: Thu, 07 Mar 2024 14:31:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 70E8 133 KB
133 KB 20ms
15ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

216c9694c0db180e9bec6a2ba5bd0290b410750e75f40c7aa8acd4959ed94117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28718917
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 136226
expires: Thu, 15 Feb 2024 11:00:37 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 70E8 16 KB
16 KB 18ms
13ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d6146780779c2950fe7b895d70d665ca62b06ad838d72d5a53e97c7b774e50f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=149446
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16028
expires: Tue, 21 Mar 2023 19:02:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 70E8 11 KB
11 KB 17ms
14ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5c011b9796b130fc6cc45d82da81739370903fc8ae70a126c76fe74a7975c8c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=280828
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11448
expires: Thu, 23 Mar 2023 07:32:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 70E8 8 KB
8 KB 18ms
14ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

cbb5d0cd99752f39042ab89b65c414c46d91111198c4c805e45e8e807e77f46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=50648
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7914
expires: Mon, 20 Mar 2023 15:36:08 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 796F 11 KB
11 KB 17ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5c011b9796b130fc6cc45d82da81739370903fc8ae70a126c76fe74a7975c8c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=280828
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11448
expires: Thu, 23 Mar 2023 07:32:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 796F 16 KB
16 KB 16ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d6146780779c2950fe7b895d70d665ca62b06ad838d72d5a53e97c7b774e50f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=149446
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16028
expires: Tue, 21 Mar 2023 19:02:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 796F 8 KB
8 KB 17ms
15ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

cbb5d0cd99752f39042ab89b65c414c46d91111198c4c805e45e8e807e77f46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:32:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=50648
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7914
expires: Mon, 20 Mar 2023 15:36:08 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 796F 5 KB
5 KB 18ms
17ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

dce19dbf6566973efea074fa29a17fcfab2576c1265f6a13c1bb51bd6ad5ea44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30545960
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4904
expires: Thu, 07 Mar 2024 14:31:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 796F 133 KB
133 KB 17ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

216c9694c0db180e9bec6a2ba5bd0290b410750e75f40c7aa8acd4959ed94117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28718917
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 136226
expires: Thu, 15 Feb 2024 11:00:37 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 35ms
34ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230315&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fe9597c87bcda364ed092f01e096a734c7f12d811e904fad835f2503f80abd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11159
x-xss-protection: 0

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 70E8 5 KB
5 KB 19ms
15ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

dce19dbf6566973efea074fa29a17fcfab2576c1265f6a13c1bb51bd6ad5ea44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30545960
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4904
expires: Thu, 07 Mar 2024 14:31:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 70E8 16 KB
16 KB 19ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d6146780779c2950fe7b895d70d665ca62b06ad838d72d5a53e97c7b774e50f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:32:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=149446
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16028
expires: Tue, 21 Mar 2023 19:02:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 70E8 11 KB
11 KB 20ms
17ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5c011b9796b130fc6cc45d82da81739370903fc8ae70a126c76fe74a7975c8c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=280828
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11448
expires: Thu, 23 Mar 2023 07:32:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 70E8 8 KB
8 KB 19ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

cbb5d0cd99752f39042ab89b65c414c46d91111198c4c805e45e8e807e77f46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:31:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=50648
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7914
expires: Mon, 20 Mar 2023 15:36:08 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 70E8 133 KB
133 KB 20ms
18ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

216c9694c0db180e9bec6a2ba5bd0290b410750e75f40c7aa8acd4959ed94117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:32:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28718917
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 136226
expires: Thu, 15 Feb 2024 11:00:37 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Mar 2023 01:32:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5709 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegram-site.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15265
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 21:17:35 GMT
expires: Mon, 18 Mar 2024 21:17:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 76C4 783 B
1 KB 39ms
16ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a95f50320410972111855ca8b3e12978bee5f65581dcbc682a02073307f362c5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0E9Exr15WoSIv9AMPtcDpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegram-site.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-0E9Exr15WoSIv9AMPtcDpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 01:32:00 GMT
expires: Mon, 20 Mar 2023 01:32:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 PQ7F-3j7IW7HtCEpcT_WSI9tX5puXOVPYtzmzEMsE24.js Show response
pagead2.googlesyndication.com/bg/ Frame 5709 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PQ7F-3j7IW7HtCEpcT_WSI9tX5puXOVPYtzmzEMsE24.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d0ec5fb78fb216ec7b42129713fd6488f6d5f9a6e5ce54f62dce6cc432c136e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 01:58:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14034
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Mar 2024 01:58:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 76C4 0
0 74ms
73ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230315&jk=3367778397263470&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5709 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?MRArQg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:32:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B03B 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjXU2aK5t8try4xBJIyW8iK09cKC8lJDQpRp4HdLTBDVLPzeG-V22tujJwqVcBHiAGAEwjFzyp8ipjtgWIrcdVvCY&sig=Cg0ArKJSzMd1YhkVHoPREAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=163,832,1000,1200,1244&tos=163,669,168,200,44&v=20230315&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679275919430&rpt=221&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
44ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230315&jk=3367778397263470&bg=!zs2lzZnNAAZEjmHWZI47ADkAdvg8WqCuiP-3Edu7rM9CihVywXVsSPkmW8Sokl55O03C3hLzwVwydpB5S-iFwcwyq_UCalKE5HECAAAAZ1IAAAABaAEHmQKhRQzv8j-A16nQo-npdsjemydV8G5Jnc02AFnmc2_Nuj7HWcYlyptTrZCrTeCBC9uRhLSOUxvoil2W2ph5j9sKgRIZ_9_a-BtamXubQk9S3Z44u7OLDtZ8eMrlndZ312JkyaCYFVXOhDzXyG9yRZM2Y8jbPW6EG51qR2X3T_9EMRQDe04S930mdoXAb6szCIWvRKQXSwQW9LKSbkW21DXcULfj7HAYDZ3im1cx-r9Rl2NzA1UKPBnnh73iAVRFma63cqrGDWpDkGp0Z0nXxu0LA185vrXaBAWI4aZL63JrkK2euFf4eDCV6n3DWZ0ez7v7zPwJdnq9Nidva4ZFHY3g3YYJQghtVN5ZV5f9Ptno4AkxjH3L8p4YxYNIpgtzgaQ0BPE8Tk4EWvKiBvWfO-ObyJuZ9w91I4YW7CmXhvM53d7TKZsb3jAUStqlzO-JHzuzKBIaMWhDWAxn1-LHJOQxvBM8JR3bnyHGwYisQi94qVqKWyJvSfD0iPpe7d5nXzKYhWu7PAm2T8bxwtQ02FJU-94V-Hv8E2BTVChNPeknlJuOwm6csXPeo28XFRDaqzHZNeXJyr_QUrZNvW7DXYxmxBNg6qUAn76-2MLFuB3MQ9S_EnWndJGhBHVli7BDAgPdQBFl7zGYyPz43NPAa3SKVlBGSOHEN3qZXeOKwAPIw213ZiSqGfOr_kByP_5sUjWG5repTpduXDJt8u23erhdXFMk46YpkKH4mq0ShQqye5EdKGEeMy5uHhIijBLzvDZBHPucf5G66SjsZoe155lcDOILBhznfjLXGqwhDo5UE25ngUwzmpb3j-KNJeQsXM8nUwTQqJuGzFIqkeRVj1kLPp7nk89aYru9FmCZJP6SMVhFqu05kbh5WnLqSPy1N1RTCQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://telegram-site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame 796F 0
127 B 18ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 20 Mar 2023 01:32:01 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 6EF9 0
127 B 19ms
17ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 20 Mar 2023 01:32:00 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 85D4 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstO6L0nTjl4J0fHdYw7PZC-yrWJ051-VdzLS6YR3PNLkZLd6KUTeFEcrJOCikLCKWBxjXJaGYGlrfBCOisC5itkdh8&sig=Cg0ArKJSzEZdcxySpEe4EAE&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679275919428&rpt=154&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 70E8 0
127 B 18ms
17ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 20 Mar 2023 01:32:00 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6B0D 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssm81HpSnjK11l4uzsuOr1Uln17kUNAu0hRe9DifOvc8hQ6vjlteINKVyka0u5yFOpHORazb3NJyoSkW2yCVwyIs1s&sig=Cg0ArKJSzNuQSFIYL6PgEAE&id=lidar2&mcvt=1001&p=0,0,500,180&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679275919425&rpt=142&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame 84CE 105 KB
37 KB 40ms
40ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: telegram-site.com
URL: https://telegram-site.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:32:01 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: d9332d4d398077ec
timing-allow-origin: *
expires: Wed, 22 Mar 2023 13:27:22 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 84CE 162 KB
57 KB 55ms
55ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

cf0e934daa92ef101fcdf4f64d318324f197533bc3a8ad60630a947cef5d7073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:32:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Mar 2023 11:37:34 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6412d54e-e3bd"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58301
expires: Mon, 20 Mar 2023 02:32:01 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame 84CE 403 B
750 B 79ms
79ms Fetch
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Ftelegram-site.com%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

922df776974f6ba24eaa5a17231afd547f24ea3d08fd8304e5ff99d4e8e59cde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1679275921693416-10786521646628942426-sas3-0998-46d-sas-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 84CE 43 KB
16 KB 54ms
18ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

ad9b221517917e35287fcecf69dac74c8b8cdef705b77b6aa86653858846ea13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:32:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15849
x-xss-protection: 0
server: cafe
etag: 10303980712498501990
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 01:32:01 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 84CE
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=kbcXZMm1MOqolQeLrrHIBw...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=959007550&crd=&is_vtc=1&random=649835969
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=959007550&crd=&is_vtc=1&random=649835969&ipr=y

42 B
108 B

26ms
20ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=959007550&crd=&is_vtc=1&random=649835969&ipr=y

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=959007550&crd=&is_vtc=1&random=649835969&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 84CE
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=kbcXZKXxMIOt9u8PlNWeoA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=193486907&crd=&is_vtc=1&random=3262083458
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=193486907&crd=&is_vtc=1&random=3262083458&ipr=y

42 B
108 B

20ms
20ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=193486907&crd=&is_vtc=1&random=3262083458&ipr=y

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=193486907&crd=&is_vtc=1&random=3262083458&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 84CE 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1679275921811&cv=9&fst=1679275921811&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelegram-site.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5532b60454b57f27f9485da7dc5beb5e31a7a21391cf571035803dfc1ac9e62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1382
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 84CE 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1679275921815&cv=9&fst=1679275921815&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelegram-site.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1346c4b9f0382d4789c1a4d89fd1c942ff9adf71252ece1144fe9b508c4f438f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1386
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 84CE 3 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1679275921817&cv=9&fst=1679275921817&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelegram-site.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3c873c68ec4a34e56324e7e7f5aa833764cc64cadbef73d217efc049bac71ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 84CE 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1679275921818&cv=9&fst=1679275921818&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelegram-site.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adf5985817fc5416d9392c85905d5af20c0e0eeef94e542bf3e73cb33492ce8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1384
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 84CE 42 B
108 B 23ms
20ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1679275921811&cv=9&fst=1679274000000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelegram-site.com%2F&async=1&fmt=3&is_vtc=1&random=2898198214&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 84CE 42 B
455 B 44ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1679275921811&cv=9&fst=1679274000000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelegram-site.com%2F&async=1&fmt=3&is_vtc=1&random=2898198214&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame 84CE 256 B
356 B 56ms
55ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Ftelegram-site.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1614993008635%3Ahid%3A397176744%3Az%3A0%3Ai%3A20230320013201%3Aet%3A1679275922%3Ac%3A1%3Arn%3A779829469%3Arqn%3A1%3Au%3A1679275922676789913%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C19%2C32%2C1%2C0%2C0%2C%2C58%2C0%2C112%2C112%2C0%2C112%3Aco%3A0%3Acpf%3A1%3Ans%3A1679275919666%3Ast%3A1679275922&t=clc(0-0-0)rqnt(1)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

32ac3a5f2dbd89aa7d57a54ce52839644f1aae2558f8689ff4ee52547118f055

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 20-Mar-2023 01:32:01 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Mon, 20-Mar-2023 01:32:01 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 84CE 43 B
113 B 55ms
55ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 01:32:01 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Mar 2023 11:37:34 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6412d54e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 20 Mar 2023 02:32:01 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 84CE 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1679275921815&cv=9&fst=1679274000000&num=1&guid=ON&eid=466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelegram-site.com%2F&async=1&fmt=3&is_vtc=1&random=3739885358&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 84CE 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1679275921815&cv=9&fst=1679274000000&num=1&guid=ON&eid=466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelegram-site.com%2F&async=1&fmt=3&is_vtc=1&random=3739885358&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 84CE 42 B
64 B 21ms
19ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1679275921818&cv=9&fst=1679274000000&num=1&guid=ON&eid=466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelegram-site.com%2F&async=1&fmt=3&is_vtc=1&random=333157057&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 84CE 42 B
108 B 21ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1679275921818&cv=9&fst=1679274000000&num=1&guid=ON&eid=466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelegram-site.com%2F&async=1&fmt=3&is_vtc=1&random=333157057&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 84CE 42 B
64 B 22ms
21ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1679275921817&cv=9&fst=1679274000000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelegram-site.com%2F&async=1&fmt=3&is_vtc=1&random=3857363878&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 84CE 42 B
108 B 21ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1679275921817&cv=9&fst=1679274000000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelegram-site.com%2F&async=1&fmt=3&is_vtc=1&random=3857363878&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1HzimTMn0H0200000000U9nJx8lsL9BiPj4r_7wUPM_fiWb2bltRnLCOWC0J9XBgofyM5xk5KP4XbH4edldz_8tL8F5I4AyMfBQL4KHsWlX0mCGma_6jD8IzaF4G6uIrah6M2SBQovZyZuNXA9X_bX6awIgOlCl88CF0y9Tn5b1yBXD8P2dJAMO6XhLClu3iiqp_W... Show response
yandex.ru/an/rtbcount/ 43 B
697 B 58ms
58ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1HzimTMn0H0200000000U9nJx8lsL9BiPj4r_7wUPM_fiWb2bltRnLCOWC0J9XBgofyM5xk5KP4XbH4edldz_8tL8F5I4AyMfBQL4KHsWlX0mCGma_6jD8IzaF4G6uIrah6M2SBQovZyZuNXA9X_bX6awIgOlCl88CF0y9Tn5b1yBXD8P2dJAMO6XhLClu3iiqp_WU0Lay1r1_zJtyypC3mzkUo9rtTMXhzCB20dCBC2oLvcHI0vbHcaUIupoBwLG581P2lBHcPsDvQpFKrCJ2UPORw-2bPv5qp-P7PmueSucgKxJGhicHKiRyqtiFo70SOTIEm3IEoRB12lVR1_oB8pli3OT_9r-xSi80ykOEKyoThwWWiiVO6reQ61vIPht_UdpouVFipvbHMakuEjWMK2Mz_sfPCcFLxKf3k3xShXu0LixyzrN6lyjgqdRoKRpCG3R1uds9WViV5ck3jQcHL4-1Oc5gQRlsI3sVqJpfh8lhpSfq6XugtzB7OsSnC34sFB3UnCEzXvJh2BFs1_UE3goSuNxoPc_M3dMS3nrdm5no7U3Hn_MNPmC080Gf6qMG00?confirmTime=2100000&confirmRatio=1000000&test-tag=47828755808258&format-type=118&actual-format=8&rnd=5427565392536&banner-sizes=eyI3MjA1NzYwNzU0MzkwODI2NyI6IjExNDB4MzAwIn0%3D&width=1140&height=300

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegram-site.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 20 Mar 2023 01:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1679275921944835-6969563757515523282-sas3-0998-46d-sas-l7-balancer-8080-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 20 Mar 2023 01:32:01 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: https://telegram-site.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 20 Mar 2023 01:32:01 GMT

GET
H2 200 WOqejI_zOEC07Gm0P1HUPWz5eoQlAGK0um4GW8200J6FjnTa000003ZeXeW2Y081kG9ZeVH8m4jv0F02fyxojmtm2l050Q06o0791evRII8PYmGjgGVtpzYhTQQG4lW70T08We20W0BNG4_Azyy00EN9fkHAz_0B1k0DWe20WO20W8W4c0wEjwMIakEYWYse3_UVa... Show response
yandex.ru/an/count/ 43 B
215 B 65ms
65ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WOqejI_zOEC07Gm0P1HUPWz5eoQlAGK0um4GW8200J6FjnTa000003ZeXeW2Y081kG9ZeVH8m4jv0F02fyxojmtm2l050Q06o0791evRII8PYmGjgGVtpzYhTQQG4lW70T08We20W0BNG4_Azyy00EN9fkHAz_0B1k0DWe20WO20W8W4c0wEjwMIakEYWYse3_UVa-ZRpgd84f0GtBoRmFsTiOjdm8xAob3m4WY84m6G4pBW507m5S6AzkoZZxpyOvWMa9sXe0QWoHRO5e4Ng1S9q1WX-1Y2oxRypvZkn6I06OaPXUYm6RWP____0S0PZk-NjxxwyE49qXaIUM5YSrzpPN9sPN8lSZSvE2qnw1dq2F0PWC83c1hKmrEm6qYu6mE270reHq4wDd1OJN5XSMStwHo07Vz_W202Y20Cq27___y1rIB__t__WIC00000003mFn80CWDjc55nF3dkErhDIfFRaJEX11pII5oQ344QbK5qzeokwADcu0838bV2sZcKawZcg4ZIA6uGaK4e~1=WPiejI_zOC80ZGm0L1PM7ozomW6qYxcspTcxmB81W078YjVJmuhxYke1Y06_-Do-eG6G0TQUfz3aW8200fW1rfwdq6Iu0QJMe9ycs07ug-kk0U01bfMlcG7e0JoW0exwXG6m0-GCY0MNjnYG1UoCLR05hz4Lk0MlqHN01TJGX0l81QkIvmBG1P7y1wW6o06f1_VFsAjrff0Ik0U01T08keY0WSA0W0RW28VzGkW91u0A0VWAWBKOw0oJ0fWDlw0qmR2GWW6O4OdbBA6vW1I0W804q1JavBnxw1IC0fWMa9sXe0QWoHRmFz0MafdUlW6O5vUrj2ou5m705xNM0Q0Pm06u6V___m616l__hsRUDroFg1u1i1y1o1_yrRLNgI1Kb2dnd8wjFxWWxkWia2BNfIoG8jYbB90YmgWia2A3vIoG8eJbB90YYUKirIB__t__WIE98vgPcPcPcTa_a2FYq97rjOZg_RW1c2E0bRZQeyEYm4aC0CyU94QzXaCc1aPbp8dXC1npORPvsHphaYHfpcwhIcaNaU_xS34OB8e0~1?stat-id=1&test-tag=47828755864081&banner-sizes=eyI3MjA1NzYwNzU0MzkwODI2NyI6IjExNDB4MzAwIn0%3D&format-type=118&actual-format=8&pcodever=740439&banner-test-tags=eyI3MjA1NzYwNzU0MzkwODI2NyI6IjU3MzkzIn0%3D&constructor-rendered-assets=eyI3MjA1NzYwNzU0MzkwODI2NyI6MTcwMzd9&width=1140&height=300&confirmTime=2100000&confirmRatio=1000000&wmode=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegram-site.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 20 Mar 2023 01:32:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1679275922159871-14128082657999443550-sas3-0998-46d-sas-l7-balancer-8080-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 20 Mar 2023 01:32:02 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: https://telegram-site.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 20 Mar 2023 01:32:02 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame 84CE 439 B
547 B 63ms
62ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Ftelegram-site.com%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A1%3Als%3A1427359719702%3Ahid%3A397176744%3Aphid%3A478523491%3Az%3A0%3Ai%3A20230320013202%3Aet%3A1679275922%3Ac%3A1%3Arn%3A774686975%3Arqn%3A1%3Au%3A1679275922676789913%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C19%2C32%2C1%2C0%2C0%2C%2C58%2C0%2C112%2C112%2C0%2C112%3Aco%3A0%3Acpf%3A1%3Ans%3A1679275919666%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1679275922%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1a87ddb7a32fb1755f32c746adce802678845d947305d34ae95da04517370347

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 20-Mar-2023 01:32:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Mon, 20-Mar-2023 01:32:02 GMT

POST
H2 200 52667398 Show response
mc.yandex.com/webvisor/ 43 B
73 B 258ms
55ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/52667398?wmode=0&wv-part=1&wv-hit=478523491&page-url=https%3A%2F%2Ftelegram-site.com%2F&rn=589028639&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1679275922%3Aw%3A1600x1200%3Av%3A970%3Az%3A0%3Ai%3A20230320013202%3Au%3A1679275919791135253%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Ast%3A1679275922&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegram-site.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:02 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 20-Mar-2023 01:32:02 GMT
content-type: image/gif
access-control-allow-origin: https://telegram-site.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 20-Mar-2023 01:32:02 GMT

POST
H2 200 52667398 Show response
mc.yandex.com/webvisor/ 43 B
73 B 55ms
55ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/52667398?wmode=0&wv-part=1&wv-hit=478523491&page-url=https%3A%2F%2Ftelegram-site.com%2F&rn=846747299&wv-type=3&browser-info=we%3A1%3Aet%3A1679275923%3Aw%3A1600x1200%3Av%3A970%3Az%3A0%3Ai%3A20230320013202%3Au%3A1679275919791135253%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Ast%3A1679275923&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegram-site.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 01:32:02 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 20-Mar-2023 01:32:02 GMT
content-type: image/gif
access-control-allow-origin: https://telegram-site.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 20-Mar-2023 01:32:02 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mitdmp.whiteboxdigital.ru
URL: https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D

Domain: sonar.semantiqo.com
URL: https://sonar.semantiqo.com/dmp/scr.php

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 10:29:22	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 10:36:34	Name: pcssspb Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 10:29:22	Name: pcs3 Value: 1
kimberlite.io/rtb/sync	1970-01-20 10:27:55	Name: f Value: https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FZBe3kB5ZUfA
kimberlite.io/rtb/sync	1970-01-20 10:27:55	Name: n Value: 1
telegram-site.com/	1969-12-31 23:59:59	Name: advanced-frontend Value: fd4f60f12fbdaa65a3fedb57a823fa27
telegram-site.com/	1969-12-31 23:59:59	Name: _csrf-frontend Value: 564bc0e1b1b86e4463f264a68f66d1a9d72e663ef19efb2f945bf99aeefadf17a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22C7mBmQLXbOwiFPcjqWN3Eg-LDOo6QiDb%22%3B%7D
telegram-site.com/	1969-12-31 23:59:59	Name: b Value: b
.yandex.ru/	1970-01-20 20:03:55	Name: i Value: KK1DpgerFlvhp4G7xowv3pN/0Hu5Cxtc6LDvOVWkQqO1d2yS7xMIinYZRMMYvjzj+RFby3MIw6XHgRFUagegyvjNvy8=
.yandex.ru/	1970-01-20 20:03:55	Name: yandexuid Value: 3243870571679275918
.telegram-site.com/	1970-01-20 20:03:55	Name: _ga Value: GA1.2.1670959109.1679275919
.telegram-site.com/	1970-01-20 10:29:22	Name: _gid Value: GA1.2.1866138750.1679275919
.telegram-site.com/	1970-01-20 10:27:55	Name: _gat_gtag_UA_126131317_3 Value: 1
.hit.ua/	1970-01-20 20:03:55	Name: uid Value: 2809990803.1679275919.2647522900
.telegram-site.com/	1970-01-20 19:49:31	Name: __gads Value: ID=3c2cc4932b39fbdc-220be06161dd001d:T=1679275919:RT=1679275919:S=ALNI_MYVhWK5GhzIZX9ExHxgcPKmWX9OHg
.telegram-site.com/	1970-01-20 19:49:31	Name: __gpi Value: UID=00000bc961d6bbe8:T=1679275919:RT=1679275919:S=ALNI_MbBztRoR-1W3VuKZtmDXZvMVycuyQ
.telegram-site.com/	1970-01-20 19:13:31	Name: _ym_uid Value: 1679275919791135253
.telegram-site.com/	1970-01-20 19:13:31	Name: _ym_d Value: 1679275919
.mc.yandex.com/	1970-01-20 10:27:56	Name: sync_cookie_csrf Value: 1925931906fake
.telegram-site.com/	1970-01-20 10:29:07	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 10:27:56	Name: sync_cookie_csrf Value: 1309802399fake
.yandex.com/	1970-01-20 19:13:31	Name: yandexuid Value: 3243870571679275918
.yandex.com/	1970-01-20 19:13:31	Name: yuidss Value: 3243870571679275918
.yandex.com/	1970-01-20 20:03:55	Name: i Value: KK1DpgerFlvhp4G7xowv3pN/0Hu5Cxtc6LDvOVWkQqO1d2yS7xMIinYZRMMYvjzj+RFby3MIw6XHgRFUagegyvjNvy8=
.mc.yandex.com/	1970-01-20 10:29:22	Name: sync_cookie_ok Value: synced
.doubleclick.net/	1970-01-20 19:49:31	Name: IDE Value: AHWqTUkLRq_RSbtZ4J9Gi1PU-kFKUCcouuECPrmfP63xXLk6cnKi3ktfOX1Tw0C8nsQ
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1287823311679275919
.yandex.com/	1970-01-20 19:13:31	Name: ymex Value: 1710811919.yrts.1679275919
.telegram-site.com/	1970-01-20 10:27:57	Name: _ym_visorc Value: w
px.arcspire.io/	1970-01-20 11:11:07	Name: arcid Value: cd8d1536cfbcf79555b257
.360yield.com/	1970-01-20 12:37:31	Name: tuuid Value: f3058aa5-842a-48db-937a-818497687288
.360yield.com/	1970-01-20 12:37:31	Name: tuuid_lu Value: 1679275919
.betweendigital.com/	1970-01-20 19:13:31	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 19:13:31	Name: tuuid Value: fad36d67-63e3-524f-83b8-a583e7af120c
.betweendigital.com/	1970-01-20 19:13:31	Name: ss Value: 1
.acint.net/	1970-01-20 10:27:56	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-20 20:03:55	Name: aid Value: CkIDE2QXt48gjg8fGHyQAo131JR2958U+5Nlh19SQmdQ973T
.dmg.digitaltarget.ru/	1970-01-20 20:03:55	Name: viuserid Value: -rt18FwNc3AkmuB7AxAa
.yandex.ru/	1970-01-20 20:03:55	Name: yuidss Value: 3243870571679275918
.tns-counter.ru/	1970-01-20 19:13:31	Name: guid Value: 0E5169066417B790X1679275920
.betweendigital.com/	1970-01-20 19:13:31	Name: ut Value: ZBe3kAAAfQB-dekqVHKdoxySsDxr91p1lfS6mw==
.acint.net/	1970-01-20 11:11:07	Name: cSyncDp14v3 Value: 1679275920
kimberlite.io/	1970-01-20 12:37:31	Name: u Value: ZBe3kB5ZUfA~BhsXkdIVkpPJgcHtFworokTxPns
.demdex.net/	1970-01-20 14:47:07	Name: demdex Value: 00610157609734144611743147932955520865
.weborama.fr/	1970-01-20 19:53:51	Name: AFFICHE_W Value: I7eXX990vqgj44
.uuidksinc.net/	1970-01-20 19:13:31	Name: jcsuuid Value: JZUBsnPprOOjCuAKdtBc
.dpm.demdex.net/	1970-01-20 14:47:07	Name: dpm Value: 00610157609734144611743147932955520865
.adx.opera.com/	1970-01-20 19:13:31	Name: UID Value: OPUf7a5003c4aa04ddeabbe4d525c202233
.ssp-rtb.sape.ru/	1970-01-20 20:03:55	Name: sspuid Value: CkIDMmQXt5AAAgBAFuYZAjejK42feW2GL8suHmMqv88NqbdZ
.mts.ru/	1970-01-20 19:00:34	Name: dspid Value: 629c7a4c-f4dc-4454-89a8-067f19220c7a
.adhigh.net/	1970-01-20 19:13:31	Name: gi_u Value: uMFE0tPSNxFO.AikABlGG_KUMSg
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.adhigh.net/	1970-01-20 19:13:31	Name: yandexssp_sync Value: LKvG
.upravel.com/	1970-01-20 10:27:56	Name: session_tptc Value: 1679275920531
.gonet-ads.com/	1970-01-20 19:14:58	Name: pid Value: NjcyMmEwMWYyN2UyNDU2ZQ
.mts.ru/	1970-01-20 20:03:55	Name: mts_id_last_sync Value: 1679275920
.mts.ru/	1970-01-20 20:03:55	Name: mts_id Value: 489ac147-3420-45d9-b933-e80a762e1119
.upravel.com/	1970-01-20 20:03:55	Name: user_id Value: 76c52da4-b8b8-4223-ad51-03fe300356e2
.aidata.io/	1970-01-20 20:03:55	Name: __upin Value: 3tDwKX1AvOW1na+kxqN5dg
.aidata.io/	1970-01-20 20:03:55	Name: __upints Value: 1679275920
.rutarget.ru/	1970-01-20 14:47:07	Name: userId Value: KCokZHP8Q90k
x01.aidata.io/	1970-01-20 10:38:00	Name: yaya Value: 1
.yandex.ru/	1970-01-20 20:03:55	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 20:03:55	Name: is_gdpr_b Value: CJ6rGBD0rAEYAQ==

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://yandex.ru/ads/meta/2163124?target-ref=https%3A%2F%2Ftelegram-site.com%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C56%3B706838%2C0%2C71%3B735973%2C0%2C28%3B739738%2C0%2C20%3B729110%2C0%2C33%3B734894%2C0%2C92%3B739994%2C0%2C67%3B681847%2C0%2C56&pcode-flags-map=eJydWNty2zYQ%2FZWO%2BppJeQVJv4EkKGFEEiwASlEyGYwSK7Y6vnQcO3Gdyb93QVA2SdtQ2ifTlM4BsHt290A%2FZisslFiwtcK5KnFKSlUwrmitUlzXhM9OPvyYfdte3O1mJzPJWzJ7M7vdfb2lp%2FA%2FQr4fRLOfH9880TSc5W0mhWK1anAriJUhcpPANwykxmlJFMlY9URSUiH1ZlY0J0w%2FwKcpU5hXI9rd%2Fd8T1tAPO9acio42Y20tFSc55STTlLhp7DvznCDwHs8GB1FVW0rKWVkCWy31A%2BFqjWW2ILmStCKKFYUg0s7re070FLO0lZLpY5VsHOvf%2FejLGIeSEHW4JmM5GSG7nI1j9KtkXeJkF6MV4YKyeoSEb8ZhMMYmSeh02LamJcM5MevjahTR25u73QAWeLGf9DCIpRCdyCaYaSIHIJCnIKRWLBWErybC3F1tP13sRkgfeYkJc0HfqQrWWhA6X0hVS%2FuSQegnbgfc4Don7xRvVc4qTGsbLHQiz0eP66WcLWGzsJaac5pbkW4UxujFBRWoV3KaWuGe66Cgg78ntaeKFvS5prlcKFrhObFiAzeInSfsoVhSxnVSOc5pK377RYYN1vs2G1a4XOONsCP9qI9zXjRQmaJhNQhD1xFrxzXkOY4zxgaOHwxqIdPQWtrXC4Gml1LBIMpEa%2FewniLvrLKAJaPIew6nhW6ca11EoM7%2Fw3DYwAqX7ShbvvMyuiSY16piHCoWc4on5%2FZGi4aO00e54ZRxKjcq3UCrIOuGcXvAUIT62jvoom%2BemeBWYOJG8UCRVKgMc86kwlkGWRKWLhEmfui6I2ynYgGSlgsdpgbnOa3ndpIgDMzOu7YPUpabhijfvusgjsJBeiqeQZwETWkJUbMvl0ToVaQehFlJs%2BWR1Q8c3ZQxw1dBgy0oDBeqD1HgzF7NSez1k8Xsoycxc0EyLdSmxJsUZ8vBBLNRIscLfG%2BUjgXpGj5MUiLo3Kp45IYeMnmoyRogBVT5QpVsTjM7Lvb7lgbbLCivtGY5qQ%2BTpuEktTdVBF3Rc0fihanDQUngAmBeQwR0oxQZ1zNFCGvtIzdxg2BEtqCy28mABOKxlMxO5Eee5w%2FdzsTX5KTAkH54UdCaSgJqz5Zgq6yFioLQQWi0PVFhLtWfLWmJJj92vhAhFD66Abng4OMmOyNQwFxLmdbQqCgM4%2FLIriI36qWTYRhJrO4TiAtdkLTgGAxTZx%2FsmYziBCWPvqHgFGjKjTJ4bSEa%2B%2BHG%2BHSpBH1vrSOEEr9P9wAhjnmsZ%2BsmgRM9skDTzjWD1bciFAfIna6sKnCt2L6W5zkm1gNBauPxS6qMUeD6h3KD%2BQ3OG44KolHgVY2h6BqY8QbPrwXP%2BKLYf34KObefAdIUu8Pa0D3DNJkXQt%2FNg2P3AJR4qHcnpiLEkjZK8q4BHmvJKIGriQFPli5Kpu1ursxGj5DEfRW8RtKJa8TxZX%2BvLrf36ny3Pzu%2FfYWuu8GoJUlxqsBxWq9DDoy2USmaal4vQCUDwdQworuGO2%2BhvesLBjTdjNCVvUIj1wn6ycm5Mp1etmBRTKV3ge6aSjtfHLkMApMp1RK%2F33TNQXUGbwj7Mfuyu%2F18Xm1vzvZXsxM3BJt0ef1pf7ETn7cX%2B6uz2Yn3c8QawlwciMC0RfB7Ki21EvQdc7jAh9nldn%2Fx9uYO9vbP9up0dw%2FPf%2Bwvt2e7r6NXZ9vL7s3pw%2B7KfH37bX97bR4v3w7%2BOb3a92818yMDvLjZPlxcP5z3Hz%2FcmL93N9u3V7vvX5994a%2Ft9eW%2Bg358%2BYjDintKrT196KDzEVjrEx9JPCDdadvBLViNrGSTmz9cjcfXa7ihGdHUWILEoMvxed%2FrlMRz6%2BUBJos3aJQFAblygjMJ19cjwNB3vOceidYNeANtkv6jQ4L7MdyQXyUctDLoPfY8PDHxzuKstFcxbvdgfkpaQylhWmpHyMD%2BiyM%2FNjgo9uPJZB8Uf1tDGYClh%2FDhXORL1V%2FnBThYCOw4%2B5ksJ6FMIr8%2FOWCnd%2FLIh4%2FjyS8HUb%2Bb4aDJmNBBh45e5ilsjk7a4efbi7FyEugTpp5hRJlfA5QkFZBIazOO%2FCBO9GD%2F%2BS%2Bl2JQC&pcode-icookie=xTGNZvx4dFHwTaWRFFCLhYyN6fT%2FSHg5PhgBZrP3ZM%2B0OSYwG%2FemS1g68pxlmrJKIcyEXQyJtjZhCHmV%2BqZLAXYdwi8%3D&imp-id=7&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=47828755808258&ad-session-id=144821679275918855&target-id=86136870&tga-with-creatives=1&top-ancestor=https%3A%2F%2Ftelegram-site.com&top-ancestor-undetermined=0&pcode-version=740439&pcodever=740439&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1580%2C%22h%22%3A1100%2C%22width%22%3A1580%2C%22height%22%3A1100%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A1200%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo5NDJ9ChKjoKzkqGmAGKyjh7VV234_O8m6J0psDrOJYuKwHZOJGHqVX_LV9MrU9pyQEvx9DmfrO-XYZmKr2YkTZpMyPCkpt7393m8H9VJQzxBWAvWEMRBjJCIFfJzTiShzYnVuKwggRhhhABgjMSCLLBGdKaZxGK2GyM4Q0mRHDkCX6ANlDqQ5wA2UAyKQBaqAcEFQDAzAL3y8BUi0wLQBLq9NnG3jmeblyAHcQHqBymzjXACzoUTmQL4cZQsQb4WreXIA4oLhLJPSQCMhC_Al5EPziB9QihwoAtnAHBr2Y5mEZCR8tiUk9qXQ_Yrof6x5pReseeKcUrLlqVsZj9GhPyAKpAtPMZRJlw28-T6QObME_oiXkOQLdTPiFIadB_QygLNUkzixoTA9sczrh2gLc8m3tO9VVpAQQ3MtOHPPfU5fh84BzACkAJS6yFyMaOEN0D2-BMFSLk2wBgZ7BidChDAjiy2RMUOIAmxUGXhYMuBVsEd6GZ5nV5g9B4D5J7I9pHy5_R_p7vz-trSQ8IwA5KHJHDrOai2yBIzBvXlzL6r0OQEPSwq8Urs__ZU6UN957n1A2pXU_9QEfe4lyNKaRWQzoOGAACAKHaApwPgfAF5_KCQUecWR7RUV-5d8mVIERC45vAXv9R2MI_tdRgb0AJQA1ABIAez8_VOcXHglN5tGEKh-APUxfRlaXF5JlGBDCAh7HAC7QMAOIecwOQDy4PBfGp7SEwLuiLWa6SNE4AM9A-TgpnKfJ54R1e5BlpyzH4NNe73TLF8Jiq_f_Ht8RIUaXAiYUAIDbHCHtNKFAftkmt2db9SzqEts5fd8BSweKAN8nsFr8h4b7ZKFWKIb3jz1yezjbOEuxvwJ-oJSLc9hgci_Lsj9InJT2MDmhJ9oqWujXAPtqJk5uU_Q5QdI1EYrbWgJ6ZhCs8VqjmzooK5Lw-kFmqbfiwz_rw8wqPqUAawlqGY2My8ZP62fTDzykQI2BOCDAwyAzyhRgwc-CoDJvCy0BhoLMwttFNMzsxisBkvEjPmtgIWrWWWhiQxxNsc0EUTc9JGRwWSlNlhDM3dmCM2GyGyAiFuEW43BEm4bYBb6-pdXLi3dGT-Fi8GLe92z8N678FMv6dJNJNzQTu-nZSQIe4aGp6Jb5sv1AWl9LD85REmhZc17Fem0AJGu4sw-bjRT7nq7RJntI5wr4vr72wtTxFTWy5oifmOAMLnt3Fzip0ESIaQMTfRG93VSmXL61YkmMhojM11k8uCKl0uBpHKKV9r9dFYfZ3jvt3UMwTznQ65eUcaQHiEzC70VcWawxEYjRNyUppiam5nFHCM-HHHJhccYmxzDLTKt2Ngtz7Q7T5MTaCYmg4XORLOCjdSx2SXyy7cwrMzIWLiszEUqXhauEbefxgswUcTMQmURpWTBc4EyWeloDQN8mbRY92XmALSfVD3nluia0ZEuKZC9owpLwnSttqhU-p7eFFLTh5RmhyGkoxuyz9jsLYY6xfueCEsoUQPdg8tFZUmELEDpNon-WfF4u_kcyRgxzKj5srSx2RxZjFFsYqBdGVoOQdJMtJFlcJB6sYkZejJGFi7GfZl6ePKRJ55dLloOZhakoYlGwGs-yblG8IIXkYRJQrMXdxTMIYpNlEEHQ2yI6EITQkctqlCetE_bBB_UYaAME19Aibyrcdy9l78UoyVkQMKNPQyHj-99H2tk5O5yG5mAmzdT9UbutLPAec-a-BjGrG3d2q_23t_DWrqeUmyf3T_6B1dfFdlkgWPryzFNC-Fm5sU2eeDtQ83r_NHvx_2YyJrgkN3Nhqvzuu8Y0yPOMX28CT_iaS7CEgIXvOYE2lccsE8PtIthuMJbAh3LrhJtPh7T0L3f84LY8HvnMtFnn6gCpZgMITU2nJisZqThcGAXwKkKX8wsEh_WK-xiRUycj5GKcRJJxsi0h8gcHOhtbOi86tWYJJgk4oy7ssBdaAAVFPZ50aBQnLiD_5kbDCWuGfEjP7Egjrd-RRqGhnl26xHslZJPLxXFyyZCEie8fgAYWIzl2AQL2MhpQ8_GyR82pv-09pym1Qs1V15CxgOcb4hX0wnTz2tjUwTbQ7ROn9WDUC_uaEo4ggXqS_hAO5uZ6jvxaC-29rA0EjB4Mk1spostVkY7g4WKEeNsOfQ4rDHZb42VFbWxo7GhQ8_fihaeF3bJ0mAI93xppbWzqQNKKsZ14DhF7-5HsF4vryXuij93m-OSJs-xfeoQ7sNEijnc3qbLN352szy8RMPeSRN39ciqpss6UNTmf6SZeGza5zyHQdqqAFclFvYYHQdfvRbmXotssbG6rqtDu739yrfsPZK-F97_IvvuPiFcA9THXcFOMqzgLXpOG3-YOylGx-ME9bB-TqieSZ_P3gJU7XX-IPntX4Kghmhxl-BwVMml7BQc3a2I9vO299op-P4-U8uY6i7kYUKe_dZ-_-AMRjuEkltQlO2VXcGE_1SGQRJxbB0jWNlrtOj4GZoU_iyODZ4QdqlU-54r8f_sGOYU2NvvsXILNn6PIWo337yTPJ1gp3EmluKDXbNc7rbZBXnL6HuXx92gKh_EFJlJwgeIcooLxcdElUjnbAbG8k0881deMdX7-wRwuANsxBO-iQywFwbNYNUwX8Lzv_dmD8MsfLLlYgUD2CHmZEODnp2_MQRh3C334T6x3mao3r4Fl5_MGvsIAJMiBDhe2giFxQkwNs1hIaxDhxYtB38r6ztAciVAOyfyweFy5ZFOKaj6hO_nnF5CgWHmJpnSsGBMw0IKY0OHhs8WQElJaf8_VoC2m6hyAMsdkxK-h4hFpCLp6MAr5XKf94S0t19JyBoT9L6VdNxOPBgHk7BsrsFCZsIOMcT8DeKYdisY7nQqRWSsnvXIq2j5XnzyjnMXo3QPgOTOiX4l8AYnpU1CDDNxMLAVYKEkcaJDy1fICzcZi0DynpaQYJikSUwRXkgVHtr9Mja-iq_YswkH5OJlVi321-I4gjExbHhInpPZUtrK4dM8lSnowlnhty5LSBefywWpuiL2KSzH22Q72vHiltK_8z6vpBjeBa9tN9LRwZb2ONl5W8E_t34_zt8vA3qi0B3kulT57w5cRnTtj0rdhKACk3u3Tq5uOfhvGJvYn8ipCgWglO770likKLX6W7CH7C8o2oKhWRgEJTPsOFO4rx6xgIxhFsXTK8ZCy-BgQ8Pf-gBuew-5W1867VHpW29zGXedb3262D-UMcw1oF3nFQsdmh0tJ2ZmR4-yPhXjjftHrLwOUU3RmnN5t16FBMxWpq2EZxw2miGam5wfS7V4O5-YSDOtVp_cM-r7vYnLmanodHJFz2aPsEr5d74mBplXQQWOiznLmPwEcul96PFRcGEzbwBijUa1p26Ho_sLpq_y9tDhO3k_FL5vNSTYHcK9lzgvX-29B8o7oXzfQd9pQoFiEKO4JoWVCrHgorShwcRIs0aV4GmC8hghT41E3mrhiyPwfoXrWOIM_k1tLdPAK4O2MfQCvtywS9MQ59gp58d7AT0efH5d-WJK0tDhyFc_WxFVc8bOnW80WBmQRCaHxWo05AN3KXSXFGOIiKlAjY6qYCmGuDBsp6YDNoK7ESnejluPutVcYz5ZAHFSrLZhYzqDKELE0ZIkNCHE7BdBKvOgcsgB8-Gz6vm0fJzhmE8_3D2VZqZ6U0jQWkkW85kCrd66TeXzhu8zBEC2EyBOeveRateScmIJ2HvHe-Owa9muZbL5uyRAnc-BNIrouUdtbXTtkhx1aDS85wr3Jl_a0wwTZUdEuFBPEhaOSY7n7rnY0UkfG4ZSg5UmgpHgEc_NjCapN-kkQFm61K0TNzOkGn0WmsjVAn3NOjeeCzMSX7CRG0YFf7hmj1dt-_CNTYthlkhcmIPS4DBEiAxZHKhjeVosMbXx-MPIHIDexowHvu0mfIhbKf0U9JEpa8Lk_oP9Q4rLJ8PstiC3_kLl4kBN-h88eVS6xoanfc3V3aH-4PxJ6fNbVbtic19MeYv95Lukky_n_zfNndQ31O0WODtNV3_Ryco1upl558jl_VF_5VvlugLTHabZ4NaS6QRTNGIs1-fQlcgE__WN2JV27husvLtetm3ON8f48aaqFXZyESfVaW0GRFQoMoS0sYkuymwZWRRbqnzMVuVrw7XFeai_EeXA1e93yh9F9vJgs6FHw5mXEo6d9HbsPjZMmu_wHzwBrDUOwbPmBQB5aIlNVoCK6DOwEVFbQlNkOnXuDH7Te0Ub8omerxFsjsJ52tkDWEt4-Mmq5esJnKzqCpS_wXg_VQn8or4KK3qP23WafkURIo3NxgwsZOw29uvkgPV3bWiaoOg31ZYdP0pdYDKwCahwS8frWJqBBh74GSyrKbJERuOSjXJnA1VsRpJRxjvTdRcODjsbWK0wQ4Oa9lRDChZyVJw2SDKHrUnHFoAwOOQfXN0Z7iYY9RI4tCGlMYoyMGOrKUNgQrgUo7b1P-xsnPk6H9Iv5uOHWWzVVbFqp9zOQ61bbxu3U9EvSNkbRykKKI8floWeE2aRJFSob7csU4RoUzV6T68tva2toVWKJpmtiAEA0R2g0eMEBfWKTuZGqdlvP259dWUWXmOoGl-gy3cEpeDS_geEhwvypOFEVFaEu-dV9-xq273UGhLqiQ4bJb8-qbBqlnjlUK9-3HrN2i7OPPlmA0UjKe8wnLzddOoqe8sY1LS3MEY_CHl1v7qwAxnrzYhdnHW5c_YnoC9T5NdEKveIjwbycKtr74k2O9W1nvku53W7cct410rh7URbQLOhlY7ivOFKv6r5iHb3lPB96qTtbrgnFO-pmTa3ureEGCpaSOgwc0MxqzjROhBcKENxbljTtvtnwnmwGa3GEKmhw32Qn_3idJKxe1lyoko93RR9k0vriZ37KOaOB8o3hEv9VCCDa12iGjO4ETUVo8XK0EVZLyG9p1STXA54vgUE3_2TnXfiXCIfld8t0D248DwztLyblLooUXYwnlu7ZLmO7ULdEXSFy7sAqZk8jJY9Fh6l0_H83KR6DRp9kXyZOdKmSt20onmFatw2XpriaaaRtSqbvfXJcDvRqlr0&uniformat=true&callback=Ya%5B9126777420581%5D Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://an.yandex.ru/setud/mts_banner/WhUVO7JtQtOyJtd71GPLHA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=3712224630 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acint.net
ads.betweendigital.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
an.yandex.ru
avatars.mds.yandex.net
c.hit.ua
cat.fr.eu.criteo.com
cdn.telegram-site.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.tns-counter.ru
code.jquery.com
csm.eu.criteo.net
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
euw-ice.360yield.com
exchange.buzzoola.com
googleads.g.doubleclick.net
im.bluevoox.com
kimberlite.io
match.360yield.com
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
nr.bidderstack.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
profile.ssp.rambler.ru
px.adhigh.net
px.arcspire.io
redirect.frontend.weborama.fr
rtb-eu-warsaw.intent.ai
rtb.nl3.eu.criteo.com
s.uuidksinc.net
sm.rtb.mts.ru
sonar.semantiqo.com
ssp-rtb.sape.ru
ssp.adriver.ru
static.criteo.net
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.gonet-ads.com
sync.upravel.com
t.adx.opera.com
tech.rtb.mts.ru
telegram-site.com
tpc.googlesyndication.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.telegram-site.com
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
mitdmp.whiteboxdigital.ru
sonar.semantiqo.com
142.250.185.194
148.251.236.118
168.119.9.59
178.170.192.140
178.170.196.9
178.250.0.160
185.15.175.147
188.42.105.220
188.42.34.65
193.232.150.43
193.3.184.213
193.3.184.228
194.55.244.181
2001:4de0:ac18::1:a:3b
2001:6d0:4001::226
213.87.44.187
216.58.212.130
217.65.2.150
217.66.147.36
23.88.12.13
2606:4700:20::ac43:48bf
2606:4700:3032::ac43:b854
2606:4700::6811:190e
2606:4700:e2::ac40:840f
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2008
2a00:1450:4001:831::200e
2a02:2638:3::9
2a02:2638::21
2a02:2638::3
2a02:2638::b
2a02:2638::c
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
31.172.81.160
31.220.27.135
35.177.4.157
35.190.24.218
37.18.16.16
52.45.175.185
52.48.197.145
54.195.241.43
81.222.128.214
82.145.213.8
87.242.89.90
89.108.120.68
89.108.127.68
89.184.81.35
91.192.148.14
00727b44f71be0b22cb1e67b71e026e28270c385070ab1aab034ba905843b133
025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cbfa5f698d5111459b88f967fa1619f9d4357847bccce75fdd38ca83712b549
0cd27089eae3bc5075ea8cdb62f5a82e33ce3d63227e8697a9a1212ef35ee7db
0d3d1a533068bc28da3c90468c519eeaa2c79f438c2b617cab1068c64e67e1c0
1346c4b9f0382d4789c1a4d89fd1c942ff9adf71252ece1144fe9b508c4f438f
164bd80da6c8b84e7409bd2dd7e1cf15e81e07dd3ac59371381c7ae854982355
1723a384d58117b5e6c507ce0f57f858d0e612a140c67dd55df257ae9f9e95ff
1760011f7f0f74858e92f5830c2296944f05cb92cd163ad5212570602bb1c458
17e75ada74535f579a90eb81a0c95fa979bade0003c00c0f1cc76b1bda482b87
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460
1a87ddb7a32fb1755f32c746adce802678845d947305d34ae95da04517370347
1c0686fa2009740e92032edf93084867c91c2d76d56280f78c2a778e81b7477a
1c24579f96ec01ba55d27f13b2e7b261861707fc735a5a4be6d3e7c74a16b69d
1fb6261205bd5fb7326792fee2f732b212d3de67e6fb4f61aa6db05049d04d6c
216c9694c0db180e9bec6a2ba5bd0290b410750e75f40c7aa8acd4959ed94117
2549593dee3a460761aa7094f3b13ef9a75375561a8fa9f21fa11ffb56a4c465
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b9a053f3c13d766e72a76c6df535c824a738d8232ce8e310c86a524c41dc955
2d68bcbbf40aac5e4160b561c95b4cb4fcb4108d4442b5ae618911a4a3613298
30eda38dea6c2a71487ddeed57de56a298c0dbe5e8e8a7665d5345bb548ab78a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d532eeed2d330a3edefe3f8f60f0914e4029ac13e2b429ddb0be3224db690d
32ac3a5f2dbd89aa7d57a54ce52839644f1aae2558f8689ff4ee52547118f055
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
34ce876583f04fa14d048586ed11c069111c38f4508964193a53a3c6dfec4d93
39d3e1e1e0b06dd72f09fbc42344b6b347151727c6879ae693cdf669ff405203
3d0ec5fb78fb216ec7b42129713fd6488f6d5f9a6e5ce54f62dce6cc432c136e
3fa5a0225082a13e7e8975d598ff69cd4c22d4719d4896f1f204ca69c97d27a6
3fb23bc38ebf6bec45057e479098e3ebeb1138ab3b8944fb53971fd9c8d0c950
4296b96e93ffe4b60dfc5398114305d8d122b2c7896776210a98087d91543502
42fc8e23359986d6bf5b00afef7b60a913fa5cbcd734952b4e710f42243f083c
4d331a48af2fdb5bdd5b3b0ccb3c35c0307c714f2eb45271d7ffce8e98ece86c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53db5de5f5524dc372b21d1d0a677d993b739b30b6e5c4276c45083ec28fabc1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c011b9796b130fc6cc45d82da81739370903fc8ae70a126c76fe74a7975c8c2
60b7a6286bed78b9e3e451a0c2b1a220468628caef694cd22dc7eaf80b8cff18
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620879f7083ad0effb67a8e59951525a664f86c1624a5f3d3e9ab184f109d669
62b46a88093ca9336d141c098421d901b0dde9be7a60fd9dbe962da0a91f5980
6310a48c9a19fb485867d18243307ed9ed3be181b20e4ae7ae244c2445498694
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
645d4ed84103b8eb3924575a089aeca3a50b874c575b01ecb043d43765ddd37c
66918529dbeae81426179f3d932899daf2f179d4d465a9a3a31fb433bebb51d3
68442626abc66fd5ba5431778dbec37c3a4dbb75c2185ce4b3953e391d1bb359
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bba5997e3326f224f1522bbce7a12759fe219d356b34f12dafc04ee79dccd4c
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
78a36e889cf516b757621095bb9efa06b6604eb2a71e0893eaaaf007216e4a64
7979e62bc495dc69dc0ad02ba27cf9d9c7eab30fca0f6823856e02400d2b2bb7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8829956a7dc32483c4f0dca9ad5d05f91acf91b5444b0ea7f3ead22a4d4af9df
8ad7543b517ca837e565575ebf38bc70449e786c648a0a720f3421dafd91486f
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
922df776974f6ba24eaa5a17231afd547f24ea3d08fd8304e5ff99d4e8e59cde
92a55161e23f2ac396f916743cc5aa0c5bc750bf31912c094143939ee34215ea
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9cd8bf6a27c4b10e29b0bc5ba881979940b1a6e5ac6e2e954a9551c8067d7e03
9fc7ca579dcf3b4adb65c4c351e5d125ff8abbb3dd274eb37b39a858f994cdf5
9fe9597c87bcda364ed092f01e096a734c7f12d811e904fad835f2503f80abd5
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a11f2941badaaa878950e793964a43d1c9ffeefede062e3096210c37aa2c5b8c
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8a26fe8323893b23f7b8529a9a9adbb48752033ff3dc373549e929f81de4d8a
a95f50320410972111855ca8b3e12978bee5f65581dcbc682a02073307f362c5
a9ace4d828c6a5722f2be94b36ecddc4df005186a948597cb069494bfff71b78
ad4b3de6b581bf6aa1ece4849cb2b4951b13600e4773fab72a46643c37113fc3
ad9b221517917e35287fcecf69dac74c8b8cdef705b77b6aa86653858846ea13
adf5985817fc5416d9392c85905d5af20c0e0eeef94e542bf3e73cb33492ce8c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b46dfa6990193c068a64ce6f10d2f2f44a3938ac1640fbf31d21621c2349b444
b50c8b73033551506ff8b052e17ad186fec5f444c6a3e5fd18b18e2eb1e40b63
b66c6d2e52976d7d0742d448b5a74a91721356d0c6f9f0214449c60855d987b2
ba3cf9987abed00770997047bd98ba474d72c6e0fbb0f27ff2b1735011bab8e1
bcb3adabd38f38a3e3e38dde7def374beae3cf25538f1689a62a344ddf64f213
bfeb231a6463e0f1961b66705b25abb958f11bc16ea5fd13139ff36c56a5737f
c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72
c1f9d8e277b69e27fbad364e41ef7754749a72df331f6298b425144883f9a7cc
c3c873c68ec4a34e56324e7e7f5aa833764cc64cadbef73d217efc049bac71ca
c47415a8c0b792e981a96b266d9d33ec1cbf26d5128e0c319e3dd1a3d6718d7f
c756c30458696b4fe2cde63c3bbcd4b80aae000471d46147e1c683aeb9c39f39
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca26366eedc297fa6e2c0dd960bdee214b83799c112f5e00e531c3aeba83ec27
ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a
cbb5d0cd99752f39042ab89b65c414c46d91111198c4c805e45e8e807e77f46f
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
cf0e934daa92ef101fcdf4f64d318324f197533bc3a8ad60630a947cef5d7073
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae
d055bf0ad7f8a282709e111aaefabd815053ff490ff29cad20ccafff6bcdfa32
d2cdb4f2ed4b585d772068df75c01d0a360d45d27294188fccf5ceb4255fdc83
d50126351f7075372c0eedc8ea635d0d70fbe3e6f4a80bdc11d28028ceb292b5
d5952a95a7b4d31153b5334f4ad5107a8e24bdc416b890d8afd8a86830a8625d
d6146780779c2950fe7b895d70d665ca62b06ad838d72d5a53e97c7b774e50f6
d91e8ad2349019e7ea4ce712710eaa411a7d82272e46ea630c94b757d9bb5499
dce19dbf6566973efea074fa29a17fcfab2576c1265f6a13c1bb51bd6ad5ea44
dd19c79bf0b4b348418971e7762d2d1d954de992d1d75b6e29299beaa7ec8736
dda1baa9d7ee54230d7630091b721ff51667bc36436b8ebde72de327f9d04422
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e13afaeed10f5193d318548c3ff8deefbd3134182d0ef64ca7ba4cbd1b03faf3
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e265d221d41ada3c2650940cbb8c76b4673daec181ba89a2c2a025f8f7088119
e378fbe32c17f1d03ccc9f7ef0957512438504b2f0e3f46d1f5c38cae9932f8f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5532b60454b57f27f9485da7dc5beb5e31a7a21391cf571035803dfc1ac9e62
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0564f60d333c643a7abad92b1e951636c40950c853a6be483f44f50f3349c16
f30fb0d9eabbfe39cc68974e536671d66fb9ded0e2fada1e317c89c255c3e035
f4bce345b803ef7f919e0b6ea6c859e117a5f3eaced263673c8df465e1ba03e9
f5975a149a056c90e4c51535430c08cd4b45c32a9e2dc9c21e45ae797c91a09f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fb17d5844b4c4dd0a8689c5eaf5dd4b54781c7acfa65858bedf7f6a02798d722
fbb22f202246a19d9141d95e44a025527832f3ae8739842e755358fd34c02510
fcc286dac5597e827827c5d09c7a3342a310879c28ce2c58a1c46486f91fd8d5
fe1394a00035ea53a91634a2cf5a39eb319b22a4abb203453d00aa9dc122cd51

telegram-site.com Open in urlscan Pro 2606:4700:3032::ac43:b854 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

257 Requests

87 %HTTPS

44 %IPv6

50 Domains

67 Subdomains

40 IPs

10 Countries

3334 kBTransfer

6675 kBSize

64 Cookies

8 Outgoing links

Page URL History

Redirected requests

257 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

telegram-site.com Open in urlscan Pro
2606:4700:3032::ac43:b854 Public Scan

Screenshot
Live screenshot

Full Image

257
Requests

87 %
HTTPS

44 %
IPv6

50
Domains

67
Subdomains

40
IPs

10
Countries

3334 kB
Transfer

6675 kB
Size

64
Cookies

257 HTTP transactions
3 data transactions