telegram-vhod.ru
188.114.96.3 Malicious Activity! Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

URL:
https://telegram-vhod.ru/ 4yr old
Submission: On August 21 via automatic, source certstream-suspicious (August 21st 2024, 10:24:17 pm UTC) — Scanned from NL

Summary HTTP 163 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 40 IPs in 7 countries across 52 domains to perform 163 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is telegram-vhod.ru. 4yr old
TLS certificate: Issued by WE1 on August 21st 2024. Valid for: 3mo.

This is the only time telegram-vhod.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
22	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	46.4.104.244 46.4.104.244	24940 (HETZNER-AS) (HETZNER-AS)
4	5.101.37.37 5.101.37.37	201589 (EDGEAMLLC) (EDGEAMLLC)
1	172.67.153.14 172.67.153.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	23.111.100.20 23.111.100.20	39134 (UNITEDNET) (UNITEDNET)
5 17	195.201.152.105 195.201.152.105	24940 (HETZNER-AS) (HETZNER-AS)
1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1	54.230.228.27 54.230.228.27	16509 (AMAZON-02) (AMAZON-02)
1	34.36.214.49 34.36.214.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
10	84.201.179.252 84.201.179.252	200350 (YANDEXCLOUD) (YANDEXCLOUD)
22	37.230.131.17 37.230.131.17	200197 (HYBRID-PO...) (HYBRID-POLAND)
18	194.55.244.183 194.55.244.183	34959 (PROCLOUD ...) (PROCLOUD PROCLOUD MSK)
1 19	193.3.184.25 193.3.184.25	50214 (QWARTA) (QWARTA)
3 3	217.66.147.33 217.66.147.33	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
5 5	217.66.147.40 217.66.147.40	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
5 5	185.65.149.228 185.65.149.228	51115 (HLL-AS) (HLL-AS)
2 4	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1 6	185.15.175.145 185.15.175.145	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 1	2a02:6b8:a::a 2a02:6b8:a::a	13238 (YANDEX) (YANDEX)
3 3	217.199.220.44 217.199.220.44	61400 (NETRACK-AS) (NETRACK-AS)
3 3	2a01:4f8:242:... 2a01:4f8:242:3f8a::2	24940 (HETZNER-AS) (HETZNER-AS)
1 1	178.170.196.9 178.170.196.9	208677 (CLOUDRU-AS) (CLOUDRU-AS)
3 6	2606:4700:20:... 2606:4700:20::681a:6bd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	167.235.10.91 167.235.10.91	24940 (HETZNER-AS) (HETZNER-AS)
1	87.242.127.163 87.242.127.163	208677 (CLOUDRU-AS) (CLOUDRU-AS)
2 2	158.160.128.78 158.160.128.78	200350 (YANDEXCLOUD) (YANDEXCLOUD)
1	91.220.120.9 91.220.120.9	202173 (MAXIMATEL...) (MAXIMATELECOM)
3 4	188.42.189.197 188.42.189.197	7979 (SERVERS-COM) (SERVERS-COM)
1 2	23.105.255.196 23.105.255.196	39134 (UNITEDNET) (UNITEDNET)
9 10	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
1	167.235.9.235 167.235.9.235	24940 (HETZNER-AS) (HETZNER-AS)
1	213.248.44.211 213.248.44.211	12695 (DINET-AS) (DINET-AS)
1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1	176.122.21.226 176.122.21.226	48096 (ITGRAD) (ITGRAD)
1	194.55.244.195 194.55.244.195	34959 (PROCLOUD ...) (PROCLOUD PROCLOUD MSK)
1 2	45.139.25.124 45.139.25.124	34959 (PROCLOUD ...) (PROCLOUD PROCLOUD MSK)
1	37.230.131.16 37.230.131.16	200197 (HYBRID-PO...) (HYBRID-POLAND)
1	188.124.47.12 188.124.47.12	49505 (SELECTEL) (SELECTEL)
7 8	185.175.47.157 185.175.47.157	50340 (SELECTEL-MSK) (SELECTEL-MSK)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1 1	188.72.107.205 188.72.107.205	208677 (CLOUDRU-AS) (CLOUDRU-AS)
3 3	213.239.194.43 213.239.194.43	24940 (HETZNER-AS) (HETZNER-AS)
2 3	148.251.237.106 148.251.237.106	24940 (HETZNER-AS) (HETZNER-AS)
2 2	31.172.81.147 31.172.81.147	44066 (DE-FIRSTC...) (DE-FIRSTCOLO firstcolo.net)
3 3	172.67.140.221 172.67.140.221	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	193.3.184.140 193.3.184.140	50214 (QWARTA) (QWARTA)
4 4	193.232.150.148 193.232.150.148	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1 1	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
1 1	138.201.139.144 138.201.139.144	24940 (HETZNER-AS) (HETZNER-AS)
1 1	54.72.42.145 54.72.42.145	16509 (AMAZON-02) (AMAZON-02)
1 2	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
2 2	195.209.109.28 195.209.109.28	52007 (ADRIVER) (ADRIVER)
2 2	178.154.212.160 178.154.212.160	200350 (YANDEXCLOUD) (YANDEXCLOUD)
1	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
2 2	217.199.220.72 217.199.220.72	61400 (NETRACK-AS) (NETRACK-AS)
1	195.209.109.19 195.209.109.19	52007 (ADRIVER) (ADRIVER)
1 1	158.160.158.98 158.160.158.98	200350 (YANDEXCLOUD) (YANDEXCLOUD)
2 2	23.109.14.96 23.109.14.96	7979 (SERVERS-COM) (SERVERS-COM)
6	136.144.31.29 136.144.31.29	52000 (MIRHOSTING) (MIRHOSTING)
163	40

22 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

telegram-vhod.ru 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 46.4.104.244 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.104.4.46.clients.your-server.de

rbthre.work 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 5.101.37.37 (Armenia)

ASN201589 (EDGEAMLLC, AM)

cdn.alfasense.net 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 172.67.153.14 (United States)

ASN13335 (CLOUDFLARENET, US)

runoffree.bid 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 23.111.100.20 (Russian Federation)

ASN39134 (UNITEDNET, RU)

cs.alfasense.com 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

17 195.201.152.105 (Gunzenhausen, Germany) 5 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.105.152.201.195.clients.your-server.de

sync.dmp.otm-r.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com 11yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 54.230.228.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-27.muc50.r.cloudfront.net

hb.360yield.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.36.214.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.214.36.34.bc.googleusercontent.com

pa.openx.net 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

10 84.201.179.252 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)

v.alfasrv.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

22 37.230.131.17 (Amsterdam, Netherlands)

ASN200197 (HYBRID-POLAND, PL)

ssp.hybrid.ai 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

18 194.55.244.183 (Moscow, Russian Federation)

ASN34959 (PROCLOUD PROCLOUD MSK, RU)

ssp.otm-r.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

19 193.3.184.25 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 217.66.147.33 (Russian Federation) 3 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-33-147-66-217.spbmts.ru

sm.rtb.mts.ru 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 217.66.147.40 (Russian Federation) 5 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-40-147-66-217.spbmts.ru

vma.mts.ru 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 185.65.149.228 (Russian Federation) 5 redirects

ASN51115 (HLL-AS, RU)

cm.a.mts.ru 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
6863072591724279060340.cm.a.mts.ru 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
8232351891724279060340.cm.a.mts.ru 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 185.15.175.145 (Russian Federation) 1 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

yandex.ru 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 217.199.220.44 (Russian Federation) 3 redirects

ASN61400 (NETRACK-AS, RU)
PTR: s4.kimberlite.io

kimberlite.io 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a01:4f8:242:3f8a::2 (Ehingen, Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)

exchange.buzzoola.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 178.170.196.9 (Russian Federation) 1 redirects

ASN208677 (CLOUDRU-AS, RU)
PTR: fr14.segmento.ru

solta-sync.rutarget.ru 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 2606:4700:20::681a:6bd (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

a.utraff.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 167.235.10.91 (Bühl, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.91.10.235.167.clients.your-server.de

match.ohmy.bid 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 87.242.127.163 (Russian Federation)

ASN208677 (CLOUDRU-AS, RU)

sync.rambler.ru 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 158.160.128.78 (Moscow, Russian Federation) 2 redirects

ASN200350 (YANDEXCLOUD, RU)

sync.programmatica.com 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 91.220.120.9 (Russian Federation)

ASN202173 (MAXIMATELECOM, RU)

tms.dmp.wi-fi.ru 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 188.42.189.197 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com 12yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 23.105.255.196 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

cs.agency2.ru 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

10 89.108.120.76 (Russian Federation) 9 redirects

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 167.235.9.235 (Bühl, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.235.9.235.167.clients.your-server.de

sp.ohmy.bid 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 213.248.44.211 (Reutov, Russian Federation)

ASN12695 (DINET-AS, RU)

s.suprion.ru 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 37.9.245.57 (Russian Federation)

ASN16345 (BEE-AS Russia, RU)

7405722167825297297-otm.ops.beeline.ru 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 176.122.21.226 (Russian Federation)

ASN48096 (ITGRAD, RU)

ads.adlook.me 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 194.55.244.195 (Moscow, Russian Federation)

ASN34959 (PROCLOUD PROCLOUD MSK, RU)

sync.otm-r.com 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 45.139.25.124 (Moscow, Russian Federation) 1 redirects

ASN34959 (PROCLOUD PROCLOUD MSK, RU)

ssp.al-adtech.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 37.230.131.16 (Amsterdam, Netherlands)

ASN200197 (HYBRID-POLAND, PL)

dm-eu.hybrid.ai 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 188.124.47.12 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)

rtb.moe.video 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

8 185.175.47.157 (Moscow, Russian Federation) 7 redirects

ASN50340 (SELECTEL-MSK, RU)

sync.opendsp.ru 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 188.72.107.205 (Russian Federation) 1 redirects

ASN208677 (CLOUDRU-AS, RU)
PTR: fr05.segmento.ru

videotarget-sync.rutarget.ru 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 213.239.194.43 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-7.community.moscow

sync.upravel.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 148.251.237.106 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-1.community.moscow

39d861a2-8083-48b1-bc40-e9b0fde6d7fb.sync.upravel.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 31.172.81.147 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO firstcolo.net, DE)

sync.bumlam.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 172.67.140.221 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

a.lotus-dsp.ru 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 193.3.184.140 (Russian Federation) 3 redirects

ASN50214 (QWARTA, RU)

www.acint.net 12yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
acint.net 12yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 193.232.150.148 (Russian Federation) 4 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp3.senders.yappy.one

px.adhigh.net 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 138.201.139.144 (Mannheim, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.144.139.201.138.clients.your-server.de

cm.p.altergeo.ru 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 54.72.42.145 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-42-145.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 95.163.52.67 (Russian Federation) 1 redirects

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 195.209.109.28 (Russian Federation) 2 redirects

ASN52007 (ADRIVER, RU)

ev.adriver.ru 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 178.154.212.160 (Russian Federation) 2 redirects

ASN200350 (YANDEXCLOUD, RU)

redirect-frontend.weborama-tech.ru 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 217.199.220.72 (Russian Federation) 2 redirects

ASN61400 (NETRACK-AS, RU)

sync.dsp.solta.io 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 195.209.109.19 (Russian Federation)

ASN52007 (ADRIVER, RU)

ssp.adriver.ru 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 158.160.158.98 (Moscow, Russian Federation) 1 redirects

ASN200350 (YANDEXCLOUD, RU)

pixel.konnektu.ru 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 23.109.14.96 (Netherlands) 2 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 136.144.31.29 (Moscow, Russian Federation)

ASN52000 (MIRHOSTING, NL)

ads.alfasense.net 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
36	otm-r.com 5 redirects sync.dmp.otm-r.com — Cisco Umbrella Rank: 24848 10yr old ssp.otm-r.com — Cisco Umbrella Rank: 130293 7yr old sync.otm-r.com — Cisco Umbrella Rank: 92883 4yr old	13 KB
23	hybrid.ai ssp.hybrid.ai — Cisco Umbrella Rank: 14970 8yr old dm-eu.hybrid.ai — Cisco Umbrella Rank: 14313 5yr old	4 KB
22	telegram-vhod.ru telegram-vhod.ru 4yr old	765 KB
19	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 20627 9yr old	11 KB
13	mts.ru 13 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 32244 7yr old vma.mts.ru — Cisco Umbrella Rank: 33605 3yr old cm.a.mts.ru — Cisco Umbrella Rank: 31273 3yr old 6863072591724279060340.cm.a.mts.ru 2yr old 8232351891724279060340.cm.a.mts.ru 2yr old	8 KB
10	aidata.io 9 redirects x01.aidata.io — Cisco Umbrella Rank: 9481 10yr old	6 KB
10	alfasrv.com v.alfasrv.com Failed — Cisco Umbrella Rank: 137181 9yr old	4 KB
10	alfasense.net cdn.alfasense.net — Cisco Umbrella Rank: 128332 7yr old ads.alfasense.net — Cisco Umbrella Rank: 288019 4yr old	112 KB
8	opendsp.ru 7 redirects sync.opendsp.ru — Cisco Umbrella Rank: 44186 4yr old	2 KB
6	upravel.com 5 redirects sync.upravel.com — Cisco Umbrella Rank: 36843 9yr old 39d861a2-8083-48b1-bc40-e9b0fde6d7fb.sync.upravel.com 2yr old	3 KB
6	utraff.com 3 redirects a.utraff.com — Cisco Umbrella Rank: 40818 7yr old	3 KB
6	digitaltarget.ru 1 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 20652 9yr old	3 KB
5	yandex.ru 3 redirects an.yandex.ru — Cisco Umbrella Rank: 5379 13yr old yandex.ru — Cisco Umbrella Rank: 1074 13yr old	2 KB
4	adhigh.net 4 redirects px.adhigh.net — Cisco Umbrella Rank: 11311 13yr old	2 KB
4	betweendigital.com 3 redirects ads.betweendigital.com — Cisco Umbrella Rank: 3270 12yr old	3 KB
3	adriver.ru 2 redirects ev.adriver.ru — Cisco Umbrella Rank: 31125 3yr old ssp.adriver.ru — Cisco Umbrella Rank: 25477 9yr old	2 KB
3	acint.net 3 redirects www.acint.net — Cisco Umbrella Rank: 20891 12yr old acint.net — Cisco Umbrella Rank: 16758 12yr old	2 KB
3	lotus-dsp.ru 3 redirects a.lotus-dsp.ru — Cisco Umbrella Rank: 93294 2yr old	2 KB
3	ohmy.bid match.ohmy.bid — Cisco Umbrella Rank: 59445 3yr old sp.ohmy.bid — Cisco Umbrella Rank: 86321 4yr old	946 B
3	buzzoola.com 3 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 12452 9yr old	1 KB
3	kimberlite.io 3 redirects kimberlite.io — Cisco Umbrella Rank: 27902 9yr old	2 KB
2	gonet-ads.com 2 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 36366 3yr old	607 B
2	solta.io 2 redirects sync.dsp.solta.io — Cisco Umbrella Rank: 50574 4yr old	474 B
2	weborama-tech.ru 2 redirects redirect-frontend.weborama-tech.ru — Cisco Umbrella Rank: 68354 3yr old	898 B
2	mail.ru 1 redirects top-fwz1.mail.ru — Cisco Umbrella Rank: 7686 9yr old	2 KB
2	bumlam.com 2 redirects sync.bumlam.com — Cisco Umbrella Rank: 6205 9yr old	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 16059 9yr old	592 B
2	al-adtech.com 1 redirects ssp.al-adtech.com — Cisco Umbrella Rank: 29295 2yr old	497 B
2	agency2.ru 1 redirects cs.agency2.ru — Cisco Umbrella Rank: 135033 4yr old	1 KB
2	programmatica.com 2 redirects sync.programmatica.com — Cisco Umbrella Rank: 56884 3yr old	494 B
2	rutarget.ru 2 redirects solta-sync.rutarget.ru — Cisco Umbrella Rank: 75277 3yr old videotarget-sync.rutarget.ru — Cisco Umbrella Rank: 102842 9yr old	957 B
2	alfasense.com cs.alfasense.com — Cisco Umbrella Rank: 85314 4yr old	710 B
2	gstatic.com fonts.gstatic.com 9yr old	28 KB
1	konnektu.ru 1 redirects pixel.konnektu.ru — Cisco Umbrella Rank: 82937 5yr old	212 B
1	new-programmatic.com match.new-programmatic.com — Cisco Umbrella Rank: 34211 6yr old	215 B
1	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1261 8yr old	229 B
1	altergeo.ru 1 redirects cm.p.altergeo.ru — Cisco Umbrella Rank: 97451 10yr old	549 B
1	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9685 13yr old	287 B
1	moe.video rtb.moe.video — Cisco Umbrella Rank: 143380 3yr old	177 B
1	adlook.me ads.adlook.me — Cisco Umbrella Rank: 58229 7yr old	43 B
1	beeline.ru 7405722167825297297-otm.ops.beeline.ru 2yr old	454 B
1	suprion.ru s.suprion.ru — Cisco Umbrella Rank: 134151 2yr old	252 B
1	wi-fi.ru tms.dmp.wi-fi.ru — Cisco Umbrella Rank: 88049 8yr old	603 B
1	rambler.ru sync.rambler.ru — Cisco Umbrella Rank: 43772 9yr old	97 B
1	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1198 10yr old
1	openx.net pa.openx.net — Cisco Umbrella Rank: 5140 3yr old
1	360yield.com hb.360yield.com — Cisco Umbrella Rank: 7874 2yr old
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1081 11yr old
1	runoffree.bid runoffree.bid — Cisco Umbrella Rank: 320413 2yr old	19 KB
1	rbthre.work rbthre.work — Cisco Umbrella Rank: 386438 4yr old	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 56yr old	1017 B
0	com.ru Failed rtb.com.ru Failed 10yr old
163	52

	Domain	Requested by
22	ssp.hybrid.ai	cdn.alfasense.net
22	telegram-vhod.ru	telegram-vhod.ru
19	ssp-rtb.sape.ru	1 redirects cdn.alfasense.net
18	ssp.otm-r.com	cdn.alfasense.net
17	sync.dmp.otm-r.com	5 redirects
10	x01.aidata.io	9 redirects
10	v.alfasrv.com
8	sync.opendsp.ru	7 redirects
6	ads.alfasense.net	telegram-vhod.ru ads.alfasense.net
6	a.utraff.com	3 redirects
6	dmg.digitaltarget.ru	1 redirects
5	vma.mts.ru	5 redirects
4	px.adhigh.net	4 redirects
4	ads.betweendigital.com	3 redirects
4	an.yandex.ru	2 redirects
4	cdn.alfasense.net	telegram-vhod.ru
3	a.lotus-dsp.ru	3 redirects
3	39d861a2-8083-48b1-bc40-e9b0fde6d7fb.sync.upravel.com	2 redirects
3	sync.upravel.com	3 redirects
3	exchange.buzzoola.com	3 redirects
3	kimberlite.io	3 redirects
3	cm.a.mts.ru	3 redirects
3	sm.rtb.mts.ru	3 redirects
2	sync.gonet-ads.com	2 redirects
2	sync.dsp.solta.io	2 redirects
2	redirect-frontend.weborama-tech.ru	2 redirects
2	ev.adriver.ru	2 redirects
2	top-fwz1.mail.ru	1 redirects
2	www.acint.net	2 redirects
2	sync.bumlam.com	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	ssp.al-adtech.com	1 redirects
2	cs.agency2.ru	1 redirects
2	sync.programmatica.com	2 redirects
2	match.ohmy.bid
2	cs.alfasense.com	telegram-vhod.ru
2	fonts.gstatic.com	fonts.googleapis.com
1	pixel.konnektu.ru	1 redirects
1	ssp.adriver.ru
1	match.new-programmatic.com
1	sync.crwdcntrl.net	1 redirects
1	cm.p.altergeo.ru	1 redirects
1	counter.yadro.ru	1 redirects
1	acint.net	1 redirects
1	videotarget-sync.rutarget.ru	1 redirects
1	rtb.moe.video
1	dm-eu.hybrid.ai
1	sync.otm-r.com
1	ads.adlook.me
1	7405722167825297297-otm.ops.beeline.ru
1	s.suprion.ru
1	sp.ohmy.bid
1	tms.dmp.wi-fi.ru
1	sync.rambler.ru
1	solta-sync.rutarget.ru	1 redirects
1	8232351891724279060340.cm.a.mts.ru	1 redirects
1	yandex.ru	1 redirects
1	6863072591724279060340.cm.a.mts.ru	1 redirects
1	cdn.taboola.com	cdn.alfasense.net
1	pa.openx.net	cdn.alfasense.net
1	hb.360yield.com	cdn.alfasense.net
1	onetag-sys.com	cdn.alfasense.net
1	runoffree.bid	telegram-vhod.ru
1	rbthre.work	telegram-vhod.ru
1	fonts.googleapis.com	telegram-vhod.ru
0	rtb.com.ru Failed
163	66

This site contains links to these domains. Also see Links.

Domain
telegram.org
play.google.com
apps.apple.com
web.telegram.org
desktop.telegram.org
t.me
my.telegram.org
otzovik.com

Subject Issuer	Validity	Valid
telegram-vhod.ru WE1	`2024-08-21` - `2024-11-19`	3mo	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3mo	crt.sh
rbthre.work R11	`2024-08-04` - `2024-11-02`	3mo	crt.sh
*.alfasense.net AlphaSSL CA - SHA256 - G4	`2023-11-22` - `2024-12-23`	1yr	crt.sh
runoffree.bid WE1	`2024-08-11` - `2024-11-09`	3mo	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3mo	crt.sh
*.alfasense.com AlphaSSL CA - SHA256 - G4	`2023-12-27` - `2025-01-27`	1yr	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	1yr	crt.sh
improvedigital.com Amazon RSA 2048 M02	`2024-02-04` - `2025-03-04`	1yr	crt.sh
pa.openx.net WR3	`2024-07-22` - `2024-10-20`	3mo	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-31`	5mo	crt.sh
*.alfasrv.com AlphaSSL CA - SHA256 - G4	`2023-10-10` - `2024-11-10`	1yr	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2023-09-14` - `2024-09-13`	1yr	crt.sh
*.otm-r.com GlobalSign GCC R6 AlphaSSL CA 2023	`2024-06-29` - `2025-07-31`	1yr	crt.sh
*.sape.ru R10	`2024-08-13` - `2024-11-11`	3mo	crt.sh
utraff.com WE1	`2024-08-02` - `2024-10-31`	3mo	crt.sh
match.ohmy.bid R11	`2024-07-21` - `2024-10-19`	3mo	crt.sh
*.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2024-05-02` - `2025-06-03`	1yr	crt.sh
sp.ohmy.bid R10	`2024-07-21` - `2024-10-19`	3mo	crt.sh
*.suprion.ru GlobalSign GCC R3 DV TLS CA 2020	`2024-05-30` - `2025-07-01`	1yr	crt.sh
*.ops.beeline.ru GlobalSign GCC R3 DV TLS CA 2020	`2024-07-17` - `2025-08-18`	1yr	crt.sh
*.adlook.me GlobalSign GCC R3 DV TLS CA 2020	`2024-06-28` - `2025-07-30`	1yr	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-03-11` - `2024-09-09`	6mo	crt.sh
*.moe.video AlphaSSL CA - SHA256 - G4	`2024-01-17` - `2025-02-17`	1yr	crt.sh
*.opendsp.ru GlobalSign GCC R6 AlphaSSL CA 2023	`2024-07-31` - `2025-09-01`	1yr	crt.sh
ad.ad-blast.ru R10	`2024-07-04` - `2024-10-02`	3mo	crt.sh
*.agency2.ru GlobalSign GCC R3 DV TLS CA 2020	`2024-07-25` - `2025-08-26`	1yr	crt.sh

This page contains 5 frames:

Primary Page: https://telegram-vhod.ru/
Frame ID: C526F7988722BF8A433F91B34E6E04F2
Requests: 174 HTTP requests in this frame

Frame: https://onetag-sys.com/static/topicsapi.html?bidder=onetag
Frame ID: 615BA6A6A437D2246F8C9C3CCE18C3B0
Requests: 1 HTTP requests in this frame

Frame: https://hb.360yield.com/privacy-sandbox/topics.html?bidder=improvedigital
Frame ID: FC67B9DE46F2F02618F7C2B0822A913B
Requests: 1 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: 677BA85CBCFA0EB4A067CE3D44C5D6E4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-prebid-browsing-topics.html?bidder=taboola
Frame ID: A0069CFD103AB06669F48BCD8C2D7B65
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Телеграм: вход на мою страницу на русском языке с компьютера или телефона

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Font API (Font scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Yandex.Direct (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

163
Requests

78 %
HTTPS

10 %
IPv6

52
Domains

66
Subdomains

40
IPs

7
Countries

982 kB
Transfer

2273 kB
Size

68
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://telegram.org/
Title: Перейти к регистрации

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=org.telegram.messenger&hl=ru&gl=US
Title: <picture class="wp-image-432 aligncenter"> <source type="image/webp" srcset="https://telegram-vhod.ru/wp-content/uploads/2021/08/gplay-300x96.png.webp"/> <img src="https://telegram-vhod.ru/wp-content/uploads/2021/08/gplay-300x96.png" alt="Загрузить на Android" width="234" height="75"/> </picture>

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/telegram-messenger/id686449807
Title: <picture class="wp-image-433 aligncenter"> <source type="image/webp" srcset="https://telegram-vhod.ru/wp-content/uploads/2021/08/appstore-300x104.jpg.webp"/> <img src="https://telegram-vhod.ru/wp-content/uploads/2021/08/appstore-300x104.jpg" alt="Загрузить на IOS" width="241" height="84"/> </picture>

Search URL Search Domain Scan URL

URL: https://web.telegram.org/k/
Title: Telegram WebK

Search URL Search Domain Scan URL

URL: https://web.telegram.org/z/
Title: Telegram WebZ

Search URL Search Domain Scan URL

URL: https://desktop.telegram.org/
Title: Telegram для Windows, Mac и Linux

Search URL Search Domain Scan URL

URL: https://telegram.org/support
Title: Telegram — техподдержка

Search URL Search Domain Scan URL

URL: https://t.me/mytelegaid_bot
Title: Telegram ID

Search URL Search Domain Scan URL

URL: https://my.telegram.org/auth?to=deactivate
Title: Удалить аккаунт в Телеграм

Search URL Search Domain Scan URL

URL: https://otzovik.com/review_5058004.html
Title: Юлия

Search URL Search Domain Scan URL

URL: https://otzovik.com/review_4659688.html
Title: Koroleva1992

Search URL Search Domain Scan URL

URL: https://otzovik.com/review_12360863.html
Title: Алексей

Search URL Search Domain Scan URL

URL: https://otzovik.com/review_11194652.html
Title: Yarusss

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://sync.dmp.otm-r.com/match/aotm.js HTTP 302
https://sync.dmp.otm-r.com/match/aotm.js?otcm_check=1724279059

Request Chain 80

https://sm.rtb.mts.ru/p?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&ssp=otmvid HTTP 301
https://vma.mts.ru/match/second?ssp=26&exu=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D HTTP 301
https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=a3f050aa-b576-473f-81b3-cefabeffe170&redirect_return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2Fo_BQqrV2Rz-Bs876vv_hcA%3Flocation%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D26%2526em%253D0%26sign%3D601428009 HTTP 302
https://6863072591724279060340.cm.a.mts.ru/cm/match?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=a3f050aa-b576-473f-81b3-cefabeffe170&redirect_return_url=https://an.yandex.ru/setud/mts_banner/o_BQqrV2Rz-Bs876vv_hcA?location%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D26%2526em%253D0%26sign%3D601428009 HTTP 302
https://an.yandex.ru/setud/mts_banner/o_BQqrV2Rz-Bs876vv_hcA?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D26%26em%3D0&sign=601428009

Request Chain 81

https://dmg.digitaltarget.ru/1/7493/i/i?a=656&e=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&i=123 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/7493/i/i?call_source=awg&ts=1724279059929&a=656&e=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&i=123

Request Chain 82

https://an.yandex.ru/mapuid/videonowssp/ HTTP 302
https://yandex.ru/an/mapuid/videonowssp/?redir-setuniq=1 HTTP 302
https://sync.dmp.otm-r.com/match/yandex_dsp_new?id=5FC71C25C7A98F35

Request Chain 83

https://kimberlite.io/rtb/sync/otm?u=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D HTTP 307
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZsZpE8No1Us HTTP 301
https://vma.mts.ru/match/second?ssp=59&exu=ZsZpE8No1Us HTTP 301
https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=a3f050aa-b576-473f-81b3-cefabeffe170&redirect_return_url=https%3A%2F%2Fexchange.buzzoola.com%2Fcookiesync%2Fdsp%2Fstream-banner%3Fuid%3Da3f050aa-b576-473f-81b3-cefabeffe170%26url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59%2526em%253D4%2526ssp%253Dbuzzoola%2526id%253D%2524%257BUUID%257D HTTP 302
https://8232351891724279060340.cm.a.mts.ru/cm/match?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=a3f050aa-b576-473f-81b3-cefabeffe170&redirect_return_url=https://exchange.buzzoola.com/cookiesync/dsp/stream-banner?uid%3Da3f050aa-b576-473f-81b3-cefabeffe170%26url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59%2526em%253D4%2526ssp%253Dbuzzoola%2526id%253D%2524%257BUUID%257D HTTP 302
https://exchange.buzzoola.com/cookiesync/dsp/stream-banner?uid=a3f050aa-b576-473f-81b3-cefabeffe170&url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D4%26ssp%3Dbuzzoola%26id%3D%24%7BUUID%7D HTTP 307
https://exchange.buzzoola.com/cookiesync/dsp/stream-banner?set_buzzoola_cookie=t&uid=a3f050aa-b576-473f-81b3-cefabeffe170&url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D4%26ssp%3Dbuzzoola%26id%3D%24%7BUUID%7D HTTP 302
https://vma.mts.ru/em?next=59&em=4&ssp=buzzoola&id=05c3b8ab-2587-4b13-5c57-520d7bb6d820 HTTP 301
https://kimberlite.io/rtb/sync/mts?u=a3f050aa-b576-473f-81b3-cefabeffe170 HTTP 307
https://solta-sync.rutarget.ru/sync HTTP 302
https://kimberlite.io/rtb/sync/segmento?u=KHhRqvvB6uMO HTTP 307
https://sync.dmp.otm-r.com/match/solta_banner_video?id=ZsZpE8No1Uo

Request Chain 87

https://sync.programmatica.com/match/OTM?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D HTTP 302
https://sync.programmatica.com/match/OTM?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&chk=1 HTTP 302
https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&prog_id=NjgyNjEwZjQwNTZmZjc1ZQ

Request Chain 88

https://ads.betweendigital.com/match?bidder_id=42919&callback_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fvihub1%3Fid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=42919&callback_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fvihub1%3Fid%3D%24%7BUSER_ID%7D&crf=1&rts=8042008082149841578 HTTP 302
https://sync.dmp.otm-r.com/match/vihub1?id=b561a65c-e1b3-52eb-8d32-c8adebf4a1b9

Request Chain 90

https://cs.agency2.ru/p?ssp=ai HTTP 301
https://x01.aidata.io/0.gif?pid=7140034&id=abb81910-bfbf-442b-891f-133419037e47 HTTP 302
https://x01.aidata.io/0.gif?pid=7140034&id=abb81910-bfbf-442b-891f-133419037e47&bounce=1

Request Chain 97

https://ssp.al-adtech.com/api/sync/otm HTTP 302
https://sync.dmp.otm-r.com/match/astralab?id=754c7141-ad87-4d47-9fd6-f40feebfa96e HTTP 302
https://ssp.al-adtech.com/api/openrtb/match/otm?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D

Request Chain 101

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fweborama%3Fid%3D{WEBO_CID} HTTP 307
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fweborama%3Fid%3D%7BWEBO_CID%7D&bounce=1&random=3916398465 HTTP 302
https://sync.dmp.otm-r.com/match/weborama?id=22g4jjYW3HUDQtUTLVm1xu

Request Chain 102

https://exchange.buzzoola.com/cookiesync/redirect/videotarget?redirect_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fbazzoola%3Fid%3D%24%7BUUID%7D HTTP 302
https://sync.dmp.otm-r.com/match/bazzoola?id=e61dc380-47e9-4d77-6209-45a00f784442

Request Chain 104

https://sync.opendsp.ru/match/otm_wl?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D HTTP 302
https://sync.opendsp.ru/match/otm_wl?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&chk=1 HTTP 302
https://sync.dmp.otm-r.com/match/open_ssp?id=NTBlMjY3N2QxNjUyODA2Ng HTTP 302
https://sync.opendsp.ru/match/otm_ex?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=45814&callback_url=https%3A%2F%2Fsync.opendsp.ru%2Fmatch%2FBetween_ex%3Fid%3D%24%7BUSER_ID%7D HTTP 302
https://sync.opendsp.ru/match/Between_ex?id=b561a65c-e1b3-52eb-8d32-c8adebf4a1b9 HTTP 302
https://a.utraff.com/sync?ssp=3368 HTTP 302
https://sync.dmp.otm-r.com/match/umg HTTP 302
https://a.utraff.com/sync?dsp=OTM&buyerid=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D

Request Chain 106

https://videotarget-sync.rutarget.ru/sync HTTP 302
https://sync.dmp.otm-r.com/match/segmento?id=KHhRqvvB6uMO

Request Chain 108

https://sync.upravel.com/image?source=otm&id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&return_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fmgcomm%3Fid%3D%7BUID%7D HTTP 302
https://sync.upravel.com/image?source=otm&id=NjZjNjY5MTMwZTc2NmY5MQ%253D%253D&return_url=https%253A%252F%252Fsync.dmp.otm-r.com%252Fmatch%252Fmgcomm%253Fid%253D%257BUID%257D&session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly90ZWxlZ3JhbS12aG9kLnJ1LyJdfX0 HTTP 302
https://39d861a2-8083-48b1-bc40-e9b0fde6d7fb.sync.upravel.com/image?source=otm&id=NjZjNjY5MTMwZTc2NmY5MQ%253D%253D&return_url=https%253A%252F%252Fsync.dmp.otm-r.com%252Fmatch%252Fmgcomm%253Fid%253D%257BUID%257D&ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly90ZWxlZ3JhbS12aG9kLnJ1LyIsImh0dHBzOi8vdGVsZWdyYW0tdmhvZC5ydS8iXX19 HTTP 302
https://39d861a2-8083-48b1-bc40-e9b0fde6d7fb.sync.upravel.com/https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fmgcomm%3Fid%3D%7BUID%7D

Request Chain 109

https://sync.bumlam.com/?src=otm1&rurl=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fsnp%3Fid%3D%7BUID3%7D&uid=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D HTTP 302
https://sync.bumlam.com/?src=otm1&s_data=CAIQARiV0pm2BjIuaHR0cHM6Ly9zeW5jLmRtcC5vdG0tci5jb20vbWF0Y2gvc25wP2lkPXtVSUQzfWIYTmpaak5qWTVNVE13WlRjMk5tWTVNUT09ogEQHOfz3GAMEe-bewAlkMgkNg** HTTP 302
https://sync.dmp.otm-r.com/match/snp?id=1ce7f3dc-600c-11ef-9b7b-002590c82436

Request Chain 110

https://sync.opendsp.ru/match/OTM_bannner?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D HTTP 302
https://a.utraff.com/sync?ssp=3368 HTTP 302
https://a.lotus-dsp.ru/sync?id=cab4b4fe-80b9-46b3-8ca4-5685fe18a798&ssp=UMG HTTP 302
https://dmg.digitaltarget.ru/1/7612/i/i?a=2367&e=95456856-f20e-4509-ac31-5428d9882e92&i=4499133008214209589

Request Chain 111

https://www.acint.net/rmatch?dp=68&euid=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&r=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fsape_stable%3Fid%3D%24%7BUSER_ID%7D HTTP 302
https://www.acint.net/rmatch?r=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fsape_stable%3Fid%3D$%7BUSER_ID%7D&dp=68&tc=1&euid=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fsync.dmp.otm-r.com%252Fmatch%252Fsape_stable%253Fid%253D$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=2903420A1369C6664E0680AF029C5F0B&r=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fsape_stable%3Fid%3D$%7BUSER_ID%7D HTTP 302
https://sync.dmp.otm-r.com/match/sape_stable?id=0900007F1469C6660B015B1402BE24C3

Request Chain 112

https://x01.aidata.io/0.gif?pid=OTM&id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D HTTP 302
https://px.adhigh.net/p/cm/aidata?u=ZRLdvwxINAJJQSSQoIEx9A&back=SYNC HTTP 302
https://px.adhigh.net/p/cm/aidata?u=ZRLdvwxINAJJQSSQoIEx9A&back=SYNC&bounced=1 HTTP 302
https://x01.aidata.io/0.gif?pid=GETINTENT&id=5GJ3xq0Cs7G.AikABlGRdwp6ww&back=SYNC HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=SYNC HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=SYNC HTTP 302
https://sync.dmp.otm-r.com/match/aidata?back=SYNC&rp=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DOTM%26id%3D%7Bpid%7D HTTP 302
https://x01.aidata.io/0.gif?pid=OTM&id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&back=SYNC HTTP 302
https://sync.upravel.com/aidata/sync?back=SYNC HTTP 302
https://39d861a2-8083-48b1-bc40-e9b0fde6d7fb.sync.upravel.com/aidata/sync?back=SYNC&ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly90ZWxlZ3JhbS12aG9kLnJ1LyJdfX0 HTTP 302
https://x01.aidata.io/0.gif?pid=MGCOM&id=39d861a2-8083-48b1-bc40-e9b0fde6d7fb&back=SYNC HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/ZRLdvwxINAJJQSSQoIEx9A?sign=591236166&location=https%3A//x01.aidata.io/0.gif%3Fpid%3DSYNC HTTP 302
https://x01.aidata.io/0.gif?pid=SYNC HTTP 302
https://cm.p.altergeo.ru/aidata?aid=ZRLdvwxINAJJQSSQoIEx9A&nc=2822&url=https%3A//x01.aidata.io/0.gif%3Fpid%3DALTERGEO%26id%3D%24%7BUSER_ID%7D%26rnd%3D%24%7BRANDOM%7D%26back%3DSYNC HTTP 302
https://x01.aidata.io/0.gif?pid=ALTERGEO&id=CMPR1mcwsDSEehCP4Bk0aIBg==&rnd=3cdfae17&back=SYNC HTTP 302
https://sync.crwdcntrl.net/map/c=7645/tp=AIDA/gdpr=0/gdpr_consent=DAISYBIT/?https://x01.aidata.io/0.gif?pid=LOTAME&id=ZRLdvwxINAJJQSSQoIEx9A&back=SYNC HTTP 302
https://x01.aidata.io/0.gif?pid=LOTAME&id=ZRLdvwxINAJJQSSQoIEx9A&back=SYNC HTTP 302
https://top-fwz1.mail.ru/counter?id=3202981;pid=ZRLdvwxINAJJQSSQoIEx9A HTTP 302
https://top-fwz1.mail.ru/counter2?id=3202981;pid=ZRLdvwxINAJJQSSQoIEx9A

Request Chain 113

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5932509&bn=5932509&rnd=1234567890 HTTP 302
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5932509&bn=5932509&rnd=1234567890&tuid=-6276352620 HTTP 302
https://sync.dmp.otm-r.com/match/adriver.img?id=AjbCtpHpzM_f8IJu5eIICBg

Request Chain 114

https://a.utraff.com/sync?ssp=3031&id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D HTTP 302
https://a.lotus-dsp.ru/sync?id=cab4b4fe-80b9-46b3-8ca4-5685fe18a798&ssp=UMG HTTP 302
https://dmg.digitaltarget.ru/1/7612/i/i?a=2367&e=4ed31a3a-dd5a-430c-a0dc-f1ce08beae87&i=8030458303540427155

Request Chain 115

https://redirect-frontend.weborama-tech.ru/rd?url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fweborama_newUrl%3Fid%3D{WEBO_CID} HTTP 307
https://redirect-frontend.weborama-tech.ru/rd?url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fweborama_newUrl%3Fid%3D%7BWEBO_CID%7D&bounce=1&random=1284695956 HTTP 302
https://sync.dmp.otm-r.com/match/weborama_newUrl?id=Fjsb2UL0gZtqbdaP8uMx2O

Request Chain 118

https://sync.dsp.solta.io/match/OTM_direct_piratka_ssp?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D HTTP 302
https://sync.dsp.solta.io/match/OTM_direct_piratka_ssp?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&chk=1 HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=164&external_id=NDcyZWM2MWMyMGRkZDcwZQ

Request Chain 119

https://px.adhigh.net/p/cm/otm_video HTTP 302
https://px.adhigh.net/p/cm/otm_video?bounced=1 HTTP 302
https://sync.dmp.otm-r.com/match/getintent?id=5GJ3xq0Cs7G.AikABlGRdwp6ww

Request Chain 120

https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D HTTP 302
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&pupa=1 HTTP 302
https://sync.dmp.otm-r.com/match/hyperadx?id=fd46088e-6776-cdfa-7436-58beebbf6d2e HTTP 302
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D HTTP 302
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&pupa=1 HTTP 302
https://sync.dmp.otm-r.com/match/hyperadx?id=fd46088e-6776-cdfa-7436-58beebbf6d2e HTTP 302
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D HTTP 302
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&pupa=1 HTTP 302
https://sync.dmp.otm-r.com/match/hyperadx?id=fd46088e-6776-cdfa-7436-58beebbf6d2e HTTP 302
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D HTTP 302
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&pupa=1 HTTP 302
https://sync.dmp.otm-r.com/match/hyperadx?id=fd46088e-6776-cdfa-7436-58beebbf6d2e HTTP 302
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D HTTP 302
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&pupa=1 HTTP 302
https://sync.dmp.otm-r.com/match/hyperadx?id=fd46088e-6776-cdfa-7436-58beebbf6d2e HTTP 302
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D HTTP 302
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&pupa=1 HTTP 302
https://sync.dmp.otm-r.com/match/hyperadx?id=fd46088e-6776-cdfa-7436-58beebbf6d2e HTTP 302
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D HTTP 302
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&pupa=1 HTTP 302
https://sync.dmp.otm-r.com/match/hyperadx?id=fd46088e-6776-cdfa-7436-58beebbf6d2e

Request Chain 121

https://sync.opendsp.ru/match/otm_ex?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D HTTP 302
https://sm.rtb.mts.ru/p?ssp=tradingdesk&id=NTBlMjY3N2QxNjUyODA2Ng HTTP 301
https://vma.mts.ru/match/second?ssp=67&exu=NTBlMjY3N2QxNjUyODA2Ng HTTP 301
https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=a3f050aa-b576-473f-81b3-cefabeffe170&redirect_return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D67%2526em%253D1%2526ssp%253Dkonnektu%2526id%253D%257BUSER_ID%257D HTTP 302
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D67%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D HTTP 302
https://vma.mts.ru/em?next=67&em=1&ssp=konnektu&id= HTTP 301
https://sync.opendsp.ru/match/mts_dsp?id=a3f050aa-b576-473f-81b3-cefabeffe170 HTTP 302
https://dmg.digitaltarget.ru/1/7601/i/i?a=2121&i=1pbm710mudgui&e=NTBlMjY3N2QxNjUyODA2Ng

Request Chain 122

https://sync.gonet-ads.com/match/OTM?rid=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D HTTP 302
https://sync.gonet-ads.com/match/OTM?rid=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&chk=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=4098&external_user_id=ZjliODQ5OGExZGJlZGUw

Request Chain 123

https://a.lotus-dsp.ru/sync?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&ssp=BeelineADX HTTP 302
https://dmg.digitaltarget.ru/1/7612/i/i?a=2367&e=c90a8e0c-f688-408f-9d75-1c74c38d70fc&i=6479013318834386970

163 HTTP transactions
19 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
telegram-vhod.ru/ 153 KB
30 KB 374ms
301ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://telegram-vhod.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.21
Resource Hash: 0016bd4524b3414e66acb229cdfacf44fccb2787a21c689bbeb490570f019760

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8b6e08504df891d8-FRA
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Wed, 21 Aug 2024 22:24:18 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Thu, 20 Oct 2022 07:02:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sfrUNtR6KbeAVWvDi8iheCadkvpRwyATbeTuGvdaMGcSa1OTM2x4zfP9tR8X56n%2BFYGb1U5kJoF%2FE6%2B1Cp9B%2Bxcs3Iqumr0JONN6MKt%2BUR7WZMECXb8p%2BTCBROqZIk%2F6KhFC"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/8.2.21

GET
H3 200 966024772180d69f3b916de1146e9004.css
telegram-vhod.ru/wp-content/cache/min/1/ 587 KB
107 KB 321ms
320ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://telegram-vhod.ru/wp-content/cache/min/1/966024772180d69f3b916de1146e9004.css
Requested by: Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.21
Resource Hash: e204b27cd10194c2883e916c4ab6f17ff1f775846a0818988627a7bca75e8364

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:18 GMT
content-encoding: zstd
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.2.21
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Fri, 05 Aug 2022 08:04:38 GMT
server: cloudflare
etag: W/"a956b921895032b8094380070833cc42"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f21mPA%2FdpfV%2FPw7KbSL7owBmYFunpPJYHOUEV9PAkLuGuQVUgSrouL0%2Foq4pj5b43Ay4e%2BBQuwMR4JpiffKLwTnmmuGLn7PS9ZEyp0yh%2FM%2FUc5cYLt4kyXdkxGwMJQ%2Fd2ilk"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
ddg-cache-status: MISS
cache-control: public, max-age=2592000
cf-ray: 8b6e08522f6a91d8-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1017 B 165ms
66ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300&display=swap

Requested by

Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a77bdf507ef026d1a9831cd2be4194a6b05798b59ebe98c06324c66b160a023e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Aug 2024 22:24:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Aug 2024 21:53:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Aug 2024 22:24:18 GMT

GET
H3 200 jquery.min.js Show response
telegram-vhod.ru/wp-includes/js/jquery/ 87 KB
33 KB 314ms
314ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://telegram-vhod.ru/wp-includes/js/jquery/jquery.min.js
Requested by: Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.21
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:18 GMT
content-encoding: zstd
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.2.21
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Wed, 17 Nov 2021 08:58:29 GMT
server: cloudflare
etag: W/"02dd5d04add4759122013c5ab4dc5cc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YCQM9Vz8uyeHueuFHuur6KQ4b5h6DZfbS4pjlu1g5NgznAn2HQDqCnHrpMF7yti%2BCpdWHo1ERWLo7IEcdAq%2BH7orJgtIDfYhNc07sC%2FO88GhB5Kegdz6gDdRVrblbiKHpW59"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
ddg-cache-status: MISS
cache-control: public, max-age=2592000
cf-ray: 8b6e085338ad91d8-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 jquery-migrate.min.js Show response
telegram-vhod.ru/wp-includes/js/jquery/ 11 KB
5 KB 164ms
164ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://telegram-vhod.ru/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.21
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:18 GMT
content-encoding: zstd
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.2.21
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Wed, 17 Nov 2021 08:58:29 GMT
server: cloudflare
etag: W/"79b4956b7ec478ec10244b5e2d33ac7d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BPC%2FABs%2BpWYIxN5wxojpUAsksA5YlyeL2vHPjL8I9iwHgpCNBBsXMGjJKCIbQ0VUDdIzYgcETOSssWZFBHfQ5aF7S%2Bv8JsVa8MFulP4hjOQ8Lf4d2OMhGBNgudFeN5BDn8tp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
ddg-cache-status: MISS
cache-control: public, max-age=2592000
cf-ray: 8b6e0854fa3c91d8-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 acp_script.js Show response
telegram-vhod.ru/wp-content/cache/min/1/wp-content/plugins/anti_copypaste/js/ 1 KB
1 KB 151ms
150ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://telegram-vhod.ru/wp-content/cache/min/1/wp-content/plugins/anti_copypaste/js/acp_script.js?ver=1659686678
Requested by: Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.21
Resource Hash: 5bf26f5c16e35e6c2114a0594f8c5a7079d8bd58779ba47276d5c2e5f052c1f4

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:18 GMT
content-encoding: zstd
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.2.21
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Fri, 05 Aug 2022 08:04:38 GMT
server: cloudflare
etag: W/"c7990ebf1b1089032e3ae6c485f76a3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PuJWJwmsim%2B%2F3rs3JUXL3qYUoIgX2HDK8YtTvBTzwt5iYz9Brn%2BEmfh8t0lxk3SLJr%2Fijm4ryGsQSnH49uAcD5EBL2GIEi3LKYrn5mN3PMA5f3%2BfMmx30ZP7iLh1igPuyldm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
ddg-cache-status: MISS
cache-control: public, max-age=2592000
cf-ray: 8b6e08552a6491d8-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 pageloader.js Show response
telegram-vhod.ru/wp-content/cache/min/1/wp-content/plugins/pageloader-by-bonfire/ 6 KB
3 KB 154ms
151ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://telegram-vhod.ru/wp-content/cache/min/1/wp-content/plugins/pageloader-by-bonfire/pageloader.js?ver=1659686678
Requested by: Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.21
Resource Hash: 06c2aed66c8073d996a7a1b5273b391b87603afbc424596860bd9c68cc99ce33

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:18 GMT
content-encoding: zstd
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.2.21
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Fri, 05 Aug 2022 08:04:38 GMT
server: cloudflare
etag: W/"212764dbc926108b6ee586f5d503edf0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pcUkXodwBku8Jvg3Y42k9h5OWO9UpM09b18qDUEUFlwhAOXQ2tSmaJOxcqI20xwK10WDAbtof5tljBebTJEwZ9eeEzWCIdDZ8qXerdCxJQ3v97xM6ZjWJJg80xdlJC24DD5M"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
ddg-cache-status: MISS
cache-control: public, max-age=2592000
cf-ray: 8b6e08552a6591d8-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 alfadart.lib.min.js Show response
telegram-vhod.ru/wp-content/cache/min/1/lib/ 39 KB
10 KB 265ms
262ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://telegram-vhod.ru/wp-content/cache/min/1/lib/alfadart.lib.min.js?ver=1659686678
Requested by: Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.21
Resource Hash: e95b99de83086935662de2b0825f3dba452f397005c843647a14d82004fe2ee2

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:18 GMT
content-encoding: zstd
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.2.21
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Fri, 05 Aug 2022 08:04:38 GMT
server: cloudflare
etag: W/"b4c41bed5d0fef5f1933a3a2778b41c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ZPgsDgSFbYhTmTtnDp6V606a0tNjqn6hkQ%2FW7xRegOsU28ZWRdewxJM0gVS8xQRfQrcP0tcwVFYVJjHnNyqJtsZyKau5%2BZHA8OAKmH4OXE3K47Akf6nBs1Ir35b9YHwVMPo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
ddg-cache-status: MISS
cache-control: public, max-age=2592000
cf-ray: 8b6e08552a6891d8-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 layout_1258.js Show response
telegram-vhod.ru/wp-content/cache/min/1/js/ 75 KB
3 KB 293ms
290ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://telegram-vhod.ru/wp-content/cache/min/1/js/layout_1258.js?ver=1659686678
Requested by: Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.21
Resource Hash: 8c8fcd38f9e2d01a5cb910e5237687450a2c4abc94851428fa07f6fefed1dbd7

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:18 GMT
content-encoding: zstd
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.2.21
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Fri, 05 Aug 2022 08:04:38 GMT
server: cloudflare
etag: W/"6005783aa055d2b2cf65e574a7fd5a44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tGaHcInSnWVUUq5O9n3OrtUzMc558bQrsVXckDGt4%2FOnkfZ300wrACK6TM80DJK%2Fw0HOiZEFjqZ2ML3enMQTRyeCB%2B4nSOjEu%2FU8H357tkUc14G5BzUsGytniFuzg6N8DLaI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
ddg-cache-status: MISS
cache-control: public, max-age=2592000
cf-ray: 8b6e08552a6991d8-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 ad_builder.min.js Show response
telegram-vhod.ru/wp-content/cache/min/1/lib/ 10 KB
3 KB 295ms
292ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://telegram-vhod.ru/wp-content/cache/min/1/lib/ad_builder.min.js?ver=1659686679
Requested by: Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.21
Resource Hash: b66ebd935138c41878d71a1aaed45271b61cd93cc13d782b555ddc1c36bd1658

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:18 GMT
content-encoding: zstd
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.2.21
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Fri, 05 Aug 2022 08:04:39 GMT
server: cloudflare
etag: W/"6b3c7574535c711f4888d3321aeac38b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wJQMssOcKhiMS2LY2ZT7ZXAvmmVxiHD0aZB7aZO2u0QbmnCfUoKUtwWeAr%2BF5As6FToCZhSd00zTKUPZeSf%2FdMEFw3%2BzZ%2FImZ2%2B%2Fcqs5p7OtlPRORMuO7flZXj3vCAW0GLMN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
ddg-cache-status: MISS
cache-control: public, max-age=2592000
cf-ray: 8b6e08552a6a91d8-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 AnEj7N72N.js Show response
rbthre.work/pjs/ 108 KB
15 KB 198ms
88ms Script
application/javascript 46.4.104.244
HETZNER-AS

General

Check archive.org

Download Go to

Full URL

https://rbthre.work/pjs/AnEj7N72N.js

Requested by

Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.104.244 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

53a6dea0bae08e1660302e90a358bc756691450c1f48182d95bac2a3803c1086

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:18 GMT
strict-transport-security: max-age=63072000
content-encoding: br
last-modified: Wed, 20 Dec 2023 14:47:44 GMT
server: nginx
etag: W/"6582fe90-1b0e1"
content-type: application/javascript
cache-control: max-age=600, public, must_revalidate
expires: Wed, 21 Aug 2024 22:34:18 GMT

GET
H2 200 alfadart.lib.min.js Show response
cdn.alfasense.net/lib/ 35 KB
10 KB 269ms
23ms Script
application/javascript 5.101.37.37
EDGEAMLLC

General

Check archive.org

Download Go to

Full URL

https://cdn.alfasense.net/lib/alfadart.lib.min.js

Requested by

Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM),

Reverse DNS

Software

nginx /

Resource Hash

7db1573968df00302c4f8cb84510fcd0da618b9a1d528fdc297741a6b904d9b9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';frame-src 'self';
Strict-Transport-Security	max-age=5; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:18 GMT
strict-transport-security: max-age=5; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none';frame-src 'self';
content-encoding: gzip
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
x-cached-since: 2024-08-21T22:23:37+00:00
cross-origin-resource-policy: cross-origin
x-node: am4-up-gc94
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 18 Apr 2024 10:46:13 GMT
server: nginx
cross-origin-opener-policy: same-origin-allow-popups
etag: W/"6620f9f5-8dfa"
expect-ct: max-age=3600, enforce
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=60
cache: HIT
permissions-policy: geolocation=(self), payment=(self)

GET
H2 200 layout_1258.js Show response
cdn.alfasense.net/js/ 69 KB
4 KB 324ms
78ms Script
application/javascript 5.101.37.37
EDGEAMLLC

General

Check archive.org

Download Go to

Full URL

https://cdn.alfasense.net/js/layout_1258.js

Requested by

Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM),

Reverse DNS

Software

nginx /

Resource Hash

e7abbf57ef185de5b6fac7fdd8b74fca3ba9cfdfc8bbeab88af3f646a7109c63

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';frame-src 'self';
Strict-Transport-Security	max-age=5; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:19 GMT
strict-transport-security: max-age=5; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none';frame-src 'self';
content-encoding: gzip
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: cross-origin
x-node: am4-up-gc95
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 09 Jun 2024 05:13:05 GMT
server: nginx
cross-origin-opener-policy: same-origin-allow-popups
etag: W/"666539e1-112e0"
expect-ct: max-age=3600, enforce
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=60
cache: MISS
permissions-policy: geolocation=(self), payment=(self)

GET
H2 200 ad_builder.min.js Show response
cdn.alfasense.net/lib/ 10 KB
3 KB 268ms
22ms Script
application/javascript 5.101.37.37
EDGEAMLLC

General

Check archive.org

Download Go to

Full URL

https://cdn.alfasense.net/lib/ad_builder.min.js

Requested by

Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM),

Reverse DNS

Software

nginx /

Resource Hash

cab180c4309ff825f7a5db2db97cf59ba2e33d849360e235b930c497c2cc087c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';frame-src 'self';
Strict-Transport-Security	max-age=5; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:18 GMT
strict-transport-security: max-age=5; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none';frame-src 'self';
content-encoding: gzip
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
x-cached-since: 2024-08-21T22:23:17+00:00
cross-origin-resource-policy: cross-origin
x-node: am4-up-gc94
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 09 Sep 2022 06:34:34 GMT
server: nginx
cross-origin-opener-policy: same-origin-allow-popups
etag: W/"631ade7a-28b4"
expect-ct: max-age=3600, enforce
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=60
cache: STALE
permissions-policy: geolocation=(self), payment=(self)

GET
H3 200 AnEj7N72N.js Show response
runoffree.bid/pjs/ 108 KB
19 KB 148ms
73ms Script
application/javascript 172.67.153.14
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://runoffree.bid/pjs/AnEj7N72N.js

Requested by

Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.153.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53a6dea0bae08e1660302e90a358bc756691450c1f48182d95bac2a3803c1086

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:18 GMT
strict-transport-security: max-age=63072000
content-encoding: zstd
cf-cache-status: MISS
last-modified: Wed, 20 Dec 2023 14:47:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6582fe90-1b0e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rwiETny4gJa9VDMW4XaadAyAlWmU34l%2B7mXSCTCiYaxvJBaAzkFj%2BGfhqZnIeEBK4Fw7qJV89nW5bvfD9Rh9ZviJzBCtTsX219upPULxcwByQalTXJJ%2F3bzmMmtq%2BMXk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400, must_revalidate
cf-ray: 8b6e08558d8535e6-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 21 Aug 2024 22:34:18 GMT

GET
H3 200 scripts.min.js Show response
telegram-vhod.ru/wp-content/plugins/expert-review/assets/public/js/ 12 KB
4 KB 292ms
290ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://telegram-vhod.ru/wp-content/plugins/expert-review/assets/public/js/scripts.min.js
Requested by: Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.21
Resource Hash: 68d17341a90b4af7400a9096afe504bf2d21bf378c5f3e594436dbba105afe84

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:18 GMT
content-encoding: zstd
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.2.21
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Wed, 17 Nov 2021 08:58:17 GMT
server: cloudflare
etag: W/"c0cc3711a0b3ce2f078b0dd7a90cb7bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w3eRDel%2BGOKmgM0JDDsuM82IEFEUu%2BulVgrEHOW3XB69exCD9iIJCXzvFyu5ynI%2BA24ylIFIcRcj5IWzC6zPOTKEPi2TDuTCbm8RXA3k721LSfjfqetxA%2BruQUfWfV7qxjd%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
ddg-cache-status: MISS
cache-control: public, max-age=2592000
cf-ray: 8b6e08552a6b91d8-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 front.min.js Show response
telegram-vhod.ru/wp-content/plugins/table-of-contents-plus/ 6 KB
3 KB 154ms
152ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://telegram-vhod.ru/wp-content/plugins/table-of-contents-plus/front.min.js
Requested by: Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.21
Resource Hash: 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:18 GMT
content-encoding: zstd
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.2.21
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Wed, 17 Nov 2021 08:58:23 GMT
server: cloudflare
etag: W/"db6afe5fc3125bfbb7631cdc894f95f7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oSbQJ3zhVPaXaRkewwj3cgEg0%2FLlD4kQR%2FLxgcNn2xBLSG10T%2BYOaOSqh80d4GCTd1rcBrtUeUHlwrkkpRw%2F%2B7xxpmIdrefzgKfUS0ciRuxhud4NcS0XKOX9RpoScKEKRqLa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
ddg-cache-status: MISS
cache-control: public, max-age=2592000
cf-ray: 8b6e08552a6d91d8-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 us.core.min.js Show response
telegram-vhod.ru/wp-content/themes/Impreza/js/ 165 KB
43 KB 343ms
342ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://telegram-vhod.ru/wp-content/themes/Impreza/js/us.core.min.js
Requested by: Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.21
Resource Hash: f1a1a444c42c8ee5566f7bddee744394a542545a6cfc2a0e17560fb5a4984e6f

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:19 GMT
content-encoding: zstd
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.2.21
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Wed, 17 Nov 2021 08:58:12 GMT
server: cloudflare
etag: W/"c79fdd07d6841bb3cc58a5d8483441c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SM1YvMakWCHEQa3RA3r7ef6hQbAB%2FlU%2BKt8ZiIC6cNDX9yTIoXiBr6mQiOyiNkfrPPi6p02P7ewcdP1%2Bjo0D8XYimScSEdViYTrTMApH7TLKmGAQfRfI5d7UhN7ZodXJcgN7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
ddg-cache-status: MISS
cache-control: public, max-age=2592000
cf-ray: 8b6e08552a6f91d8-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 q2w3-fixed-widget.min.js Show response
telegram-vhod.ru/wp-content/plugins/q2w3-fixed-widget/js/ 4 KB
2 KB 304ms
302ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://telegram-vhod.ru/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js
Requested by: Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.21
Resource Hash: 9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:18 GMT
content-encoding: zstd
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.2.21
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Wed, 17 Nov 2021 08:58:16 GMT
server: cloudflare
etag: W/"05a47a4cdef27a7d9abb74545b6458df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UGHEX5Fo7BqQEHoVf5js05oAPO1NyF1KoI9vobZuiqFPK%2FKSrlsYGzdSU3gJ8BR72XP6wHmBr8wd9QZU0bjXwET0UJKR6UOdkIXYPFUujsqLlK9zlYCOf7m8mivzcNGv%2FQQW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
ddg-cache-status: MISS
cache-control: public, max-age=2592000
cf-ray: 8b6e08552a7091d8-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 comment-reply.min.js Show response
telegram-vhod.ru/wp-includes/js/ 3 KB
2 KB 263ms
261ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://telegram-vhod.ru/wp-includes/js/comment-reply.min.js
Requested by: Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.21
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:18 GMT
content-encoding: zstd
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.2.21
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Tue, 24 May 2022 22:21:02 GMT
server: cloudflare
etag: W/"492f2c1a7ea7eb83fe42e0ff7cb51aa2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eLk1eA7Ez6C9K0w9ezpRtrwwXjiLaSo7MC4C43RJdKB4%2BE0mD6H%2BTFirYkiGKl0qtzneMHMIwX4VNddJ2IACchDLYlhUphcp8B9lsSoaJWrgutgjfqgFdOi%2FWbph9Lf%2Fh9VV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
ddg-cache-status: MISS
cache-control: public, max-age=2592000
cf-ray: 8b6e08552a7291d8-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 lazyload.min.js Show response
telegram-vhod.ru/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 303ms
303ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://telegram-vhod.ru/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by: Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.21
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:18 GMT
content-encoding: zstd
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.2.21
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Wed, 17 Nov 2021 08:58:15 GMT
server: cloudflare
etag: W/"d18523e4a4aaa9420a86e4dddfb07554"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2BApajX%2BOTzrUbzmQbyC6NBnm9Hh%2BiVMuu26IHXYn1X9X8ZgYdq0XFoLN7gxax2iS6OgThEsNjsG0fSGUQ7RfckaiC5GEFI1QYFGzbfRYzagwrpSNpMnjQ6WaCyl62kGQdfH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
ddg-cache-status: MISS
cache-control: public, max-age=2592000
cf-ray: 8b6e08552a7391d8-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9ad6189a89fa41bfd756d25eee3c9f779e2278f4d450a5c936d80353b397505

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50c27c2ff11fdc5cb88800c4381b11f29779d8bd5a9f3c19a31881bf2b99050f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9956002622af84fe6d7381f28c8022c8ba911a37394fe1ee539dc00ae8a92a7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4da9dc8b7e28bed24064a6d09485937392305d6a0b5705b7bd1e9d667c468caa

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0371599000508142c79d194a430c399ad7a6df9358bc7d3bb401181978d67f6

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16754e391cf40d9b61e529909d1e2fedd0d056787ade16816d548277194cd011

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 027953391c39a3093adae690b00ad1d30fee6c48d879c168cbb66bf03f627ffa

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3e5b2b83ff4eb8184f5079fe95cd285442924ef29bd85a20de91673a8f006f4

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3c1739089b2e3758fcd3bea52fe53a98287fd6f14ad7389b26d34612d3ebaa2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7df82e9f20e70d49b5f26ab9f84d5d51e1ac27ebff7a3767ab102f63319a9cd

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6abe24a2dc126cebd7dd0f387e6aaedfbf9d0d8e36f18c21501309140f727c48

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 076b572bc3a5e47814f81f4c9226a635df0a1fbcf22e3dfe49e43e64147049cc

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e32b50f21ff741e53f88e03f0a6039785c146456249a365f72e16e1f5e4aa8f4

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c1e15405a1e924479c6fdccebf89fa6562a9f003b5a012d9def5ae68a6ac6d8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e253a18f20d5497bba5dc100ef1a433ba25f06fb7946224f50b8d4ded4913eb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d10bdab19ebd5628ab2302d4da3463d70182188c2fd283ea475d6e15bdb458d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 768 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c809be2c783913c87ab2aff71ce6701c8425af65da48c44a7283a1ea48ca24e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 121ms
32ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://telegram-vhod.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 13:56:27 GMT
x-content-type-options: nosniff
age: 116871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18492
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 13:56:27 GMT

GET
H3 200 fa-solid-900.woff2
telegram-vhod.ru/wp-content/themes/Impreza/fonts/ 138 KB
138 KB 284ms
283ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://telegram-vhod.ru/wp-content/themes/Impreza/fonts/fa-solid-900.woff2?ver=7.12
Requested by: Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.21
Resource Hash: 8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2

Request headers

Referer: https://telegram-vhod.ru/
Origin: https://telegram-vhod.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:19 GMT
cf-cache-status: BYPASS
last-modified: Wed, 17 Nov 2021 08:58:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.21
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ghm4Lvd09KC3kHj%2B3i5O3%2FP7gLSVJVdgVK8z0VSoRzuNeuOaiFNsYFyAXFuUbNt7D6Q%2BnrPowTTxC9ZMESgqJK411Xt%2FCl0dTZnwhaOUX8gjFYlDBf7hzfxeFH8wy9HXWwPt"}],"group":"cf-nel","max_age":604800}
content-type: (null)
ddg-cache-status: MISS
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8b6e08556aa191d8-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 fa-regular-400.woff2
telegram-vhod.ru/wp-content/themes/Impreza/fonts/ 170 KB
170 KB 189ms
188ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://telegram-vhod.ru/wp-content/themes/Impreza/fonts/fa-regular-400.woff2?ver=7.12
Requested by: Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.21
Resource Hash: 4e4cc2d5669ad1bb831c050c273dbf760a070eb5f413458cf5cd7625c594a583

Request headers

Referer: https://telegram-vhod.ru/
Origin: https://telegram-vhod.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:18 GMT
cf-cache-status: BYPASS
last-modified: Wed, 17 Nov 2021 08:58:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.21
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fz1Vz8CNoyi8eBAThjzfUwgeT%2BqK3YskZ7f4OeyORImUdMihw0ceIwoHnwL1ILONIq5GCwEiUw02XNw%2FUc%2Fr80tS%2F0Gvx4ZjDEC9ipCni3Xq4WsZNy1z1wsGG1rzVlG%2Bq4OM"}],"group":"cf-nel","max_age":604800}
content-type: (null)
ddg-cache-status: MISS
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8b6e08556aa491d8-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 forkawesome-webfont.woff2
telegram-vhod.ru/wp-content/plugins/shortcodes-ultimate/includes/fonts/fork-awesome/ 88 KB
89 KB 347ms
346ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://telegram-vhod.ru/wp-content/plugins/shortcodes-ultimate/includes/fonts/fork-awesome/forkawesome-webfont.woff2?v=1.0.11
Requested by: Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/wp-content/cache/min/1/966024772180d69f3b916de1146e9004.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.21
Resource Hash: ec8604d4eade6552031ca2e8d3af9b3a1393bdc11b39dcb8176c41f4e5fb678c

Request headers

Referer: https://telegram-vhod.ru/wp-content/cache/min/1/966024772180d69f3b916de1146e9004.css
Origin: https://telegram-vhod.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:19 GMT
cf-cache-status: BYPASS
last-modified: Wed, 17 Nov 2021 08:58:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.21
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lN6su5zd1T1oH2l5ICCPWRPAW8xpN8LjjbdfhlTk68hvZDQr8O62Ccqy1eO5JarwGeQTU2h%2F6bCptb79E%2BsJjkBpJlJhNPKx0Jc2PDEu%2FbiH3JVEh3TUUDVL%2BJ4BTjCumEyb"}],"group":"cf-nel","max_age":604800}
content-type: (null)
ddg-cache-status: MISS
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8b6e08556aa591d8-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ 9 KB
10 KB 114ms
27ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

573686b2c958c4fbc7f25726f642ddb0e120971b805c8ff8cd341d98fd1c57ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://telegram-vhod.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 13:57:56 GMT
x-content-type-options: nosniff
age: 116782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9684
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 13:57:56 GMT

GET
DATA 200
OK truncated
/ 246 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc20346a0456f04877b3ca1e36c1dcf68a4ca16994dfb91bf92cc1992d9e898b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 telegram-logo-512x512-1-e1637222553602.png
telegram-vhod.ru/wp-content/uploads/2021/11/ 57 KB
57 KB 273ms
273ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://telegram-vhod.ru/wp-content/uploads/2021/11/telegram-logo-512x512-1-e1637222553602.png
Requested by: Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.21
Resource Hash: 139c1c2356cec576f73f5faf70450730255a38e017ec75ad6941d9ffb47a228e

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.2.21
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Thu, 18 Nov 2021 08:03:22 GMT
server: cloudflare
etag: "44fca8de3f6067e38daf647051d9ee16"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z1ciwqpIQuC0dKYoDjO9I5dUM2W8QbF1CX8HmOx26DFGKihPowgG43xnaQk31eNDpJvEIvda9fHvoe9yQepGt2pY5%2FtqR8BK7U6fpvJzCy%2FRCcA%2FAbBYigkR73R3ogXtqfl0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
ddg-cache-status: MISS
cache-control: public, max-age=2592000
cf-ray: 8b6e08574c4791d8-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 telegram-logo-1024x576.png
telegram-vhod.ru/wp-content/uploads/2021/11/ 42 KB
42 KB 315ms
315ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://telegram-vhod.ru/wp-content/uploads/2021/11/telegram-logo-1024x576.png
Requested by: Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.21
Resource Hash: 74c851e7990d3fb2b90902387d047501c8c744489835a101cf0dfb001807a0aa

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.2.21
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Thu, 18 Nov 2021 07:53:22 GMT
server: cloudflare
etag: "1b99243c825334883356a35c4b0d6ac4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KTPZ%2BYDQdKDnoDo066GzzG3pH0HxW8NBdD0Di9b1OJvhXaHo7qlK3DpQx2nWLl7wpMzduJQqm82qEX8pOloAiKgdmZvLhKMj0fhlEKQmsoZ9z3i8zM%2BPV2cShr9%2F%2BBVkyVr0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
ddg-cache-status: MISS
cache-control: public, max-age=2592000
cf-ray: 8b6e08574c4a91d8-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 telegram-vector-logo-ikonka-kartinka-v-vektore.jpeg
telegram-vhod.ru/wp-content/uploads/2021/11/ 12 KB
13 KB 340ms
339ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://telegram-vhod.ru/wp-content/uploads/2021/11/telegram-vector-logo-ikonka-kartinka-v-vektore.jpeg
Requested by: Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.21
Resource Hash: 11bf84fea7308f566632bc488abe3917347230dbb64c9c71fc71703b1ad1c1d8

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.2.21
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Thu, 18 Nov 2021 07:19:39 GMT
server: cloudflare
etag: "2bcd59add746e7f392f5d3e36c9912f7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h5nEM9hZA%2BUbNQTeaIXgIBZbYa9%2FdDYbbRsNp9KgFbPOgfH63txFHRVUPZWPus%2FMcEowTGEVRymJu2vnvu5gHwjZG3M8ytCZ9jrCp%2F5EWMDOnrQQDDfsOyz2Y2%2Fehp6OdKvI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
ddg-cache-status: MISS
cache-control: public, max-age=2592000
cf-ray: 8b6e08574c4c91d8-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 favicon.ico
telegram-vhod.ru/ 2 KB
3 KB 74ms
74ms Other
image/x-icon 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://telegram-vhod.ru/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 504b4621e486970f8c1721d5297561c9f33296f516c83fbb33a0ff3f4f7c1357

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:19 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 02 Sep 2023 11:44:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BxkhaOE8lA2xYIEiES8bdJ9Nk%2BodeelcKTvrDfP%2BIbgCQhZ%2F%2BUEet3ScMymWELJxr7jAHUhw%2Biji%2FLveqq9cIMPiVE5SfS%2FRqmKRnz%2Beu0FUF07Fy0NCZtFH%2FrUifvBn5hhj"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
ddg-cache-status: HIT
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b6e08597e6191d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2401

GET
H2 200 prebid.js Show response
cdn.alfasense.net/lib/ 221 KB
83 KB 23ms
22ms Script
application/javascript 5.101.37.37
EDGEAMLLC

General

Check archive.org

Download Go to

Full URL

https://cdn.alfasense.net/lib/prebid.js

Requested by

Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/wp-content/cache/min/1/lib/alfadart.lib.min.js?ver=1659686678

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM),

Reverse DNS

Software

nginx /

Resource Hash

7f408604ae1d507f1d29efd9f57e54d6485d03bf5443b56b20a4d8b55a6c2868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';frame-src 'self';
Strict-Transport-Security	max-age=5; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:19 GMT
strict-transport-security: max-age=5; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none';frame-src 'self';
content-encoding: gzip
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
x-cached-since: 2024-08-21T22:23:32+00:00
cross-origin-resource-policy: cross-origin
x-node: am4-up-gc94
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 10:57:02 GMT
server: nginx
cross-origin-opener-policy: same-origin-allow-popups
etag: W/"65f2d7fe-37314"
expect-ct: max-age=3600, enforce
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=60
cache: HIT
permissions-policy: geolocation=(self), payment=(self)

GET
H/1.1 204
No Content pixeljs Show response
cs.alfasense.com/ 0
355 B 212ms
72ms Script
text/plain 23.111.100.20
UNITEDNET

General

Check archive.org

Download Go to

Full URL: https://cs.alfasense.com/pixeljs
Requested by: Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/wp-content/cache/min/1/lib/alfadart.lib.min.js?ver=1659686678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.100.20 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 22:24:19 GMT
Access-Control-Allow-Credentials: true
X-Host: 23.111.100.20
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE

GET
H2

200

aotm.js Show response
sync.dmp.otm-r.com/match/
Redirect Chain

https://sync.dmp.otm-r.com/match/aotm.js
https://sync.dmp.otm-r.com/match/aotm.js?otcm_check=1724279059

4 KB
5 KB

93ms
92ms

Script
application/javascript

195.201.152.105
HETZNER-AS

General

Check archive.org

Download Go to

Full URL: https://sync.dmp.otm-r.com/match/aotm.js?otcm_check=1724279059
Protocol: H2
Server: 195.201.152.105 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.152.201.195.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: b1b583f3556253b501a0a4c77f0bd1ba754456cf6d7dc169b7ef05871ef57918

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Aug 2024 22:24:19 GMT
server: nginx/1.17.6
content-type: application/javascript

Redirect headers

access-control-allow-origin: *
location: /match/aotm.js?otcm_check=1724279059
date: Wed, 21 Aug 2024 22:24:19 GMT
server: nginx/1.17.6
content-length: 59
content-type: text/html; charset=utf-8

GET
H2 200 topicsapi.html
onetag-sys.com/static/ Frame 615B 0
0 137ms
56ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Download Go to

Full URL

https://onetag-sys.com/static/topicsapi.html?bidder=onetag

Requested by

Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://telegram-vhod.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: public, max-age=2628000, immutable
content-encoding: gzip
content-length: 566
content-type: text/html
expires: Mon, 01 Jan 2046 12:34:56 GMT
strict-transport-security: max-age=15552000
vary: accept-encoding

GET
H2 200 topics.html
hb.360yield.com/privacy-sandbox/ Frame FC67 0
0 137ms
37ms Document
text/html 54.230.228.27
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://hb.360yield.com/privacy-sandbox/topics.html?bidder=improvedigital
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://telegram-vhod.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 223
cache-control: max-age=3600
content-length: 840
content-type: text/html
date: Wed, 21 Aug 2024 22:20:40 GMT
etag: "df731667f516cd61f16f3bc51bc7022f"
last-modified: Thu, 14 Mar 2024 16:48:35 GMT
server: AmazonS3
via: 1.1 7b7e33ce27dedf9c28b39ecc0309b556.cloudfront.net (CloudFront)
x-amz-cf-id: 4rhp9-vPYOMSaCVbXgOBGQp-H6iu_2Nei6x-wjSODHQgoYTz625hSw==
x-amz-cf-pop: MUC50-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: kpEupr6y3cwJy6IieEVrXoWKzFeDpUx4
x-cache: Hit from cloudfront

GET
H2 200 topics_frame.html
pa.openx.net/ Frame 677B 0
0 93ms
35ms Document
text/html 34.36.214.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://pa.openx.net/topics_frame.html?bidder=openx
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.214.36.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Referer: https://telegram-vhod.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=3600
content-length: 1036
content-type: text/html; charset=utf-8
date: Wed, 21 Aug 2024 21:36:29 GMT
etag: "c5379e35e267deacc52e06ed0f5fa81f"
last-modified: Mon, 22 Jan 2024 14:38:43 GMT
server: UploadServer
supports-loading-mode: fenced-frame
vary: Origin
x-allow-fledge: true
x-goog-generation: 1705934323795552
x-goog-hash: crc32c=eLLIGA== md5=xTeeNeJn3qzFLgbtD1+oHw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1036
x-guploader-uploadid: AHxI1nMc3KlA7RpRAXuxtBpUqKhbddfWffGw0TDmWPE4Ise1r_p_dW5zilhHs6biPFDNVB3JDng

GET
H2 200 taboola-prebid-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame A006 0
0 168ms
58ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/topics/taboola-prebid-browsing-topics.html?bidder=taboola
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://telegram-vhod.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

abp: 71
accept-ranges: bytes
access-control-allow-origin: *
age: 68
cache-control: private,max-age=31536000
content-encoding: gzip
content-length: 539
content-type: text/html
date: Wed, 21 Aug 2024 22:24:19 GMT
etag: "3a04a0889d22f29ff26db71b6559fec1"
last-modified: Tue, 20 Feb 2024 14:00:18 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: nR1i/ME0WPE20JSwaMuR4OlKtsvjL7tKrgRQ9u1mX2fCwHiO8GlUYU3g47KS8O3foNX1ER4WyIA=
x-amz-replication-status: COMPLETED
x-amz-request-id: Y8ZW8T9P44NKGQD6
x-amz-server-side-encryption: AES256
x-amz-version-id: x9X4oBHDSMJ3A3AgD4XG8_3AHqwdsw1t
x-cache: HIT
x-cache-hits: 26
x-served-by: cache-mad22048-MAD
x-timer: S1724279060.717275,VS0,VE0

GET 1x1.png
v.alfasrv.com/stats/ 0
0

GET
H/1.1 200
OK 1x1.png
v.alfasrv.com/stats/ 95 B
397 B 253ms
94ms Image
image/png 84.201.179.252
YANDEXCLOUD

General

Check archive.org

Download Go to Show image

Full URL: https://v.alfasrv.com/stats/1x1.png?s=51052&e=r&t=p
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.201.179.252 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 22:24:19 GMT
Last-Modified: Wednesday, 21-Aug-2024 22:24:19 GMT
Server: nginx/1.14.1
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95

GET 1x1.png
v.alfasrv.com/stats/ 0
0

GET
H/1.1 200
OK 1x1.png
v.alfasrv.com/stats/ 95 B
397 B 94ms
94ms Image
image/png 84.201.179.252
YANDEXCLOUD

General

Check archive.org

Download Go to Show image

Full URL: https://v.alfasrv.com/stats/1x1.png?s=51056&e=r&t=p
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.201.179.252 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 22:24:19 GMT
Last-Modified: Wednesday, 21-Aug-2024 22:24:19 GMT
Server: nginx/1.14.1
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95

GET
H/1.1 200
OK 1x1.png
v.alfasrv.com/stats/ 95 B
397 B 175ms
80ms Image
image/png 84.201.179.252
YANDEXCLOUD

General

Check archive.org

Download Go to Show image

Full URL: https://v.alfasrv.com/stats/1x1.png?s=51058&e=r&t=p
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.201.179.252 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 22:24:19 GMT
Last-Modified: Wednesday, 21-Aug-2024 22:24:19 GMT
Server: nginx/1.14.1
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95

GET
H/1.1 200
OK 1x1.png
v.alfasrv.com/stats/ 95 B
397 B 241ms
76ms Image
image/png 84.201.179.252
YANDEXCLOUD

General

Check archive.org

Download Go to Show image

Full URL: https://v.alfasrv.com/stats/1x1.png?s=51059&e=r&t=p
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.201.179.252 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 22:24:20 GMT
Last-Modified: Wednesday, 21-Aug-2024 22:24:20 GMT
Server: nginx/1.14.1
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95

OPTIONS
H2 204 prebid
ssp.hybrid.ai/auction/ Frame 0
0 83ms
31ms Preflight 37.230.131.17
HYBRID-POLAND

General

Check archive.org

Download Go to

Full URL: https://ssp.hybrid.ai/auction/prebid
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://telegram-vhod.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://telegram-vhod.ru
date: Wed, 21 Aug 2024 22:24:19 GMT
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server: Hybrid Web Server
vary: Origin

OPTIONS
H2 204 prebid
ssp.hybrid.ai/auction/ Frame 0
0 84ms
37ms Preflight 37.230.131.17
HYBRID-POLAND

General

Check archive.org

Download Go to

Full URL: https://ssp.hybrid.ai/auction/prebid
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://telegram-vhod.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://telegram-vhod.ru
date: Wed, 21 Aug 2024 22:24:19 GMT
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server: Hybrid Web Server
vary: Origin

OPTIONS
H2 204 prebid
ssp.hybrid.ai/auction/ Frame 0
0 83ms
37ms Preflight 37.230.131.17
HYBRID-POLAND

General

Check archive.org

Download Go to

Full URL: https://ssp.hybrid.ai/auction/prebid
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://telegram-vhod.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://telegram-vhod.ru
date: Wed, 21 Aug 2024 22:24:19 GMT
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server: Hybrid Web Server
vary: Origin

OPTIONS
H2 204 prebid
ssp.hybrid.ai/auction/ Frame 0
0 82ms
37ms Preflight 37.230.131.17
HYBRID-POLAND

General

Check archive.org

Download Go to

Full URL: https://ssp.hybrid.ai/auction/prebid
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://telegram-vhod.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://telegram-vhod.ru
date: Wed, 21 Aug 2024 22:24:19 GMT
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server: Hybrid Web Server
vary: Origin

GET
H2 200 adjson Show response
ssp.otm-r.com/ 2 B
302 B 240ms
88ms Fetch
application/javascript 194.55.244.183
PROCLOUD PROCLOUD...

General

Check archive.org

Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=-120&w=970&h=90&domain=telegram-vhod.ru&l=https%3A%2F%2Ftelegram-vhod.ru%2F&s=3371&cur=RUB&bidid=23dcc2401692fc&transactionid=&auctionid=&bidfloor=0
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.183 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:19 GMT
server: nginx/1.23.2
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://telegram-vhod.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

POST
H/1.1 204
No Content prebid Show response
ssp-rtb.sape.ru/ 0
711 B 236ms
92ms Fetch
application/octet-stream 193.3.184.25
QWARTA

General

Check archive.org

Download Go to

Full URL: https://ssp-rtb.sape.ru/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.25 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 21 Aug 2024 22:24:19 GMT
Accept-Encoding: gzip, identity
Server: openresty
X-YaTraceId: 4b0fbd57b76745e88fe6ab7238c88ec2
X-YaRequestId: 9d5c25e028f24f698bb11b1b42e86d68
Access-Control-Allow-Methods: POST
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://telegram-vhod.ru
X-YaSpanId: 341ce25ce38e7970
Access-Control-Allow-Credentials: true
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 204 prebid Show response
ssp.hybrid.ai/auction/ 0
210 B 134ms
40ms Fetch 37.230.131.17
HYBRID-POLAND

General

Check archive.org

Download Go to

Full URL: https://ssp.hybrid.ai/auction/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://telegram-vhod.ru
date: Wed, 21 Aug 2024 22:24:19 GMT
access-control-allow-credentials: true
server: Hybrid Web Server
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

GET
H2 200 adjson Show response
ssp.otm-r.com/ 2 B
301 B 238ms
93ms Fetch
application/javascript 194.55.244.183
PROCLOUD PROCLOUD...

General

Check archive.org

Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=-120&w=970&h=90&domain=telegram-vhod.ru&l=https%3A%2F%2Ftelegram-vhod.ru%2F&s=3371&cur=RUB&bidid=8005328abf6d15&transactionid=&auctionid=&bidfloor=0
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.183 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:19 GMT
server: nginx/1.23.2
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://telegram-vhod.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

POST
H/1.1 204
No Content prebid Show response
ssp-rtb.sape.ru/ 0
711 B 211ms
76ms Fetch
application/octet-stream 193.3.184.25
QWARTA

General

Check archive.org

Download Go to

Full URL: https://ssp-rtb.sape.ru/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.25 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 21 Aug 2024 22:24:19 GMT
Accept-Encoding: gzip, identity
Server: openresty
X-YaTraceId: 10f35b06776b4191b253627df09c6383
X-YaRequestId: 25039d6ed1c24f6c8c46959c268e82f7
Access-Control-Allow-Methods: POST
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://telegram-vhod.ru
X-YaSpanId: 22d70abf021ca2d2
Access-Control-Allow-Credentials: true
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 204 prebid Show response
ssp.hybrid.ai/auction/ 0
210 B 122ms
34ms Fetch 37.230.131.17
HYBRID-POLAND

General

Check archive.org

Download Go to

Full URL: https://ssp.hybrid.ai/auction/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://telegram-vhod.ru
date: Wed, 21 Aug 2024 22:24:19 GMT
access-control-allow-credentials: true
server: Hybrid Web Server
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

POST
H2 204 prebid Show response
ssp.hybrid.ai/auction/ 0
210 B 121ms
33ms Fetch 37.230.131.17
HYBRID-POLAND

General

Check archive.org

Download Go to

Full URL: https://ssp.hybrid.ai/auction/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://telegram-vhod.ru
date: Wed, 21 Aug 2024 22:24:19 GMT
access-control-allow-credentials: true
server: Hybrid Web Server
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

GET
H2 200 adjson Show response
ssp.otm-r.com/ 2 B
301 B 232ms
89ms Fetch
application/javascript 194.55.244.183
PROCLOUD PROCLOUD...

General

Check archive.org

Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&domain=telegram-vhod.ru&l=https%3A%2F%2Ftelegram-vhod.ru%2F&s=3371&cur=RUB&bidid=16b5262df88fb45&transactionid=&auctionid=&bidfloor=0
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.183 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:19 GMT
server: nginx/1.23.2
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://telegram-vhod.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

POST
H/1.1 204
No Content prebid Show response
ssp-rtb.sape.ru/ 0
711 B 232ms
97ms Fetch
application/octet-stream 193.3.184.25
QWARTA

General

Check archive.org

Download Go to

Full URL: https://ssp-rtb.sape.ru/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.25 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 21 Aug 2024 22:24:19 GMT
Accept-Encoding: gzip, identity
Server: openresty
X-YaTraceId: bb800fbda58f446ab56e6aec7db7d718
X-YaRequestId: 7b8d9345c2824d7bba578d37324179b6
Access-Control-Allow-Methods: POST
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://telegram-vhod.ru
X-YaSpanId: 0737bcca0db4b547
Access-Control-Allow-Credentials: true
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 adjson Show response
ssp.otm-r.com/ 2 B
301 B 232ms
89ms Fetch
application/javascript 194.55.244.183
PROCLOUD PROCLOUD...

General

Check archive.org

Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&domain=telegram-vhod.ru&l=https%3A%2F%2Ftelegram-vhod.ru%2F&s=3371&cur=RUB&bidid=202cf2758800be6&transactionid=&auctionid=&bidfloor=0
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.183 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:19 GMT
server: nginx/1.23.2
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://telegram-vhod.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

POST
H2 204 prebid Show response
ssp.hybrid.ai/auction/ 0
211 B 120ms
32ms Fetch 37.230.131.17
HYBRID-POLAND

General

Check archive.org

Download Go to

Full URL: https://ssp.hybrid.ai/auction/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://telegram-vhod.ru
date: Wed, 21 Aug 2024 22:24:19 GMT
access-control-allow-credentials: true
server: Hybrid Web Server
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

POST
H/1.1 204
No Content prebid Show response
ssp-rtb.sape.ru/ 0
711 B 241ms
97ms Fetch
application/octet-stream 193.3.184.25
QWARTA

General

Check archive.org

Download Go to

Full URL: https://ssp-rtb.sape.ru/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.25 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 21 Aug 2024 22:24:19 GMT
Accept-Encoding: gzip, identity
Server: openresty
X-YaTraceId: 6d8815bfd3e04b89983917db064de051
X-YaRequestId: 5f59cd09014249449455c510dd979ea2
Access-Control-Allow-Methods: POST
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://telegram-vhod.ru
X-YaSpanId: 7d6d29d75eb6e7d3
Access-Control-Allow-Credentials: true
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

404

o_BQqrV2Rz-Bs876vv_hcA
an.yandex.ru/setud/mts_banner/
Redirect Chain

https://sm.rtb.mts.ru/p?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&ssp=otmvid
https://vma.mts.ru/match/second?ssp=26&exu=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=a3f050aa-b576-473f-81b3-cefabeffe170&redirect_return_url=https%3A%2F%2Fan.yandex.ru%2Fsetu...
https://6863072591724279060340.cm.a.mts.ru/cm/match?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=a3f050aa-b576-473f-81b3-cefabeffe170&redirect_return_url=https://a...
https://an.yandex.ru/setud/mts_banner/o_BQqrV2Rz-Bs876vv_hcA?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D26%26em%3D0&sign=601428009

43 B
102 B

138ms
138ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/o_BQqrV2Rz-Bs876vv_hcA?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D26%26em%3D0&sign=601428009

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 21 Aug 2024 22:24:20 GMT
content-encoding: gzip
last-modified: Wed, 21 Aug 2024 22:24:20 GMT
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 21 Aug 2024 22:24:20 GMT

Redirect headers

date: Wed, 21 Aug 2024 22:24:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains
server: QRATOR
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age: 3600
access-control-allow-methods: GET,POST,OPTIONS
location: https://an.yandex.ru/setud/mts_banner/o_BQqrV2Rz-Bs876vv_hcA?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D26%26em%3D0&sign=601428009
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-Forwarded-For
content-length: 0

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/7493/i/
Redirect Chain

https://dmg.digitaltarget.ru/1/7493/i/i?a=656&e=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&i=123
https://dmg.digitaltarget.ru/awg/custom/7493/i/i?call_source=awg&ts=1724279059929&a=656&e=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&i=123

49 B
555 B

63ms
63ms

Image
image/gif

185.15.175.145
SAFEDATA Uplinks

General

Check archive.org

Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/7493/i/i?call_source=awg&ts=1724279059929&a=656&e=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&i=123

Protocol

HTTP/1.1

Server

185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 22:24:19 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 49
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Wed, 21 Aug 2024 22:24:19 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Location: https://dmg.digitaltarget.ru/awg/custom/7493/i/i?call_source=awg&ts=1724279059929&a=656&e=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&i=123
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

204

yandex_dsp_new
sync.dmp.otm-r.com/match/
Redirect Chain

https://an.yandex.ru/mapuid/videonowssp/
https://yandex.ru/an/mapuid/videonowssp/?redir-setuniq=1
https://sync.dmp.otm-r.com/match/yandex_dsp_new?id=5FC71C25C7A98F35

0
152 B

98ms
97ms

Image
text/plain

195.201.152.105
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/yandex_dsp_new?id=5FC71C25C7A98F35
Protocol: H2
Server: 195.201.152.105 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.152.201.195.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Aug 2024 22:24:20 GMT
server: nginx/1.17.6

Redirect headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Aug 2024 22:24:20 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1724279060211801-11674660923893950368-njdtmyuhjt74j2av-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
location: https://sync.dmp.otm-r.com/match/yandex_dsp_new?id=5FC71C25C7A98F35
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 21 Aug 2024 22:24:20 GMT

GET
H2

204

solta_banner_video
sync.dmp.otm-r.com/match/
Redirect Chain

https://kimberlite.io/rtb/sync/otm?u=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZsZpE8No1Us
https://vma.mts.ru/match/second?ssp=59&exu=ZsZpE8No1Us
https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=a3f050aa-b576-473f-81b3-cefabeffe170&redirect_return_url=https%3A%2F%2Fexchange.buzzoola.c...
https://8232351891724279060340.cm.a.mts.ru/cm/match?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=a3f050aa-b576-473f-81b3-cefabeffe170&redirect_return_url=https://e...
https://exchange.buzzoola.com/cookiesync/dsp/stream-banner?uid=a3f050aa-b576-473f-81b3-cefabeffe170&url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D4%26ssp%3Dbuzzoola%26id%3D%24%7BUUID%7D
https://exchange.buzzoola.com/cookiesync/dsp/stream-banner?set_buzzoola_cookie=t&uid=a3f050aa-b576-473f-81b3-cefabeffe170&url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D4%26ssp%3Dbuzzoola%26i...
https://vma.mts.ru/em?next=59&em=4&ssp=buzzoola&id=05c3b8ab-2587-4b13-5c57-520d7bb6d820
https://kimberlite.io/rtb/sync/mts?u=a3f050aa-b576-473f-81b3-cefabeffe170
https://solta-sync.rutarget.ru/sync
https://kimberlite.io/rtb/sync/segmento?u=KHhRqvvB6uMO
https://sync.dmp.otm-r.com/match/solta_banner_video?id=ZsZpE8No1Uo

0
152 B

114ms
113ms

Image
text/plain

195.201.152.105
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/solta_banner_video?id=ZsZpE8No1Uo
Protocol: H2
Server: 195.201.152.105 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.152.201.195.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Aug 2024 22:24:21 GMT
server: nginx/1.17.6

Redirect headers

Date: Wed, 21 Aug 2024 22:24:21 GMT
referrer-policy: no-referrer
Server: nginx
access-control-allow-origin: *
location: https://sync.dmp.otm-r.com/match/solta_banner_video?id=ZsZpE8No1Uo
cache-control: no-store
access-control-allow-credentials: true
Connection: keep-alive
server-timing: app;srv=0;dur=0.0003
Content-Length: 0

GET
H2 204 sync
a.utraff.com/ 0
745 B 143ms
62ms Image
text/plain 2606:4700:20::681a:6bd
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=2960&id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UmQy9yxDQDEQvu8wW1azdaTm46oGOS3UFBPCukb6EKOdNaXF3KVIQ2nZ31L8agoC5Fiy9eUcylsqzvm2zA1Wa%2BM1wV3RiC6xTO25I2hKxrA2OhZF6gQlN%2B8HyIpLaxzkrok%2BpMJ8ZxGj6A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 8b6e085cca909f23-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK cm
match.ohmy.bid/ 44 B
463 B 202ms
54ms Image
image/gif 167.235.10.91
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://match.ohmy.bid/cm?ssp=otm&redirect_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fohmybids_new%3Fid%3D%7Buid%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 167.235.10.91 Bühl, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.91.10.235.167.clients.your-server.de
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 22:24:20 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Credentials: true
Connection: keep-alive
Bidder: bid-16 1.1668.8b7ca43a
Content-Length: 58

GET
H2 200 set
sync.rambler.ru/ 0
97 B 203ms
67ms Image
text/plain 87.242.127.163
CLOUDRU-AS

General

Check archive.org

Download Go to Show image

Full URL

https://sync.rambler.ru/set?partner_id=ac24647d-6dd5-45f2-9616-a0eba04cfd13&id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.242.127.163 , Russian Federation, ASN208677 (CLOUDRU-AS, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-sca-elb: ext
content-length: 0

GET
H2

200

/
tms.dmp.wi-fi.ru/
Redirect Chain

https://sync.programmatica.com/match/OTM?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
https://sync.programmatica.com/match/OTM?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&chk=1
https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&prog_id=NjgyNjEwZjQwNTZmZjc1ZQ

35 B
603 B

274ms
115ms

Image
image/gif

91.220.120.9
MAXIMATELECOM

General

Check archive.org

Download Go to Show image

Full URL: https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&prog_id=NjgyNjEwZjQwNTZmZjc1ZQ
Protocol: H2
Server: 91.220.120.9 , Russian Federation, ASN202173 (MAXIMATELECOM, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:20 GMT
server: nginx
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With
content-length: 35
expires: 0

Redirect headers

location: https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&prog_id=NjgyNjEwZjQwNTZmZjc1ZQ
date: Wed, 21 Aug 2024 22:24:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0

GET
H2

204

vihub1
sync.dmp.otm-r.com/match/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=42919&callback_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fvihub1%3Fid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=42919&callback_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fvihub1%3Fid%3D%24%7BUSER_ID%7D&crf=1&rts=8042008082149841578
https://sync.dmp.otm-r.com/match/vihub1?id=b561a65c-e1b3-52eb-8d32-c8adebf4a1b9

0
152 B

53ms
53ms

Image
text/plain

195.201.152.105
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/vihub1?id=b561a65c-e1b3-52eb-8d32-c8adebf4a1b9
Protocol: H2
Server: 195.201.152.105 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.152.201.195.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Aug 2024 22:24:20 GMT
server: nginx/1.17.6

Redirect headers

location: https://sync.dmp.otm-r.com/match/vihub1?id=b561a65c-e1b3-52eb-8d32-c8adebf4a1b9
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET otmrtb-sync
rtb.com.ru/ 0
0

GET
H2

204

0.gif
x01.aidata.io/
Redirect Chain

https://cs.agency2.ru/p?ssp=ai
https://x01.aidata.io/0.gif?pid=7140034&id=abb81910-bfbf-442b-891f-133419037e47
https://x01.aidata.io/0.gif?pid=7140034&id=abb81910-bfbf-442b-891f-133419037e47&bounce=1

0
434 B

71ms
71ms

Image
text/plain

89.108.120.76
AS-REG

General

Check archive.org

Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=7140034&id=abb81910-bfbf-442b-891f-133419037e47&bounce=1
Protocol: H2
Server: 89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51804.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:20 GMT
last-modified: Wed, 21 Aug 2024 22:24:19 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Wed, 21 Aug 2024 22:24:19 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:20 GMT
last-modified: Wed, 21 Aug 2024 22:24:19 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://x01.aidata.io/0.gif?pid=7140034&id=abb81910-bfbf-442b-891f-133419037e47&bounce=1
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Wed, 21 Aug 2024 22:24:19 GMT

GET
H2 200 cm
sp.ohmy.bid/ 44 B
189 B 197ms
49ms Image
image/gif 167.235.9.235
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://sp.ohmy.bid/cm?dsp_id=48&uid=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 167.235.9.235 Bühl, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.235.9.235.167.clients.your-server.de
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:20 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx
bidder: bid-03 1.1668.8b7ca43
content-length: 58
content-type: image/gif

GET
H2 200 p
s.suprion.ru/ 807 B
252 B 413ms
81ms Image
image/gif 213.248.44.211
DINET-AS

General

Check archive.org

Download Go to Show image

Full URL: https://s.suprion.ru/p?source=otm&id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.248.44.211 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:20 GMT
content-encoding: gzip
server: nginx
content-length: 60
content-type: image/gif

GET
H2 200 p
7405722167825297297-otm.ops.beeline.ru/ 35 B
454 B 418ms
87ms Image
image/gif 37.9.245.57
BEE-AS Russia

General

Check archive.org

Download Go to Show image

Full URL: https://7405722167825297297-otm.ops.beeline.ru/p?ssp=otm&id=7405722167825297297
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.9.245.57 , Russian Federation, ASN16345 (BEE-AS Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:20 GMT
x-route: http://upstream_cookiesync
server: nginx
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-host: 192.168.152.31
access-control-allow-headers: authorization
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 csync
ads.adlook.me/ 43 B
43 B 276ms
79ms Image
application/json 176.122.21.226
ITGRAD

General

Check archive.org

Download Go to Show image

Full URL: https://ads.adlook.me/csync?pid=otm&uid=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.122.21.226 , Russian Federation, ASN48096 (ITGRAD, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:20 GMT
server: Microsoft-IIS/10.0
content-length: 43
content-type: application/json

GET
H2 200 NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
an.yandex.ru/mapuid/otmrtbis/ 43 B
266 B 114ms
113ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/otmrtbis/NjZjNjY5MTMwZTc2NmY5MQ%3D%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Aug 2024 22:24:20 GMT
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 21 Aug 2024 22:24:20 GMT

GET
H2 200 stable
sync.otm-r.com/match/ 0
242 B 240ms
69ms Image
text/plain 194.55.244.195
PROCLOUD PROCLOUD...

General

Check archive.org

Download Go to Show image

Full URL: https://sync.otm-r.com/match/stable?mpid=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.55.244.195 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Aug 2024 22:24:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server: nginx/1.23.4
content-length: 0
vary: Origin

GET
H/1.1

204
No Content

otm
ssp.al-adtech.com/api/openrtb/match/
Redirect Chain

https://ssp.al-adtech.com/api/sync/otm
https://sync.dmp.otm-r.com/match/astralab?id=754c7141-ad87-4d47-9fd6-f40feebfa96e
https://ssp.al-adtech.com/api/openrtb/match/otm?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D

0
195 B

93ms
92ms

Image
text/plain

45.139.25.124
PROCLOUD PROCLOUD...

General

Check archive.org

Download Go to Show image

Full URL: https://ssp.al-adtech.com/api/openrtb/match/otm?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
Protocol: HTTP/1.1
Server: 45.139.25.124 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
Date: Wed, 21 Aug 2024 22:24:20 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.20.1
Connection: keep-alive
Vary: Origin

Redirect headers

access-control-allow-origin: *
location: https://ssp.al-adtech.com/api/openrtb/match/otm?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
date: Wed, 21 Aug 2024 22:24:20 GMT
server: nginx/1.17.6
content-length: 102
content-type: text/html; charset=utf-8

GET
H2 204 match
dm-eu.hybrid.ai/ 0
284 B 105ms
16ms Image
text/plain 37.230.131.16
HYBRID-POLAND

General

Check archive.org

Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=137&burl=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fhybrid%3Fid%3D%24%7BVID%7D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.16 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:20 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://telegram-vhod.ru
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 560
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 cs
rtb.moe.video/ 0
177 B 284ms
79ms Image
text/plain 188.124.47.12
SELECTEL

General

Check archive.org

Download Go to Show image

Full URL

https://rtb.moe.video/cs?d=12&b=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.124.47.12 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

GET
H2 200 OTM_video
sync.opendsp.ru/match/ 43 B
157 B 239ms
95ms Image
image/gif 185.175.47.157
SELECTEL-MSK

General

Check archive.org

Download Go to Show image

Full URL

https://sync.opendsp.ru/match/OTM_video?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.175.47.157 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
content-length: 43
content-type: image/gif

GET
H2

204

weborama
sync.dmp.otm-r.com/match/
Redirect Chain

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fweborama%3Fid%3D{WEBO_CID}
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fweborama%3Fid%3D%7BWEBO_CID%7D&bounce=1&random=3916398465
https://sync.dmp.otm-r.com/match/weborama?id=22g4jjYW3HUDQtUTLVm1xu

0
152 B

50ms
50ms

Image
text/plain

195.201.152.105
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/weborama?id=22g4jjYW3HUDQtUTLVm1xu
Protocol: H2
Server: 195.201.152.105 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.152.201.195.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Aug 2024 22:24:20 GMT
server: nginx/1.17.6

Redirect headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:20 GMT
via: 1.1 google
last-modified: Wed, 21 Aug 2024 22:24:20 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://sync.dmp.otm-r.com/match/weborama?id=22g4jjYW3HUDQtUTLVm1xu
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

204

bazzoola
sync.dmp.otm-r.com/match/
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/videotarget?redirect_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fbazzoola%3Fid%3D%24%7BUUID%7D
https://sync.dmp.otm-r.com/match/bazzoola?id=e61dc380-47e9-4d77-6209-45a00f784442

0
152 B

50ms
50ms

Image
text/plain

195.201.152.105
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/bazzoola?id=e61dc380-47e9-4d77-6209-45a00f784442
Protocol: H2
Server: 195.201.152.105 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.152.201.195.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Aug 2024 22:24:20 GMT
server: nginx/1.17.6

Redirect headers

location: https://sync.dmp.otm-r.com/match/bazzoola?id=e61dc380-47e9-4d77-6209-45a00f784442
date: Wed, 21 Aug 2024 22:24:20 GMT
server: nginx
content-length: 104
serverid: TODO
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cm
match.ohmy.bid/ 44 B
294 B 37ms
37ms Image
image/gif 167.235.10.91
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://match.ohmy.bid/cm?dsp_id=95&uid=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 167.235.10.91 Bühl, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.91.10.235.167.clients.your-server.de
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 22:24:20 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Credentials: true
Connection: keep-alive
Bidder: bid-17 1.1668.8b7ca43a
Content-Length: 58

GET
H2

201

sync
a.utraff.com/
Redirect Chain

https://sync.opendsp.ru/match/otm_wl?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
https://sync.opendsp.ru/match/otm_wl?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&chk=1
https://sync.dmp.otm-r.com/match/open_ssp?id=NTBlMjY3N2QxNjUyODA2Ng
https://sync.opendsp.ru/match/otm_ex?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
https://ads.betweendigital.com/match?bidder_id=45814&callback_url=https%3A%2F%2Fsync.opendsp.ru%2Fmatch%2FBetween_ex%3Fid%3D%24%7BUSER_ID%7D
https://sync.opendsp.ru/match/Between_ex?id=b561a65c-e1b3-52eb-8d32-c8adebf4a1b9
https://a.utraff.com/sync?ssp=3368
https://sync.dmp.otm-r.com/match/umg
https://a.utraff.com/sync?dsp=OTM&buyerid=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D

0
275 B

38ms
38ms

Image
text/plain

2606:4700:20::681a:6bd
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://a.utraff.com/sync?dsp=OTM&buyerid=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
Protocol: H2
Server: 2606:4700:20::681a:6bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gtE6tZj9e%2FRTTy%2FYXvEzXdStP%2Fu7%2BcrvjF8K5SyUIcWMAmmd6ndmMzkYBR1KF4ARCJmLhJSyqsLRE9NZ%2FH8bAawGhXSMW746MuxQbYd2lVYGv7FtlO6muwCA0BrG%2F3pPcfRY5Dm7n3g8CA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 8b6e086509139f23-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

Redirect headers

access-control-allow-origin: *
location: https://a.utraff.com/sync?dsp=OTM&buyerid=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
date: Wed, 21 Aug 2024 22:24:21 GMT
server: nginx/1.17.6
content-length: 97
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content p
cs.alfasense.com/ 0
355 B 140ms
140ms Image
text/plain 23.111.100.20
UNITEDNET

General

Check archive.org

Download Go to Show image

Full URL: https://cs.alfasense.com/p?ssp=ot&id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.100.20 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 22:24:20 GMT
Access-Control-Allow-Credentials: true
X-Host: 23.111.100.20
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE

GET
H2

204

segmento
sync.dmp.otm-r.com/match/
Redirect Chain

https://videotarget-sync.rutarget.ru/sync
https://sync.dmp.otm-r.com/match/segmento?id=KHhRqvvB6uMO

0
152 B

138ms
138ms

Image
text/plain

195.201.152.105
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/segmento?id=KHhRqvvB6uMO
Protocol: H2
Server: 195.201.152.105 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.152.201.195.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Aug 2024 22:24:21 GMT
server: nginx/1.17.6

Redirect headers

Location: https://sync.dmp.otm-r.com/match/segmento?id=KHhRqvvB6uMO
Date: Wed, 21 Aug 2024 22:24:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2 201 sync
a.utraff.com/ 0
694 B 36ms
36ms Image
text/plain 2606:4700:20::681a:6bd
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://a.utraff.com/sync?dsp=OTM&buyerid=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lYLUZNuiekp9rJPxCDw6qdS4yZrFDrzd8G53Akul5eP8tyd3tTWn1E4SnNLYVh8Kh5jQYEaSp52%2BndlkLZNt9RxYKRndQ5x%2BnP3pYzNHyXZglmfDcTM8qF%2Fqy22cJvxw1iy%2B2TWJ5R7kkw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 8b6e0861be919f23-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2

204

https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fmgcomm%3Fid%3D%7BUID%7D
39d861a2-8083-48b1-bc40-e9b0fde6d7fb.sync.upravel.com/
Redirect Chain

https://sync.upravel.com/image?source=otm&id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&return_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fmgcomm%3Fid%3D%7BUID%7D
https://sync.upravel.com/image?source=otm&id=NjZjNjY5MTMwZTc2NmY5MQ%253D%253D&return_url=https%253A%252F%252Fsync.dmp.otm-r.com%252Fmatch%252Fmgcomm%253Fid%253D%257BUID%257D&session_tpt=eyJoZWFkZXJ...
https://39d861a2-8083-48b1-bc40-e9b0fde6d7fb.sync.upravel.com/image?source=otm&id=NjZjNjY5MTMwZTc2NmY5MQ%253D%253D&return_url=https%253A%252F%252Fsync.dmp.otm-r.com%252Fmatch%252Fmgcomm%253Fid%253D...
https://39d861a2-8083-48b1-bc40-e9b0fde6d7fb.sync.upravel.com/https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fmgcomm%3Fid%3D%7BUID%7D

0
40 B

67ms
66ms

Image
text/plain

148.251.237.106
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://39d861a2-8083-48b1-bc40-e9b0fde6d7fb.sync.upravel.com/https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fmgcomm%3Fid%3D%7BUID%7D
Protocol: H2
Server: 148.251.237.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: prod-hzeu-bidder-1.community.moscow
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:21 GMT
server: nginx

Redirect headers

date: Wed, 21 Aug 2024 22:24:21 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: http://39d861a2-8083-48b1-bc40-e9b0fde6d7fb.sync.upravel.com/https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fmgcomm%3Fid%3D%7BUID%7D
access-control-allow-origin: *
content-type: image/avif
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

204

snp
sync.dmp.otm-r.com/match/
Redirect Chain

https://sync.bumlam.com/?src=otm1&rurl=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fsnp%3Fid%3D%7BUID3%7D&uid=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
https://sync.bumlam.com/?src=otm1&s_data=CAIQARiV0pm2BjIuaHR0cHM6Ly9zeW5jLmRtcC5vdG0tci5jb20vbWF0Y2gvc25wP2lkPXtVSUQzfWIYTmpaak5qWTVNVE13WlRjMk5tWTVNUT09ogEQHOfz3GAMEe-bewAlkMgkNg**
https://sync.dmp.otm-r.com/match/snp?id=1ce7f3dc-600c-11ef-9b7b-002590c82436

0
152 B

78ms
78ms

Image
text/plain

195.201.152.105
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/snp?id=1ce7f3dc-600c-11ef-9b7b-002590c82436
Protocol: H2
Server: 195.201.152.105 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.152.201.195.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Aug 2024 22:24:21 GMT
server: nginx/1.17.6

Redirect headers

Date: Wed, 21 Aug 2024 22:24:21 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://sync.dmp.otm-r.com/match/snp?id=1ce7f3dc-600c-11ef-9b7b-002590c82436
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/1/7612/i/
Redirect Chain

https://sync.opendsp.ru/match/OTM_bannner?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
https://a.utraff.com/sync?ssp=3368
https://a.lotus-dsp.ru/sync?id=cab4b4fe-80b9-46b3-8ca4-5685fe18a798&ssp=UMG
https://dmg.digitaltarget.ru/1/7612/i/i?a=2367&e=95456856-f20e-4509-ac31-5428d9882e92&i=4499133008214209589

49 B
555 B

112ms
80ms

Image
image/gif

185.15.175.145
SAFEDATA Uplinks

General

Check archive.org

Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/1/7612/i/i?a=2367&e=95456856-f20e-4509-ac31-5428d9882e92&i=4499133008214209589

Protocol

HTTP/1.1

Server

185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 22:24:21 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 49
X-XSS-Protection: 1; mode=block

Redirect headers

date: Wed, 21 Aug 2024 22:24:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
location: https://dmg.digitaltarget.ru/1/7612/i/i?a=2367&e=95456856-f20e-4509-ac31-5428d9882e92&i=4499133008214209589
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SOnzljQ%2B%2FT40gK%2F%2BEGBKKgq8NssvPVeewpHreRgbq9g44Y1DfBb99CqPA5u3r3of587yL91eGmc73LVvw79RzGxb72Dt0lFN8h0%2B442D0Wn2tEStpOX3vFYHOMNHwiIbFA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 8b6e0863df235d4a-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc: h3=":443"; ma=86400

GET
H2

204

sape_stable
sync.dmp.otm-r.com/match/
Redirect Chain

https://www.acint.net/rmatch?dp=68&euid=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&r=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fsape_stable%3Fid%3D%24%7BUSER_ID%7D
https://www.acint.net/rmatch?r=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fsape_stable%3Fid%3D$%7BUSER_ID%7D&dp=68&tc=1&euid=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fsync.dmp.otm-r.com%252Fmatch%252Fsape_stable%253Fid%253D$%257BUSER_ID%2...
https://acint.net/rmatch?dp=14&euid=2903420A1369C6664E0680AF029C5F0B&r=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fsape_stable%3Fid%3D$%7BUSER_ID%7D
https://sync.dmp.otm-r.com/match/sape_stable?id=0900007F1469C6660B015B1402BE24C3

0
152 B

58ms
58ms

Image
text/plain

195.201.152.105
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape_stable?id=0900007F1469C6660B015B1402BE24C3
Protocol: H2
Server: 195.201.152.105 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.152.201.195.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Aug 2024 22:24:21 GMT
server: nginx/1.17.6

Redirect headers

date: Wed, 21 Aug 2024 22:24:21 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://sync.dmp.otm-r.com/match/sape_stable?id=0900007F1469C6660B015B1402BE24C3
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

counter2
top-fwz1.mail.ru/
Redirect Chain

https://x01.aidata.io/0.gif?pid=OTM&id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
https://px.adhigh.net/p/cm/aidata?u=ZRLdvwxINAJJQSSQoIEx9A&back=SYNC
https://px.adhigh.net/p/cm/aidata?u=ZRLdvwxINAJJQSSQoIEx9A&back=SYNC&bounced=1
https://x01.aidata.io/0.gif?pid=GETINTENT&id=5GJ3xq0Cs7G.AikABlGRdwp6ww&back=SYNC
https://counter.yadro.ru/id-redir/aidata.gif?back=SYNC
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=SYNC
https://sync.dmp.otm-r.com/match/aidata?back=SYNC&rp=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DOTM%26id%3D%7Bpid%7D
https://x01.aidata.io/0.gif?pid=OTM&id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&back=SYNC
https://sync.upravel.com/aidata/sync?back=SYNC
https://39d861a2-8083-48b1-bc40-e9b0fde6d7fb.sync.upravel.com/aidata/sync?back=SYNC&ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly90ZWxlZ3JhbS12aG9kLnJ1LyJdfX0
https://x01.aidata.io/0.gif?pid=MGCOM&id=39d861a2-8083-48b1-bc40-e9b0fde6d7fb&back=SYNC
https://an.yandex.ru/mapuid/dmpaidatame/ZRLdvwxINAJJQSSQoIEx9A?sign=591236166&location=https%3A//x01.aidata.io/0.gif%3Fpid%3DSYNC
https://x01.aidata.io/0.gif?pid=SYNC
https://cm.p.altergeo.ru/aidata?aid=ZRLdvwxINAJJQSSQoIEx9A&nc=2822&url=https%3A//x01.aidata.io/0.gif%3Fpid%3DALTERGEO%26id%3D%24%7BUSER_ID%7D%26rnd%3D%24%7BRANDOM%7D%26back%3DSYNC
https://x01.aidata.io/0.gif?pid=ALTERGEO&id=CMPR1mcwsDSEehCP4Bk0aIBg==&rnd=3cdfae17&back=SYNC
https://sync.crwdcntrl.net/map/c=7645/tp=AIDA/gdpr=0/gdpr_consent=DAISYBIT/?https://x01.aidata.io/0.gif?pid=LOTAME&id=ZRLdvwxINAJJQSSQoIEx9A&back=SYNC
https://x01.aidata.io/0.gif?pid=LOTAME&id=ZRLdvwxINAJJQSSQoIEx9A&back=SYNC
https://top-fwz1.mail.ru/counter?id=3202981;pid=ZRLdvwxINAJJQSSQoIEx9A
https://top-fwz1.mail.ru/counter2?id=3202981;pid=ZRLdvwxINAJJQSSQoIEx9A

43 B
1 KB

65ms
63ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=3202981;pid=ZRLdvwxINAJJQSSQoIEx9A

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:23 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Wed, 21 Aug 2024 22:24:23 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime: 86400
location: https://top-fwz1.mail.ru/counter2?id=3202981;pid=ZRLdvwxINAJJQSSQoIEx9A
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2

204

adriver.img
sync.dmp.otm-r.com/match/
Redirect Chain

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5932509&bn=5932509&rnd=1234567890
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5932509&bn=5932509&rnd=1234567890&tuid=-6276352620
https://sync.dmp.otm-r.com/match/adriver.img?id=AjbCtpHpzM_f8IJu5eIICBg

0
152 B

60ms
60ms

Image
text/plain

195.201.152.105
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/adriver.img?id=AjbCtpHpzM_f8IJu5eIICBg
Protocol: H2
Server: 195.201.152.105 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.152.201.195.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Aug 2024 22:24:21 GMT
server: nginx/1.17.6

Redirect headers

Pragma: no-cache
Date: Wed, 21 Aug 2024 22:24:21 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Content-Type: text/html
Location: https://sync.dmp.otm-r.com/match/adriver.img?id=AjbCtpHpzM_f8IJu5eIICBg
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/1/7612/i/
Redirect Chain

https://a.utraff.com/sync?ssp=3031&id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
https://a.lotus-dsp.ru/sync?id=cab4b4fe-80b9-46b3-8ca4-5685fe18a798&ssp=UMG
https://dmg.digitaltarget.ru/1/7612/i/i?a=2367&e=4ed31a3a-dd5a-430c-a0dc-f1ce08beae87&i=8030458303540427155

49 B
555 B

116ms
115ms

Image
image/gif

185.15.175.145
SAFEDATA Uplinks

General

Check archive.org

Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/1/7612/i/i?a=2367&e=4ed31a3a-dd5a-430c-a0dc-f1ce08beae87&i=8030458303540427155

Protocol

HTTP/1.1

Server

185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 22:24:21 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 49
X-XSS-Protection: 1; mode=block

Redirect headers

date: Wed, 21 Aug 2024 22:24:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
location: https://dmg.digitaltarget.ru/1/7612/i/i?a=2367&e=4ed31a3a-dd5a-430c-a0dc-f1ce08beae87&i=8030458303540427155
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vtf7KiX6MP7rQj4%2F%2F95rh2eXnI6J6q4x7yvds5P2DEHovf7tKZBbrJ8lflpl%2BxyhsjpEwZZHD13QyyQsZKnbV%2BZylmgbVLHA1Jzyn4ER4pFwO5OiJT7rREYONS9EWjnzpw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 8b6e08633ebc5d4a-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc: h3=":443"; ma=86400

GET
H2

204

weborama_newUrl
sync.dmp.otm-r.com/match/
Redirect Chain

https://redirect-frontend.weborama-tech.ru/rd?url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fweborama_newUrl%3Fid%3D{WEBO_CID}
https://redirect-frontend.weborama-tech.ru/rd?url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fweborama_newUrl%3Fid%3D%7BWEBO_CID%7D&bounce=1&random=1284695956
https://sync.dmp.otm-r.com/match/weborama_newUrl?id=Fjsb2UL0gZtqbdaP8uMx2O

0
152 B

41ms
40ms

Image
text/plain

195.201.152.105
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/weborama_newUrl?id=Fjsb2UL0gZtqbdaP8uMx2O
Protocol: H2
Server: 195.201.152.105 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.152.201.195.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Aug 2024 22:24:21 GMT
server: nginx/1.17.6

Redirect headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 21 Aug 2024 22:24:21 GMT
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://sync.dmp.otm-r.com/match/weborama_newUrl?id=Fjsb2UL0gZtqbdaP8uMx2O
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ 0
215 B 264ms
87ms Image
text/plain 217.65.2.150
CITYTELECOM-MSK

General

Check archive.org

Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&src=otm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Aug 2024 22:24:21 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.22.1
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK p
cs.agency2.ru/ 35 B
568 B 89ms
89ms Image
image/gif 23.105.255.196
UNITEDNET

General

Check archive.org

Download Go to Show image

Full URL: https://cs.agency2.ru/p?ssp=ot&uid=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.105.255.196 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: fasthttp /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 22:24:21 GMT
Server: fasthttp
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Host: 23.105.255.196
Connection: keep-alive
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 35
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/
Redirect Chain

https://sync.dsp.solta.io/match/OTM_direct_piratka_ssp?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
https://sync.dsp.solta.io/match/OTM_direct_piratka_ssp?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&chk=1
https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=164&external_id=NDcyZWM2MWMyMGRkZDcwZQ

42 B
201 B

258ms
56ms

Image
image/gif

195.209.109.19
ADRIVER

General

Check archive.org

Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=164&external_id=NDcyZWM2MWMyMGRkZDcwZQ
Protocol: HTTP/1.1
Server: 195.209.109.19 , Russian Federation, ASN52007 (ADRIVER, RU),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 22:24:21 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

location: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=164&external_id=NDcyZWM2MWMyMGRkZDcwZQ
date: Wed, 21 Aug 2024 22:24:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
content-length: 0

GET
H2

204

getintent
sync.dmp.otm-r.com/match/
Redirect Chain

https://px.adhigh.net/p/cm/otm_video
https://px.adhigh.net/p/cm/otm_video?bounced=1
https://sync.dmp.otm-r.com/match/getintent?id=5GJ3xq0Cs7G.AikABlGRdwp6ww

0
152 B

95ms
95ms

Image
text/plain

195.201.152.105
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/getintent?id=5GJ3xq0Cs7G.AikABlGRdwp6ww
Protocol: H2
Server: 195.201.152.105 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.152.201.195.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Aug 2024 22:24:21 GMT
server: nginx/1.17.6

Redirect headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:21 GMT
server: nginx
x-backend-id: f15-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://sync.dmp.otm-r.com/match/getintent?id=5GJ3xq0Cs7G.AikABlGRdwp6ww
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET

hyperadx
sync.dmp.otm-r.com/match/
Redirect Chain

https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&pupa=1
https://sync.dmp.otm-r.com/match/hyperadx?id=fd46088e-6776-cdfa-7436-58beebbf6d2e
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&pupa=1
https://sync.dmp.otm-r.com/match/hyperadx?id=fd46088e-6776-cdfa-7436-58beebbf6d2e
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&pupa=1
https://sync.dmp.otm-r.com/match/hyperadx?id=fd46088e-6776-cdfa-7436-58beebbf6d2e
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&pupa=1
https://sync.dmp.otm-r.com/match/hyperadx?id=fd46088e-6776-cdfa-7436-58beebbf6d2e
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&pupa=1
https://sync.dmp.otm-r.com/match/hyperadx?id=fd46088e-6776-cdfa-7436-58beebbf6d2e
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&pupa=1
https://sync.dmp.otm-r.com/match/hyperadx?id=fd46088e-6776-cdfa-7436-58beebbf6d2e
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
https://cmr.bidderstack.com/otm/cm?user_id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&pupa=1
https://sync.dmp.otm-r.com/match/hyperadx?id=fd46088e-6776-cdfa-7436-58beebbf6d2e

0
0

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/1/7601/i/
Redirect Chain

https://sync.opendsp.ru/match/otm_ex?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
https://sm.rtb.mts.ru/p?ssp=tradingdesk&id=NTBlMjY3N2QxNjUyODA2Ng
https://vma.mts.ru/match/second?ssp=67&exu=NTBlMjY3N2QxNjUyODA2Ng
https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=a3f050aa-b576-473f-81b3-cefabeffe170&redirect_return_url=https%3A%2F%2Fpixel.konnektu.ru%2...
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D67%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D
https://vma.mts.ru/em?next=67&em=1&ssp=konnektu&id=
https://sync.opendsp.ru/match/mts_dsp?id=a3f050aa-b576-473f-81b3-cefabeffe170
https://dmg.digitaltarget.ru/1/7601/i/i?a=2121&i=1pbm710mudgui&e=NTBlMjY3N2QxNjUyODA2Ng

49 B
555 B

65ms
65ms

Image
image/gif

185.15.175.145
SAFEDATA Uplinks

General

Check archive.org

Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/1/7601/i/i?a=2121&i=1pbm710mudgui&e=NTBlMjY3N2QxNjUyODA2Ng

Protocol

HTTP/1.1

Server

185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 22:24:22 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 49
X-XSS-Protection: 1; mode=block

Redirect headers

location: https://dmg.digitaltarget.ru/1/7601/i/i?a=2121&i=1pbm710mudgui&e=NTBlMjY3N2QxNjUyODA2Ng
date: Wed, 21 Aug 2024 22:24:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
content-length: 0

GET
H2

200

match
ads.betweendigital.com/
Redirect Chain

https://sync.gonet-ads.com/match/OTM?rid=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D
https://sync.gonet-ads.com/match/OTM?rid=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&chk=1
https://ads.betweendigital.com/match?bidder_id=4098&external_user_id=ZjliODQ5OGExZGJlZGUw

68 B
598 B

31ms
30ms

Image
image/png

188.42.189.197
SERVERS-COM

General

Check archive.org

Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=4098&external_user_id=ZjliODQ5OGExZGJlZGUw
Protocol: H2
Server: 188.42.189.197 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

date: Wed, 21 Aug 2024 22:24:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
location: https://ads.betweendigital.com/match?bidder_id=4098&external_user_id=ZjliODQ5OGExZGJlZGUw
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/1/7612/i/
Redirect Chain

https://a.lotus-dsp.ru/sync?id=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D&ssp=BeelineADX
https://dmg.digitaltarget.ru/1/7612/i/i?a=2367&e=c90a8e0c-f688-408f-9d75-1c74c38d70fc&i=6479013318834386970

49 B
555 B

84ms
84ms

Image
image/gif

185.15.175.145
SAFEDATA Uplinks

General

Check archive.org

Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/1/7612/i/i?a=2367&e=c90a8e0c-f688-408f-9d75-1c74c38d70fc&i=6479013318834386970

Protocol

HTTP/1.1

Server

185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 22:24:21 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 49
X-XSS-Protection: 1; mode=block

Redirect headers

date: Wed, 21 Aug 2024 22:24:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
location: https://dmg.digitaltarget.ru/1/7612/i/i?a=2367&e=c90a8e0c-f688-408f-9d75-1c74c38d70fc&i=6479013318834386970
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2F8TKFO6EeSvnbCBonYVuFxjK5NdJm6toTmDtg9ytZTw8dewGkO%2BVQXtgnxiYupUja7JdgoUDeRVNZVtAvrwjT9Va96DCi01m1V8HyOOiVgdqtq2ilHwvbKkRJ5WcLdv4A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 8b6e0864c8145d4a-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc: h3=":443"; ma=86400

POST
H/1.1 204
No Content prebid Show response
ssp-rtb.sape.ru/ 0
549 B 91ms
90ms Fetch
application/octet-stream 193.3.184.25
QWARTA

General

Check archive.org

Download Go to

Full URL: https://ssp-rtb.sape.ru/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.25 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 21 Aug 2024 22:24:19 GMT
Accept-Encoding: gzip, identity
Server: openresty
X-YaTraceId: 30889e3816c842d49d1888de9acf4748
X-YaRequestId: 97d830de93264fd8928181addff24521
Access-Control-Allow-Methods: POST
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://telegram-vhod.ru
X-YaSpanId: f4a38c010c788e7c
Access-Control-Allow-Credentials: true
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 204 prebid Show response
ssp.hybrid.ai/auction/ 0
210 B 50ms
49ms Fetch 37.230.131.17
HYBRID-POLAND

General

Check archive.org

Download Go to

Full URL: https://ssp.hybrid.ai/auction/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://telegram-vhod.ru
date: Wed, 21 Aug 2024 22:24:19 GMT
access-control-allow-credentials: true
server: Hybrid Web Server
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

GET
H2 200 adjson Show response
ssp.otm-r.com/ 2 B
301 B 88ms
88ms Fetch
application/javascript 194.55.244.183
PROCLOUD PROCLOUD...

General

Check archive.org

Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&domain=telegram-vhod.ru&l=https%3A%2F%2Ftelegram-vhod.ru%2F&s=3371&cur=RUB&bidid=30cd23d9474674a&transactionid=&auctionid=&bidfloor=0
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.183 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:19 GMT
server: nginx/1.23.2
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://telegram-vhod.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

POST
H2 204 prebid Show response
ssp.hybrid.ai/auction/ 0
210 B 50ms
50ms Fetch 37.230.131.17
HYBRID-POLAND

General

Check archive.org

Download Go to

Full URL: https://ssp.hybrid.ai/auction/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://telegram-vhod.ru
date: Wed, 21 Aug 2024 22:24:19 GMT
access-control-allow-credentials: true
server: Hybrid Web Server
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

GET
H2 200 adjson Show response
ssp.otm-r.com/ 2 B
301 B 88ms
88ms Fetch
application/javascript 194.55.244.183
PROCLOUD PROCLOUD...

General

Check archive.org

Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&domain=telegram-vhod.ru&l=https%3A%2F%2Ftelegram-vhod.ru%2F&s=3371&cur=RUB&bidid=34cb05760df3e5d&transactionid=&auctionid=&bidfloor=0
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.183 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:19 GMT
server: nginx/1.23.2
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://telegram-vhod.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

POST
H/1.1 204
No Content prebid Show response
ssp-rtb.sape.ru/ 0
549 B 89ms
87ms Fetch
application/octet-stream 193.3.184.25
QWARTA

General

Check archive.org

Download Go to

Full URL: https://ssp-rtb.sape.ru/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.25 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 21 Aug 2024 22:24:19 GMT
Accept-Encoding: gzip, identity
Server: openresty
X-YaTraceId: 5537b481555a41a99715922f7d847b64
X-YaRequestId: 3dd2beade9454f9dab3fbceee4c8239f
Access-Control-Allow-Methods: POST
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://telegram-vhod.ru
X-YaSpanId: 500df58eb3c93e0e
Access-Control-Allow-Credentials: true
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 asyncjs.php Show response
ads.alfasense.net/adserver/www/delivery/ 4 KB
5 KB 263ms
102ms Script
text/javascript 136.144.31.29
MIRHOSTING

General

Check archive.org

Download Go to

Full URL

https://ads.alfasense.net/adserver/www/delivery/asyncjs.php

Requested by

Host: telegram-vhod.ru
URL: https://telegram-vhod.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

136.144.31.29 Moscow, Russian Federation, ASN52000 (MIRHOSTING, NL),

Reverse DNS

Software

nginx /

Resource Hash

d3d5d8e3aaeec086ae00ad814b3adae7e41462e42a308a09dbce39aaa11572e3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:21 GMT
content-security-policy: frame-ancestors 'self';frame-src 'self';
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
p3p: CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin-allow-popups
etag: 1079f85a6f7f7d83640b17a26d3394d5
x-frame-options: SAMEORIGIN
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600
permissions-policy: geolocation=(self), payment=(self)
expire: Wed, 21 Aug 2024 23:24:21 GMT

GET
H/1.1 200
OK 1x1.png
v.alfasrv.com/stats/ 95 B
397 B 78ms
78ms Image
image/png 84.201.179.252
YANDEXCLOUD

General

Check archive.org

Download Go to Show image

Full URL: https://v.alfasrv.com/stats/1x1.png?s=51049&a=fallback&k1=1&k2=1&e=i&t=p&c=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.201.179.252 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 22:24:21 GMT
Last-Modified: Wednesday, 21-Aug-2024 22:24:21 GMT
Server: nginx/1.14.1
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95

GET
H2 200 adjson Show response
ssp.otm-r.com/ 2 B
301 B 88ms
87ms Fetch
application/javascript 194.55.244.183
PROCLOUD PROCLOUD...

General

Check archive.org

Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&domain=telegram-vhod.ru&l=https%3A%2F%2Ftelegram-vhod.ru%2F&s=3371&cur=RUB&bidid=381a66d874c426d&transactionid=&auctionid=&bidfloor=0
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.183 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:19 GMT
server: nginx/1.23.2
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://telegram-vhod.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

POST
H2 204 prebid Show response
ssp.hybrid.ai/auction/ 0
210 B 61ms
59ms Fetch 37.230.131.17
HYBRID-POLAND

General

Check archive.org

Download Go to

Full URL: https://ssp.hybrid.ai/auction/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://telegram-vhod.ru
date: Wed, 21 Aug 2024 22:24:19 GMT
access-control-allow-credentials: true
server: Hybrid Web Server
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

POST
H/1.1 204
No Content prebid Show response
ssp-rtb.sape.ru/ 0
549 B 91ms
90ms Fetch
application/octet-stream 193.3.184.25
QWARTA

General

Check archive.org

Download Go to

Full URL: https://ssp-rtb.sape.ru/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.25 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 21 Aug 2024 22:24:19 GMT
Accept-Encoding: gzip, identity
Server: openresty
X-YaTraceId: 3387284055f24230bd1569a6ed253298
X-YaRequestId: 3bb423239a1f438ba0e1e535aa8cb4ca
Access-Control-Allow-Methods: POST
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://telegram-vhod.ru
X-YaSpanId: 07c9e2a0c4f0c0e3
Access-Control-Allow-Credentials: true
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET 1x1.png
v.alfasrv.com/stats/ 0
0

POST
H/1.1 204
No Content prebid Show response
ssp-rtb.sape.ru/ 0
549 B 90ms
89ms Fetch
application/octet-stream 193.3.184.25
QWARTA

General

Check archive.org

Download Go to

Full URL: https://ssp-rtb.sape.ru/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.25 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 21 Aug 2024 22:24:19 GMT
Accept-Encoding: gzip, identity
Server: openresty
X-YaTraceId: 2c1e224f8d25476dbff7ce00e76a1589
X-YaRequestId: 3428a768714643e5bf633858d88b3183
Access-Control-Allow-Methods: POST
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://telegram-vhod.ru
X-YaSpanId: 210a14635ff0e7e1
Access-Control-Allow-Credentials: true
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 204 prebid Show response
ssp.hybrid.ai/auction/ 0
210 B 55ms
53ms Fetch 37.230.131.17
HYBRID-POLAND

General

Check archive.org

Download Go to

Full URL: https://ssp.hybrid.ai/auction/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://telegram-vhod.ru
date: Wed, 21 Aug 2024 22:24:19 GMT
access-control-allow-credentials: true
server: Hybrid Web Server
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

GET
H2 200 adjson Show response
ssp.otm-r.com/ 2 B
301 B 83ms
82ms Fetch
application/javascript 194.55.244.183
PROCLOUD PROCLOUD...

General

Check archive.org

Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&domain=telegram-vhod.ru&l=https%3A%2F%2Ftelegram-vhod.ru%2F&s=3371&cur=RUB&bidid=4889ce039f4f592&transactionid=&auctionid=&bidfloor=0
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.183 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:19 GMT
server: nginx/1.23.2
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://telegram-vhod.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

GET
H2 200 adjson Show response
ssp.otm-r.com/ 2 B
301 B 73ms
73ms Fetch
application/javascript 194.55.244.183
PROCLOUD PROCLOUD...

General

Check archive.org

Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&domain=telegram-vhod.ru&l=https%3A%2F%2Ftelegram-vhod.ru%2F&s=3371&cur=RUB&bidid=503e2c18e07f54f&transactionid=&auctionid=&bidfloor=0
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.183 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:19 GMT
server: nginx/1.23.2
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://telegram-vhod.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

POST
H/1.1 204
No Content prebid Show response
ssp-rtb.sape.ru/ 0
549 B 79ms
78ms Fetch
application/octet-stream 193.3.184.25
QWARTA

General

Check archive.org

Download Go to

Full URL: https://ssp-rtb.sape.ru/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.25 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 21 Aug 2024 22:24:19 GMT
Accept-Encoding: gzip, identity
Server: openresty
X-YaTraceId: c28704774ed34c2f843ef2a90fab31c8
X-YaRequestId: c04c560de32b41308b52e46388b23282
Access-Control-Allow-Methods: POST
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://telegram-vhod.ru
X-YaSpanId: 75a54dc69eb42551
Access-Control-Allow-Credentials: true
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 204 prebid Show response
ssp.hybrid.ai/auction/ 0
210 B 117ms
116ms Fetch 37.230.131.17
HYBRID-POLAND

General

Check archive.org

Download Go to

Full URL: https://ssp.hybrid.ai/auction/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://telegram-vhod.ru
date: Wed, 21 Aug 2024 22:24:20 GMT
access-control-allow-credentials: true
server: Hybrid Web Server
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

POST
H2 204 prebid Show response
ssp.hybrid.ai/auction/ 0
210 B 40ms
39ms Fetch 37.230.131.17
HYBRID-POLAND

General

Check archive.org

Download Go to

Full URL: https://ssp.hybrid.ai/auction/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://telegram-vhod.ru
date: Wed, 21 Aug 2024 22:24:19 GMT
access-control-allow-credentials: true
server: Hybrid Web Server
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

POST
H/1.1 204
No Content prebid Show response
ssp-rtb.sape.ru/ 0
549 B 78ms
77ms Fetch
application/octet-stream 193.3.184.25
QWARTA

General

Check archive.org

Download Go to

Full URL: https://ssp-rtb.sape.ru/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.25 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 21 Aug 2024 22:24:19 GMT
Accept-Encoding: gzip, identity
Server: openresty
X-YaTraceId: c6e07d6bc7b54d7bb8ab05fb1ebf9f44
X-YaRequestId: 55289eb636744dc3afa3d4b7b71d5392
Access-Control-Allow-Methods: POST
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://telegram-vhod.ru
X-YaSpanId: 55e93e8f74758fb3
Access-Control-Allow-Credentials: true
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 adjson Show response
ssp.otm-r.com/ 2 B
301 B 72ms
72ms Fetch
application/javascript 194.55.244.183
PROCLOUD PROCLOUD...

General

Check archive.org

Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&domain=telegram-vhod.ru&l=https%3A%2F%2Ftelegram-vhod.ru%2F&s=3371&cur=RUB&bidid=60b0854e08e9298&transactionid=&auctionid=&bidfloor=0
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.183 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:19 GMT
server: nginx/1.23.2
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://telegram-vhod.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

GET
H/1.1 200
OK 1x1.png
v.alfasrv.com/stats/ 95 B
397 B 81ms
81ms Image
image/png 84.201.179.252
YANDEXCLOUD

General

Check archive.org

Download Go to Show image

Full URL: https://v.alfasrv.com/stats/1x1.png?s=51052&a=fallback&k1=1&k2=1&e=i&t=p&c=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.201.179.252 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 22:24:21 GMT
Last-Modified: Wednesday, 21-Aug-2024 22:24:21 GMT
Server: nginx/1.14.1
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95

GET
H2 200 adjson Show response
ssp.otm-r.com/ 2 B
301 B 72ms
71ms Fetch
application/javascript 194.55.244.183
PROCLOUD PROCLOUD...

General

Check archive.org

Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&domain=telegram-vhod.ru&l=https%3A%2F%2Ftelegram-vhod.ru%2F&s=3371&cur=RUB&bidid=624d0144669dc43&transactionid=&auctionid=&bidfloor=0
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.183 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:19 GMT
server: nginx/1.23.2
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://telegram-vhod.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

POST
H2 204 prebid Show response
ssp.hybrid.ai/auction/ 0
210 B 423ms
421ms Fetch 37.230.131.17
HYBRID-POLAND

General

Check archive.org

Download Go to

Full URL: https://ssp.hybrid.ai/auction/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://telegram-vhod.ru
date: Wed, 21 Aug 2024 22:24:20 GMT
access-control-allow-credentials: true
server: Hybrid Web Server
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

POST
H/1.1 204
No Content prebid Show response
ssp-rtb.sape.ru/ 0
549 B 72ms
70ms Fetch
application/octet-stream 193.3.184.25
QWARTA

General

Check archive.org

Download Go to

Full URL: https://ssp-rtb.sape.ru/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.25 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 21 Aug 2024 22:24:19 GMT
Accept-Encoding: gzip, identity
Server: openresty
X-YaTraceId: 1cdac61644be4ecdab93630a7f4dece1
X-YaRequestId: 1e0a897e03c54b6cb8f5ed5fbc38e3fc
Access-Control-Allow-Methods: POST
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://telegram-vhod.ru
X-YaSpanId: 39b3bd5875cf7612
Access-Control-Allow-Credentials: true
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET 1x1.png
v.alfasrv.com/stats/ 0
0

POST
H/1.1 204
No Content prebid Show response
ssp-rtb.sape.ru/ 0
549 B 91ms
88ms Fetch
application/octet-stream 193.3.184.25
QWARTA

General

Check archive.org

Download Go to

Full URL: https://ssp-rtb.sape.ru/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.25 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 21 Aug 2024 22:24:19 GMT
Accept-Encoding: gzip, identity
Server: openresty
X-YaTraceId: 4e7e974c1e994577b6cc4346e8cb3c56
X-YaRequestId: b122532818404be8a289546ffcfefffc
Access-Control-Allow-Methods: POST
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://telegram-vhod.ru
X-YaSpanId: e2b73d61f7061237
Access-Control-Allow-Credentials: true
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 204 prebid Show response
ssp.hybrid.ai/auction/ 0
210 B 164ms
162ms Fetch 37.230.131.17
HYBRID-POLAND

General

Check archive.org

Download Go to

Full URL: https://ssp.hybrid.ai/auction/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://telegram-vhod.ru
date: Wed, 21 Aug 2024 22:24:20 GMT
access-control-allow-credentials: true
server: Hybrid Web Server
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

GET
H2 200 adjson Show response
ssp.otm-r.com/ 2 B
301 B 72ms
72ms Fetch
application/javascript 194.55.244.183
PROCLOUD PROCLOUD...

General

Check archive.org

Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&domain=telegram-vhod.ru&l=https%3A%2F%2Ftelegram-vhod.ru%2F&s=3371&cur=RUB&bidid=726c98049ace00d&transactionid=&auctionid=&bidfloor=0
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.183 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:19 GMT
server: nginx/1.23.2
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://telegram-vhod.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

POST
H/1.1 204
No Content prebid Show response
ssp-rtb.sape.ru/ 0
549 B 83ms
82ms Fetch
application/octet-stream 193.3.184.25
QWARTA

General

Check archive.org

Download Go to

Full URL: https://ssp-rtb.sape.ru/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.25 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 21 Aug 2024 22:24:20 GMT
Accept-Encoding: gzip, identity
Server: openresty
X-YaTraceId: 442586e6dd7f4a9687f08aa0ed65f894
X-YaRequestId: 1776785446284a5fa3612972bdf85e2c
Access-Control-Allow-Methods: POST
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://telegram-vhod.ru
X-YaSpanId: bc0816b9cf8685ac
Access-Control-Allow-Credentials: true
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 adjson Show response
ssp.otm-r.com/ 2 B
301 B 69ms
69ms Fetch
application/javascript 194.55.244.183
PROCLOUD PROCLOUD...

General

Check archive.org

Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&domain=telegram-vhod.ru&l=https%3A%2F%2Ftelegram-vhod.ru%2F&s=3371&cur=RUB&bidid=7611ece53a3cb54&transactionid=&auctionid=&bidfloor=0
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.183 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:20 GMT
server: nginx/1.23.2
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://telegram-vhod.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

POST
H2 204 prebid Show response
ssp.hybrid.ai/auction/ 0
210 B 44ms
42ms Fetch 37.230.131.17
HYBRID-POLAND

General

Check archive.org

Download Go to

Full URL: https://ssp.hybrid.ai/auction/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://telegram-vhod.ru
date: Wed, 21 Aug 2024 22:24:20 GMT
access-control-allow-credentials: true
server: Hybrid Web Server
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

GET
H/1.1 200
OK 1x1.png
v.alfasrv.com/stats/ 95 B
397 B 89ms
63ms Image
image/png 84.201.179.252
YANDEXCLOUD

General

Check archive.org

Download Go to Show image

Full URL: https://v.alfasrv.com/stats/1x1.png?s=51054&a=fallback&k1=1&k2=1&e=i&t=p&c=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.201.179.252 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 22:24:21 GMT
Last-Modified: Wednesday, 21-Aug-2024 22:24:21 GMT
Server: nginx/1.14.1
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95

GET
H2 200 adjson Show response
ssp.otm-r.com/ 2 B
301 B 76ms
76ms Fetch
application/javascript 194.55.244.183
PROCLOUD PROCLOUD...

General

Check archive.org

Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&domain=telegram-vhod.ru&l=https%3A%2F%2Ftelegram-vhod.ru%2F&s=3371&cur=RUB&bidid=806e89ae05873ff&transactionid=&auctionid=&bidfloor=0
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.183 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:20 GMT
server: nginx/1.23.2
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://telegram-vhod.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

POST
H/1.1 204
No Content prebid Show response
ssp-rtb.sape.ru/ 0
549 B 92ms
91ms Fetch
application/octet-stream 193.3.184.25
QWARTA

General

Check archive.org

Download Go to

Full URL: https://ssp-rtb.sape.ru/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.25 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 21 Aug 2024 22:24:20 GMT
Accept-Encoding: gzip, identity
Server: openresty
X-YaTraceId: 484c316af1d44f838f905e8a47097e47
X-YaRequestId: 078563e8e9084e39a0db2cab2d61f152
Access-Control-Allow-Methods: POST
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://telegram-vhod.ru
X-YaSpanId: 13fb1ee42ea416ac
Access-Control-Allow-Credentials: true
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 204 prebid Show response
ssp.hybrid.ai/auction/ 0
210 B 51ms
50ms Fetch 37.230.131.17
HYBRID-POLAND

General

Check archive.org

Download Go to

Full URL: https://ssp.hybrid.ai/auction/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://telegram-vhod.ru
date: Wed, 21 Aug 2024 22:24:20 GMT
access-control-allow-credentials: true
server: Hybrid Web Server
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

GET
H2 200 adjson Show response
ssp.otm-r.com/ 2 B
301 B 76ms
75ms Fetch
application/javascript 194.55.244.183
PROCLOUD PROCLOUD...

General

Check archive.org

Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=-120&w=240&h=400&domain=telegram-vhod.ru&l=https%3A%2F%2Ftelegram-vhod.ru%2F&s=3371&cur=RUB&bidid=86370db79f2a176&transactionid=&auctionid=&bidfloor=0
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.183 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:20 GMT
server: nginx/1.23.2
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://telegram-vhod.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

POST
H2 204 prebid Show response
ssp.hybrid.ai/auction/ 0
210 B 298ms
297ms Fetch 37.230.131.17
HYBRID-POLAND

General

Check archive.org

Download Go to

Full URL: https://ssp.hybrid.ai/auction/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://telegram-vhod.ru
date: Wed, 21 Aug 2024 22:24:20 GMT
access-control-allow-credentials: true
server: Hybrid Web Server
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

POST
H/1.1 204
No Content prebid Show response
ssp-rtb.sape.ru/ 0
549 B 95ms
93ms Fetch
application/octet-stream 193.3.184.25
QWARTA

General

Check archive.org

Download Go to

Full URL: https://ssp-rtb.sape.ru/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.25 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 21 Aug 2024 22:24:20 GMT
Accept-Encoding: gzip, identity
Server: openresty
X-YaTraceId: bbd8c666924940be9d6bdad3ddcbdf90
X-YaRequestId: 550acc28f44b479abd589d999624a390
Access-Control-Allow-Methods: POST
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://telegram-vhod.ru
X-YaSpanId: 9b73c6346e915ba1
Access-Control-Allow-Credentials: true
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK 1x1.png
v.alfasrv.com/stats/ 95 B
397 B 132ms
68ms Image
image/png 84.201.179.252
YANDEXCLOUD

General

Check archive.org

Download Go to Show image

Full URL: https://v.alfasrv.com/stats/1x1.png?s=51056&a=fallback&k1=1&k2=1&e=i&t=p&c=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.201.179.252 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 22:24:21 GMT
Last-Modified: Wednesday, 21-Aug-2024 22:24:21 GMT
Server: nginx/1.14.1
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95

POST
H2 204 prebid Show response
ssp.hybrid.ai/auction/ 0
210 B 252ms
251ms Fetch 37.230.131.17
HYBRID-POLAND

General

Check archive.org

Download Go to

Full URL: https://ssp.hybrid.ai/auction/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://telegram-vhod.ru
date: Wed, 21 Aug 2024 22:24:20 GMT
access-control-allow-credentials: true
server: Hybrid Web Server
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

POST
H/1.1 204
No Content prebid Show response
ssp-rtb.sape.ru/ 0
549 B 116ms
114ms Fetch
application/octet-stream 193.3.184.25
QWARTA

General

Check archive.org

Download Go to

Full URL: https://ssp-rtb.sape.ru/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.25 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 21 Aug 2024 22:24:20 GMT
Accept-Encoding: gzip, identity
Server: openresty
X-YaTraceId: 8bc5614361a3487b9f46704b73d4889a
X-YaRequestId: 1fbc07dde48842ac81d1707db25b274c
Access-Control-Allow-Methods: POST
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://telegram-vhod.ru
X-YaSpanId: 911027b3021d78e1
Access-Control-Allow-Credentials: true
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 adjson Show response
ssp.otm-r.com/ 2 B
301 B 115ms
114ms Fetch
application/javascript 194.55.244.183
PROCLOUD PROCLOUD...

General

Check archive.org

Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=-120&w=240&h=400&domain=telegram-vhod.ru&l=https%3A%2F%2Ftelegram-vhod.ru%2F&s=3371&cur=RUB&bidid=962424cc560190d&transactionid=&auctionid=&bidfloor=0
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.183 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:20 GMT
server: nginx/1.23.2
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://telegram-vhod.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

POST
H/1.1 204
No Content prebid Show response
ssp-rtb.sape.ru/ 0
549 B 100ms
99ms Fetch
application/octet-stream 193.3.184.25
QWARTA

General

Check archive.org

Download Go to

Full URL: https://ssp-rtb.sape.ru/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.25 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 21 Aug 2024 22:24:20 GMT
Accept-Encoding: gzip, identity
Server: openresty
X-YaTraceId: c09e8f7bdbb74a75aa212d559b907ddd
X-YaRequestId: 7461b63773604c9a81cf1afab9bab29c
Access-Control-Allow-Methods: POST
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://telegram-vhod.ru
X-YaSpanId: 4a6a2fdf40d57561
Access-Control-Allow-Credentials: true
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 adjson Show response
ssp.otm-r.com/ 2 B
301 B 114ms
113ms Fetch
application/javascript 194.55.244.183
PROCLOUD PROCLOUD...

General

Check archive.org

Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=-120&w=970&h=90&domain=telegram-vhod.ru&l=https%3A%2F%2Ftelegram-vhod.ru%2F&s=3371&cur=RUB&bidid=100e8aa03ffacb7&transactionid=&auctionid=&bidfloor=0
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.183 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:20 GMT
server: nginx/1.23.2
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://telegram-vhod.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

POST
H2 204 prebid Show response
ssp.hybrid.ai/auction/ 0
210 B 69ms
68ms Fetch 37.230.131.17
HYBRID-POLAND

General

Check archive.org

Download Go to

Full URL: https://ssp.hybrid.ai/auction/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://telegram-vhod.ru
date: Wed, 21 Aug 2024 22:24:20 GMT
access-control-allow-credentials: true
server: Hybrid Web Server
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

GET
H/1.1 200
OK 1x1.png
v.alfasrv.com/stats/ 95 B
397 B 165ms
64ms Image
image/png 84.201.179.252
YANDEXCLOUD

General

Check archive.org

Download Go to Show image

Full URL: https://v.alfasrv.com/stats/1x1.png?s=51055&a=fallback&k1=1&k2=1&e=i&t=p&c=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.201.179.252 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 22:24:21 GMT
Last-Modified: Wednesday, 21-Aug-2024 22:24:21 GMT
Server: nginx/1.14.1
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95

POST
H/1.1 204
No Content prebid Show response
ssp-rtb.sape.ru/ 0
549 B 86ms
85ms Fetch
application/octet-stream 193.3.184.25
QWARTA

General

Check archive.org

Download Go to

Full URL: https://ssp-rtb.sape.ru/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.25 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 21 Aug 2024 22:24:20 GMT
Accept-Encoding: gzip, identity
Server: openresty
X-YaTraceId: 7849aca314104416995f715f1b3e9cd8
X-YaRequestId: 9400ce0f5d614235b5026e0b4c3abd14
Access-Control-Allow-Methods: POST
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://telegram-vhod.ru
X-YaSpanId: 7cccf588cd6ed8de
Access-Control-Allow-Credentials: true
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 204 prebid Show response
ssp.hybrid.ai/auction/ 0
210 B 183ms
182ms Fetch 37.230.131.17
HYBRID-POLAND

General

Check archive.org

Download Go to

Full URL: https://ssp.hybrid.ai/auction/prebid
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.17 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://telegram-vhod.ru
date: Wed, 21 Aug 2024 22:24:20 GMT
access-control-allow-credentials: true
server: Hybrid Web Server
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

GET
H2 200 adjson Show response
ssp.otm-r.com/ 2 B
301 B 72ms
71ms Fetch
application/javascript 194.55.244.183
PROCLOUD PROCLOUD...

General

Check archive.org

Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=-120&w=970&h=90&domain=telegram-vhod.ru&l=https%3A%2F%2Ftelegram-vhod.ru%2F&s=3371&cur=RUB&bidid=108542eed1d26c65&transactionid=&auctionid=&bidfloor=0
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.183 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Aug 2024 22:24:20 GMT
server: nginx/1.23.2
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://telegram-vhod.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

GET
H/1.1 200
OK 1x1.png
v.alfasrv.com/stats/ 95 B
397 B 174ms
66ms Image
image/png 84.201.179.252
YANDEXCLOUD

General

Check archive.org

Download Go to Show image

Full URL: https://v.alfasrv.com/stats/1x1.png?s=51059&a=fallback&k1=1&k2=1&e=i&t=p&c=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.201.179.252 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 22:24:21 GMT
Last-Modified: Wednesday, 21-Aug-2024 22:24:21 GMT
Server: nginx/1.14.1
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95

GET 1x1.png
v.alfasrv.com/stats/ 0
0

GET
H2 200 asyncspc.php Show response
ads.alfasense.net/adserver/www/delivery/ 2 KB
3 KB 74ms
74ms XHR
application/json 136.144.31.29
MIRHOSTING

General

Check archive.org

Download Go to

Full URL

https://ads.alfasense.net/adserver/www/delivery/asyncspc.php?zones=8%7C1%7C11%7C11&prefix=revive-0-&xcampaigns=%7Bcampaigns%7D&xsite=%7Bsite%7D&xsitename=%7Bsite_name%7D&loc=https%3A%2F%2Ftelegram-vhod.ru%2F

Requested by

Host: ads.alfasense.net
URL: https://ads.alfasense.net/adserver/www/delivery/asyncjs.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

136.144.31.29 Moscow, Russian Federation, ASN52000 (MIRHOSTING, NL),

Reverse DNS

Software

nginx /

Resource Hash

abbebcec9eb194670a2b7a743677759d54d1dc80d34819f2769c0042e096831e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:21 GMT
content-security-policy: frame-ancestors 'self';frame-src 'self';
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
p3p: CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block;
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://telegram-vhod.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: geolocation=(self), payment=(self)
expires: 0

GET
H2 200 lg.php
ads.alfasense.net/adserver/www/delivery/ 43 B
687 B 86ms
85ms Image
image/gif 136.144.31.29
MIRHOSTING

General

Check archive.org

Download Go to Show image

Full URL

https://ads.alfasense.net/adserver/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=8&loc=https%3A%2F%2Ftelegram-vhod.ru%2F&cb=524e1a0607&zones=8|1|11|11&xcampaigns={campaigns}&xsite={site}&xsitename={site_name}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

136.144.31.29 Moscow, Russian Federation, ASN52000 (MIRHOSTING, NL),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:21 GMT
content-security-policy: frame-ancestors 'self';frame-src 'self';
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
p3p: CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block;
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
permissions-policy: geolocation=(self), payment=(self)
expires: 0

GET
H2 200 lg.php
ads.alfasense.net/adserver/www/delivery/ 43 B
687 B 101ms
100ms Image
image/gif 136.144.31.29
MIRHOSTING

General

Check archive.org

Download Go to Show image

Full URL

https://ads.alfasense.net/adserver/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=1&loc=https%3A%2F%2Ftelegram-vhod.ru%2F&cb=8c56b05040&zones=8|1|11|11&xcampaigns={campaigns}&xsite={site}&xsitename={site_name}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

136.144.31.29 Moscow, Russian Federation, ASN52000 (MIRHOSTING, NL),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:21 GMT
content-security-policy: frame-ancestors 'self';frame-src 'self';
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
p3p: CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block;
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
permissions-policy: geolocation=(self), payment=(self)
expires: 0

GET
H2 200 lg.php
ads.alfasense.net/adserver/www/delivery/ 43 B
687 B 86ms
85ms Image
image/gif 136.144.31.29
MIRHOSTING

General

Check archive.org

Download Go to Show image

Full URL

https://ads.alfasense.net/adserver/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=11&loc=https%3A%2F%2Ftelegram-vhod.ru%2F&cb=f77bafb7b0&zones=8|1|11|11&xcampaigns={campaigns}&xsite={site}&xsitename={site_name}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

136.144.31.29 Moscow, Russian Federation, ASN52000 (MIRHOSTING, NL),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:21 GMT
content-security-policy: frame-ancestors 'self';frame-src 'self';
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
p3p: CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block;
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
permissions-policy: geolocation=(self), payment=(self)
expires: 0

GET
H2 200 lg.php
ads.alfasense.net/adserver/www/delivery/ 43 B
687 B 85ms
85ms Image
image/gif 136.144.31.29
MIRHOSTING

General

Check archive.org

Download Go to Show image

Full URL

https://ads.alfasense.net/adserver/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=11&loc=https%3A%2F%2Ftelegram-vhod.ru%2F&cb=4854e9e5c2&zones=8|1|11|11&xcampaigns={campaigns}&xsite={site}&xsitename={site_name}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

136.144.31.29 Moscow, Russian Federation, ASN52000 (MIRHOSTING, NL),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://telegram-vhod.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 22:24:21 GMT
content-security-policy: frame-ancestors 'self';frame-src 'self';
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
p3p: CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block;
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
permissions-policy: geolocation=(self), payment=(self)
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: v.alfasrv.com
URL: https://v.alfasrv.com/stats/1x1.png?s=51049&e=r&t=p

Domain: v.alfasrv.com
URL: https://v.alfasrv.com/stats/1x1.png?s=51051&e=r&t=p

Domain: v.alfasrv.com
URL: https://v.alfasrv.com/stats/1x1.png?s=51053&e=r&t=p

Domain: v.alfasrv.com
URL: https://v.alfasrv.com/stats/1x1.png?s=51054&e=r&t=p

Domain: v.alfasrv.com
URL: https://v.alfasrv.com/stats/1x1.png?s=51055&e=r&t=p

Domain: rtb.com.ru
URL: https://rtb.com.ru/otmrtb-sync?uid=NjZjNjY5MTMwZTc2NmY5MQ%3D%3D

Domain: sync.dmp.otm-r.com
URL: https://sync.dmp.otm-r.com/match/hyperadx?id=fd46088e-6776-cdfa-7436-58beebbf6d2e

Domain: v.alfasrv.com
URL: https://v.alfasrv.com/stats/1x1.png?s=51051&a=fallback&k1=1&k2=1&e=i&t=p&c=0

Domain: v.alfasrv.com
URL: https://v.alfasrv.com/stats/1x1.png?s=51053&a=fallback&k1=1&k2=1&e=i&t=p&c=0

Domain: v.alfasrv.com
URL: https://v.alfasrv.com/stats/1x1.png?s=51058&a=fallback&k1=1&k2=1&e=i&t=p&c=0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

44 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

68 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kimberlite.io/rtb	1970-01-20 23:08:03	Name: da Value: SeOR3QAAAAE
kimberlite.io/rtb	1970-01-20 23:08:03	Name: as Value: -WrUeGbGaRU4WsfhZsZpFQ
.telegram-vhod.ru/	1970-01-21 07:43:35	Name: __ddg1_ Value: H9KlnToEpynhUTFUYw5e
telegram-vhod.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: e2c0fd9783b0b5a0961881a76d52fe45
.telegram-vhod.ru/	1970-01-21 07:43:35	Name: "_pubcid" Value: f1e1e97f-135c-4f66-9c62-b2297a5647d0
.telegram-vhod.ru/	1970-01-21 07:43:35	Name: "_pubcid"_cst Value: zix7LPQsHA%3D%3D
.otm-r.com/	1970-01-20 23:00:51	Name: otcm_all Value: sila8j
.otm-r.com/	1970-01-21 07:43:35	Name: mpid Value: NjZjNjY5MTMwZTc2NmY5MQ==
.ssp-rtb.sape.ru/	1970-01-21 08:33:59	Name: sspuid Value: CkIDKWbGaROvgAZOC1+cAvr4jtZSvZ+CMcjHqaMpqXmmJXxs
.mts.ru/	1970-01-21 07:30:37	Name: dspid Value: a3f050aa-b576-473f-81b3-cefabeffe170
.dmg.digitaltarget.ru/	1970-01-21 08:33:59	Name: viuserid Value: a3JEI3azNEnY7Ui72Fn9
.yandex.ru/	1970-01-21 08:33:59	Name: i Value: kx6jWLDlJDgQwb+/KqpAruU4Ak1E4HkeKrZn9r/q3jnwWuT9Y5jJox/fyXu373pMHJQ4j+K9kcidHnaXru4+vMoQpOA=
.yandex.ru/	1970-01-21 08:33:59	Name: yandexuid Value: 2911137151724279059
.yandex.ru/	1970-01-21 07:43:35	Name: yashr Value: 551665481724279059
kimberlite.io/	1970-01-21 01:07:35	Name: u Value: ZsZpE8No1Us~1Q87Kcp_pz5PxXKovdB0MFYdvfU
.ohmy.bid/	1970-01-20 23:41:11	Name: uid Value: f5b972a1-3669-469f-a332-602596da81ce.66c66914.e4969ba7b9de6bb3
.betweendigital.com/	1970-01-21 07:43:35	Name: dc Value: lux1
.betweendigital.com/	1970-01-21 07:43:35	Name: tuuid Value: b561a65c-e1b3-52eb-8d32-c8adebf4a1b9
.betweendigital.com/	1970-01-21 07:43:35	Name: ss Value: 1
.yandex.ru/	1970-01-21 07:43:35	Name: receive-cookie-deprecation Value: 1
.agency2.ru/	1970-01-21 07:30:37	Name: uuid Value: abb81910-bfbf-442b-891f-133419037e47
.mts.ru/	1970-01-21 08:33:59	Name: ma_last_sync Value: 1724279060339
.mts.ru/	1970-01-21 08:33:59	Name: ma_id Value: 6863072591724279060340
.yandex.ru/	1970-01-21 08:33:59	Name: yuidss Value: 2911137151724279059
sync.programmatica.com/	1969-12-31 23:59:59	Name: chk Value: 1
.programmatica.com/	1970-01-21 08:33:59	Name: pid Value: NjgyNjEwZjQwNTZmZjc1ZQ
.suprion.ru/	1970-01-21 08:33:59	Name: KsId Value: 4ucL1aJxXAYS2k
sync.otm-r.com/	1970-01-20 23:42:37	Name: mpid Value: NjZjNjY5MTMwZTc2NmY5MQ==
.ops.beeline.ru/	1970-01-21 07:30:37	Name: BeeAID Value: cb9910e7-305f-43bf-abf1-8026c5859b4c
ads.adlook.me/	1970-01-21 07:43:30	Name: adlm_userId Value: 09f6ebb3ea6d49afbcc441a0b6e51da5
ads.adlook.me/	1970-01-21 08:33:59	Name: adlk_cmatch Value: otm%3ANjZjNjY5MTMwZTc2NmY5MQ%3D%3D
.aidata.io/	1970-01-21 08:33:59	Name: __upin Value: ZRLdvwxINAJJQSSQoIEx9A
.aidata.io/	1970-01-21 08:33:59	Name: __upints Value: 1724279060
.weborama.fr/	1970-01-21 08:23:54	Name: AFFICHE_W Value: F-dbSIKJvG0X31
.wi-fi.ru/	1970-01-21 07:43:35	Name: dmpuid Value: c8j2uRe4TRCyYH31wcg0yQ
sync.opendsp.ru/	1969-12-31 23:59:59	Name: chk Value: 1
.utraff.com/	1970-01-21 08:33:59	Name: utid Value: kagRMzMJ4P_z9X-iEE7bt6V0b7Q8wc6SrASTmUUEhkWDhMYdKS4E4X2ragz9UHlm2SlP29XzbX60qOnYXJS2aQ
.moe.video/	1970-01-21 08:33:59	Name: uid Value: 8dfde1180d9f62884be0
.opendsp.ru/	1970-01-21 08:33:59	Name: pid Value: NTBlMjY3N2QxNjUyODA2Ng
.buzzoola.com/	1970-01-20 23:41:11	Name: uuid Value: 05c3b8ab-2587-4b13-5c57-520d7bb6d820
x01.aidata.io/	1970-01-20 23:02:18	Name: gi Value: 1
.rutarget.ru/	1970-01-21 03:17:11	Name: userId Value: KHhRqvvB6uMO
.acint.net/	1970-01-20 22:57:59	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-21 08:33:59	Name: aid Value: fwAACWbGaRQUWwELwyS+ArSyQL4OdrtcwKmRrTSWeg5UQ3Xo
.weborama-tech.ru/	1970-01-21 08:23:54	Name: AFFICHE_W Value: eTpjrY8eJk5520
.acint.net/	1970-01-20 23:41:11	Name: cSyncDp14v4 Value: 1724279061
.adriver.ru/	1970-01-21 08:33:59	Name: cid Value: AjbCtpHpzM_f8IJu5eIICBg
.bumlam.com/	1970-01-21 08:33:59	Name: suuid3 Value: IiQxY2U3ZjNkYy02MDBjLTExZWYtOWI3Yi0wMDI1OTBjODI0MzY*
.upravel.com/	1970-01-20 22:57:59	Name: session_tptc Value: 1724279061276
.adhigh.net/	1970-01-21 07:43:35	Name: gi_u Value: 5GJ3xq0Cs7G.AikABlGRdwp6ww
.upravel.com/	1970-01-21 08:33:59	Name: user_id Value: 39d861a2-8083-48b1-bc40-e9b0fde6d7fb
sync.dsp.solta.io/	1969-12-31 23:59:59	Name: chk Value: 1
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.adhigh.net/	1970-01-21 07:43:35	Name: aidata_sync Value: L7tv
.adhigh.net/	1970-01-21 07:43:35	Name: otm_video_sync Value: L7tv
.gonet-ads.com/	1970-01-21 07:43:35	Name: pid Value: ZjliODQ5OGExZGJlZGUw
.dsp.solta.io/	1970-01-21 08:33:59	Name: pid Value: NDcyZWM2MWMyMGRkZDcwZQ
.betweendigital.com/	1970-01-21 07:43:35	Name: ut Value: ZsZpFQAHdij35EJrRZFhQmh-6iV7lEJB-0OEFg==
x01.aidata.io/	1970-01-20 23:02:18	Name: livin Value: 1
ads.alfasense.net/	1970-01-21 07:43:35	Name: OAID Value: 01000111010001000101000001010010
x01.aidata.io/	1970-01-20 23:08:03	Name: otm Value: 1
x01.aidata.io/	1970-01-20 23:08:03	Name: mgcom Value: 1
x01.aidata.io/	1970-01-20 23:08:03	Name: yaya Value: 1
x01.aidata.io/	1970-01-20 23:08:03	Name: altg Value: 1
x01.aidata.io/	1970-01-20 23:08:03	Name: lotame Value: 1
x01.aidata.io/	1970-01-20 23:02:18	Name: mytarget Value: 1
top-fwz1.mail.ru/	1970-01-21 07:45:01	Name: PVID Value: 33QuVC2HqmYR0000270F1KoR:::0-0-0-be0c1d7-0-be0c1d7:CAASECV3hrPAyMHTO6QqOVle3CEaYMN2cXV2m5NiYM1Tv-BZFhm1NQGne4wSZ_qnmWMiLJZBpzL8UDm9NWLnrpAPhpo_dkquZUNWJiP_r4RgegTplY5PjewxArjpJdmdFGQ9mXFjcwY9FHlZipaBTg_abU1igQ
.mail.ru/	1970-01-21 07:45:01	Name: VID Value: 33QuVC2HqmYR0000270F1KoR:::0-0-0-be0c1d7-0-be0c1d7:CAASECV3hrPAyMHTO6QqOVle3CEaYMN2cXV2m5NiYM1Tv-BZFhm1NQGne4wSZ_qnmWMiLJZBpzL8UDm9NWLnrpAPhpo_dkquZUNWJiP_r4RgegTplY5PjewxArjpJdmdFGQ9mXFjcwY9FHlZipaBTg_abU1igQ

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://an.yandex.ru/setud/mts_banner/o_BQqrV2Rz-Bs876vv_hcA?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D26%26em%3D0&sign=601428009 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.dmp.otm-r.com/match/hyperadx?id=fd46088e-6776-cdfa-7436-58beebbf6d2e Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

39d861a2-8083-48b1-bc40-e9b0fde6d7fb.sync.upravel.com
6863072591724279060340.cm.a.mts.ru
7405722167825297297-otm.ops.beeline.ru
8232351891724279060340.cm.a.mts.ru
a.lotus-dsp.ru
a.utraff.com
acint.net
ads.adlook.me
ads.alfasense.net
ads.betweendigital.com
an.yandex.ru
cdn.alfasense.net
cdn.taboola.com
cm.a.mts.ru
cm.p.altergeo.ru
counter.yadro.ru
cs.agency2.ru
cs.alfasense.com
dm-eu.hybrid.ai
dmg.digitaltarget.ru
ev.adriver.ru
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
hb.360yield.com
kimberlite.io
match.new-programmatic.com
match.ohmy.bid
onetag-sys.com
pa.openx.net
pixel.konnektu.ru
px.adhigh.net
rbthre.work
redirect-frontend.weborama-tech.ru
redirect.frontend.weborama.fr
rtb.com.ru
rtb.moe.video
runoffree.bid
s.suprion.ru
sm.rtb.mts.ru
solta-sync.rutarget.ru
sp.ohmy.bid
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.al-adtech.com
ssp.hybrid.ai
ssp.otm-r.com
sync.bumlam.com
sync.crwdcntrl.net
sync.dmp.otm-r.com
sync.dsp.solta.io
sync.gonet-ads.com
sync.opendsp.ru
sync.otm-r.com
sync.programmatica.com
sync.rambler.ru
sync.upravel.com
telegram-vhod.ru
tms.dmp.wi-fi.ru
top-fwz1.mail.ru
v.alfasrv.com
videotarget-sync.rutarget.ru
vma.mts.ru
www.acint.net
x01.aidata.io
yandex.ru
rtb.com.ru
sync.dmp.otm-r.com
v.alfasrv.com
136.144.31.29
138.201.139.144
148.251.237.106
151.101.1.44
158.160.128.78
158.160.158.98
167.235.10.91
167.235.9.235
172.67.140.221
172.67.153.14
176.122.21.226
178.154.212.160
178.170.196.9
185.15.175.145
185.175.47.157
185.65.149.228
188.114.96.3
188.124.47.12
188.42.189.197
188.72.107.205
193.232.150.148
193.3.184.140
193.3.184.25
194.55.244.183
194.55.244.195
195.201.152.105
195.209.109.19
195.209.109.28
213.239.194.43
213.248.44.211
217.199.220.44
217.199.220.72
217.65.2.150
217.66.147.33
217.66.147.40
23.105.255.196
23.109.14.96
23.111.100.20
2606:4700:20::681a:6bd
2a00:1450:4001:801::2003
2a00:1450:4001:81d::200a
2a01:4f8:242:3f8a::2
2a02:6b8::90
2a02:6b8:a::a
31.172.81.147
34.36.214.49
35.190.24.218
37.230.131.16
37.230.131.17
37.9.245.57
45.139.25.124
46.4.104.244
5.101.37.37
51.38.120.206
54.230.228.27
54.72.42.145
84.201.179.252
87.242.127.163
88.212.201.204
89.108.120.76
91.220.120.9
95.163.52.67
0016bd4524b3414e66acb229cdfacf44fccb2787a21c689bbeb490570f019760
027953391c39a3093adae690b00ad1d30fee6c48d879c168cbb66bf03f627ffa
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
06c2aed66c8073d996a7a1b5273b391b87603afbc424596860bd9c68cc99ce33
076b572bc3a5e47814f81f4c9226a635df0a1fbcf22e3dfe49e43e64147049cc
0c809be2c783913c87ab2aff71ce6701c8425af65da48c44a7283a1ea48ca24e
0e253a18f20d5497bba5dc100ef1a433ba25f06fb7946224f50b8d4ded4913eb
11bf84fea7308f566632bc488abe3917347230dbb64c9c71fc71703b1ad1c1d8
139c1c2356cec576f73f5faf70450730255a38e017ec75ad6941d9ffb47a228e
16754e391cf40d9b61e529909d1e2fedd0d056787ade16816d548277194cd011
1d10bdab19ebd5628ab2302d4da3463d70182188c2fd283ea475d6e15bdb458d
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4da9dc8b7e28bed24064a6d09485937392305d6a0b5705b7bd1e9d667c468caa
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4cc2d5669ad1bb831c050c273dbf760a070eb5f413458cf5cd7625c594a583
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
504b4621e486970f8c1721d5297561c9f33296f516c83fbb33a0ff3f4f7c1357
50c27c2ff11fdc5cb88800c4381b11f29779d8bd5a9f3c19a31881bf2b99050f
53a6dea0bae08e1660302e90a358bc756691450c1f48182d95bac2a3803c1086
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
573686b2c958c4fbc7f25726f642ddb0e120971b805c8ff8cd341d98fd1c57ca
5bf26f5c16e35e6c2114a0594f8c5a7079d8bd58779ba47276d5c2e5f052c1f4
68d17341a90b4af7400a9096afe504bf2d21bf378c5f3e594436dbba105afe84
6abe24a2dc126cebd7dd0f387e6aaedfbf9d0d8e36f18c21501309140f727c48
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
74c851e7990d3fb2b90902387d047501c8c744489835a101cf0dfb001807a0aa
7c1e15405a1e924479c6fdccebf89fa6562a9f003b5a012d9def5ae68a6ac6d8
7db1573968df00302c4f8cb84510fcd0da618b9a1d528fdc297741a6b904d9b9
7f408604ae1d507f1d29efd9f57e54d6485d03bf5443b56b20a4d8b55a6c2868
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2
8c8fcd38f9e2d01a5cb910e5237687450a2c4abc94851428fa07f6fefed1dbd7
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
a0371599000508142c79d194a430c399ad7a6df9358bc7d3bb401181978d67f6
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3c1739089b2e3758fcd3bea52fe53a98287fd6f14ad7389b26d34612d3ebaa2
a77bdf507ef026d1a9831cd2be4194a6b05798b59ebe98c06324c66b160a023e
abbebcec9eb194670a2b7a743677759d54d1dc80d34819f2769c0042e096831e
b1b583f3556253b501a0a4c77f0bd1ba754456cf6d7dc169b7ef05871ef57918
b66ebd935138c41878d71a1aaed45271b61cd93cc13d782b555ddc1c36bd1658
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b7df82e9f20e70d49b5f26ab9f84d5d51e1ac27ebff7a3767ab102f63319a9cd
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
cab180c4309ff825f7a5db2db97cf59ba2e33d849360e235b930c497c2cc087c
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
d3d5d8e3aaeec086ae00ad814b3adae7e41462e42a308a09dbce39aaa11572e3
d9956002622af84fe6d7381f28c8022c8ba911a37394fe1ee539dc00ae8a92a7
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e204b27cd10194c2883e916c4ab6f17ff1f775846a0818988627a7bca75e8364
e32b50f21ff741e53f88e03f0a6039785c146456249a365f72e16e1f5e4aa8f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5b2b83ff4eb8184f5079fe95cd285442924ef29bd85a20de91673a8f006f4
e7abbf57ef185de5b6fac7fdd8b74fca3ba9cfdfc8bbeab88af3f646a7109c63
e95b99de83086935662de2b0825f3dba452f397005c843647a14d82004fe2ee2
ec8604d4eade6552031ca2e8d3af9b3a1393bdc11b39dcb8176c41f4e5fb678c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a1a444c42c8ee5566f7bddee744394a542545a6cfc2a0e17560fb5a4984e6f
f9ad6189a89fa41bfd756d25eee3c9f779e2278f4d450a5c936d80353b397505
fc20346a0456f04877b3ca1e36c1dcf68a4ca16994dfb91bf92cc1992d9e898b

telegram-vhod.ru 188.114.96.3 Malicious Activity! Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

163 Requests

78 %HTTPS

10 %IPv6

52 Domains

66 Subdomains

40 IPs

7 Countries

982 kBTransfer

2273 kBSize

68 Cookies

13 Outgoing links

Redirected requests

163 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 19 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

telegram-vhod.ru
188.114.96.3 Malicious Activity! Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

163
Requests

78 %
HTTPS

10 %
IPv6

52
Domains

66
Subdomains

40
IPs

7
Countries

982 kB
Transfer

2273 kB
Size

68
Cookies

163 HTTP transactions
19 data transactions