download-telegram.org Open in urlscan Pro
2a01:230:2::21f Public Scan

Go To Rescan
Add Verdict Report

URL:
http://download-telegram.org/
Submission: On March 13 via manual (March 13th 2023, 12:58:32 pm UTC) from RU — Scanned from DE

Summary HTTP 264 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 55 IPs in 9 countries across 57 domains to perform 264 HTTP transactions. The main IP is 2a01:230:2::21f, located in Russian Federation and belongs to RU-JSCIOT, RU. The main domain is download-telegram.org.

This is the only time download-telegram.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	2a01:230:2::21f 2a01:230:2::21f	29182 (RU-JSCIOT) (RU-JSCIOT)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
11	2606:4700:10:... 2606:4700:10::6816:47c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 19	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
10	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	88.208.46.156 88.208.46.156	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	176.99.5.252 176.99.5.252	49352 (LOGOL-AS) (LOGOL-AS)
10	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
5 21	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1 5	88.208.46.59 88.208.46.59	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	88.208.5.115 88.208.5.115	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 16	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
13	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 24	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a02:6b8::184 2a02:6b8::184	208722 (GLOBAL_DC) (GLOBAL_DC)
2 5	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	35.177.4.157 35.177.4.157	16509 (AMAZON-02) (AMAZON-02)
3 3	193.3.184.137 193.3.184.137	50214 (QWARTA) (QWARTA)
1 1	193.3.184.200 193.3.184.200	50214 (QWARTA) (QWARTA)
4 5	188.42.34.64 188.42.34.64	7979 (SERVERS-COM) (SERVERS-COM)
1 2	63.33.154.254 63.33.154.254	16509 (AMAZON-02) (AMAZON-02)
3 5	54.229.123.96 54.229.123.96	16509 (AMAZON-02) (AMAZON-02)
1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1 1	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
2	37.18.16.16 37.18.16.16	205675 (HYBRID-AS) (HYBRID-AS)
2 3	185.15.175.147 185.15.175.147	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 1	159.69.142.212 159.69.142.212	24940 (HETZNER-AS) (HETZNER-AS)
3 3	89.108.127.68 89.108.127.68	197695 (AS-REG) (AS-REG)
5 5	217.66.147.40 217.66.147.40	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 1	130.193.58.13 130.193.58.13	200350 (YANDEXCLOUD) (YANDEXCLOUD)
1 1	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
1	23.88.12.13 23.88.12.13	24940 (HETZNER-AS) (HETZNER-AS)
1 1	91.192.148.30 91.192.148.30	42481 (BEGUN-AS) (BEGUN-AS)
2 2	193.232.150.69 193.232.150.69	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:e45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	81.222.128.215 81.222.128.215	20597 (ELTEL-AS) (ELTEL-AS)
1	87.242.89.90 87.242.89.90	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	195.201.106.117 195.201.106.117	24940 (HETZNER-AS) (HETZNER-AS)
2 2	188.42.105.236 188.42.105.236	7979 (SERVERS-COM) (SERVERS-COM)
1	148.251.78.49 148.251.78.49	24940 (HETZNER-AS) (HETZNER-AS)
2 2	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
1 1	87.242.93.112 87.242.93.112	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	94.139.255.195 94.139.255.195	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
2	2a02:6b8::36 2a02:6b8::36	208722 (GLOBAL_DC) (GLOBAL_DC)
4 4	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
1	212.32.253.229 212.32.253.229	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	85.192.12.173 85.192.12.173	12695 (DINET-AS) (DINET-AS)
1	37.18.103.22 37.18.103.22	205675 (HYBRID-AS) (HYBRID-AS)
2 2	83.222.114.188 83.222.114.188	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
1	2a02:6b8::28d 2a02:6b8::28d	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	2a02:6b8::487 2a02:6b8::487	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2001:978:7401... 2001:978:7401:1::19	174 (COGENT-174) (COGENT-174)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 9	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
20	2a02:2638::c 2a02:2638::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
264	55

36 2a01:230:2::21f (Russian Federation)

ASN29182 (RU-JSCIOT, RU)

download-telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:6b8:a::a (Moscow, Russian Federation) 8 redirects

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.208.46.156 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

hunterers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.99.5.252 (Russian Federation)

ASN49352 (LOGOL-AS, RU)

installpack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 88.208.46.59 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

dariolunus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.208.5.115 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

mpraven.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 31.220.27.134 (Amsterdam, Netherlands) 2 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.4.157 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-4-157.eu-west-2.compute.amazonaws.com

px.arcspire.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.3.184.137 (Russian Federation) 3 redirects

ASN50214 (QWARTA, RU)
PTR: asrv321.qwarta.ru

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.3.184.200 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.42.34.64 (Luxembourg) 4 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.154.254 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-154-254.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.229.123.96 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-123-96.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
euw-ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

cm.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.18.16.16 (Russian Federation)

ASN205675 (HYBRID-AS, DE)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.15.175.147 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.142.212 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.212.142.69.159.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.108.127.68 (Russian Federation) 3 redirects

ASN197695 (AS-REG, RU)
PTR: srv4.kimberlite.io

kimberlite.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 217.66.147.40 (St Petersburg, Russian Federation) 5 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-40-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.193.58.13 (Russian Federation) 1 redirects

ASN200350 (YANDEXCLOUD, RU)

pixel.konnektu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation) 1 redirects

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.12.13 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.13.12.88.23.clients.your-server.de

nr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.148.30 (Russian Federation) 1 redirects

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.69 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp1.senders.ntvplus.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:e45 (United States)

ASN13335 (CLOUDFLARENET, US)

rtb-eu-warsaw.intent.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.215 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad15.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.242.89.90 (Russian Federation)

ASN208677 (SBERCLOUD-AS, RU)

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.106.117 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.106.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.105.236 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.78.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-8.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.120.76 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.242.93.112 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr15.segmento.ru

yandex-dmp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.139.255.195 (Asbest, Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)

yandex-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::36 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.95.102.105 (Russian Federation) 4 redirects

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.253.229 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

z.cdn.adtarget.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.192.12.173 (Russian Federation)

ASN12695 (DINET-AS, RU)

dmpprof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.22 (Netherlands)

ASN205675 (HYBRID-AS, DE)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 83.222.114.188 (Russian Federation) 2 redirects

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

rtb.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::28d (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

log.strm.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::487 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

strm.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:978:7401:1::19 (United States)

ASN174 (COGENT-174, US)

ext-strm-cogent03.strm.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	yandex.ru 12 redirects yandex.ru — Cisco Umbrella Rank: 1730 mc.yandex.ru — Cisco Umbrella Rank: 3749 an.yandex.ru — Cisco Umbrella Rank: 3601 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 30327 log.strm.yandex.ru — Cisco Umbrella Rank: 21350 strm.yandex.ru — Cisco Umbrella Rank: 18350	265 KB
36	download-telegram.org download-telegram.org	561 KB
31	criteo.net static.criteo.net — Cisco Umbrella Rank: 629 pix.eu.criteo.net — Cisco Umbrella Rank: 7820 csm.eu.criteo.net — Cisco Umbrella Rank: 8170	488 KB
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 134	340 KB
20	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	99 KB
16	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9360	6 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	252 KB
13	yastatic.net yastatic.net — Cisco Umbrella Rank: 7398	457 KB
11	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
11	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3648	32 KB
8	google.de adservice.google.de — Cisco Umbrella Rank: 8720 www.google.de — Cisco Umbrella Rank: 6069	2 KB
7	mts.ru 7 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 40204 tech.rtb.mts.ru — Cisco Umbrella Rank: 47864	4 KB
5	360yield.com 3 redirects match.360yield.com — Cisco Umbrella Rank: 2213 euw-ice.360yield.com — Cisco Umbrella Rank: 12945	1 KB
5	betweendigital.com 4 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1603	3 KB
5	uuidksinc.net 2 redirects s.uuidksinc.net — Cisco Umbrella Rank: 10851 uuidksinc.net — Cisco Umbrella Rank: 10806 d.uuidksinc.net — Cisco Umbrella Rank: 388985	2 KB
5	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 9126 favicon.yandex.net — Cisco Umbrella Rank: 12045 ext-strm-cogent03.strm.yandex.net — Cisco Umbrella Rank: 434465	3 MB
5	dariolunus.com 1 redirects dariolunus.com	24 KB
4	gnezdo.ru 4 redirects fcgi4.gnezdo.ru — Cisco Umbrella Rank: 62834	1 KB
4	googleadservices.com 2 redirects partner.googleadservices.com — Cisco Umbrella Rank: 860 www.googleadservices.com — Cisco Umbrella Rank: 171	17 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	4 KB
3	criteo.com rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 12906 ads.eu.criteo.com — Cisco Umbrella Rank: 8089 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9155	60 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	146 KB
3	kimberlite.io 3 redirects kimberlite.io — Cisco Umbrella Rank: 39227	2 KB
3	digitaltarget.ru 2 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 24619	2 KB
3	hybrid.ai dm.hybrid.ai — Cisco Umbrella Rank: 34294 dm-eu.hybrid.ai — Cisco Umbrella Rank: 16649	797 B
3	acint.net 3 redirects acint.net — Cisco Umbrella Rank: 26782	1 KB
2	com.ru 2 redirects rtb.com.ru — Cisco Umbrella Rank: 53439	2 KB
2	rutarget.ru 2 redirects yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 76783 yandex-sync.rutarget.ru — Cisco Umbrella Rank: 77026	836 B
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 18282	1 KB
2	gonet-ads.com 2 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 24502	578 B
2	adriver.ru ssp.adriver.ru — Cisco Umbrella Rank: 29012	402 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 11767	593 B
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 18781	813 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 201	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	5 KB
1	dmpprof.com dmpprof.com — Cisco Umbrella Rank: 24998	745 B
1	adtarget.me z.cdn.adtarget.me — Cisco Umbrella Rank: 55878	41 B
1	upravel.com sync.upravel.com — Cisco Umbrella Rank: 40249	40 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 20496	69 B
1	bumlam.com sync.bumlam.com — Cisco Umbrella Rank: 3808	390 B
1	1dmp.io sync.1dmp.io — Cisco Umbrella Rank: 15405	155 B
1	intent.ai rtb-eu-warsaw.intent.ai — Cisco Umbrella Rank: 75027	840 B
1	rambler.ru 1 redirects profile.ssp.rambler.ru — Cisco Umbrella Rank: 49627	244 B
1	bidderstack.com nr.bidderstack.com — Cisco Umbrella Rank: 5192	297 B
1	new-programmatic.com 1 redirects match.new-programmatic.com — Cisco Umbrella Rank: 39145	262 B
1	konnektu.ru 1 redirects pixel.konnektu.ru — Cisco Umbrella Rank: 89058	214 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 23927	178 B
1	tns-counter.ru 1 redirects cm.tns-counter.ru — Cisco Umbrella Rank: 76248	385 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 1842	467 B
1	bluevoox.com im.bluevoox.com — Cisco Umbrella Rank: 12904	241 B
1	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 31755	698 B
1	arcspire.io 1 redirects px.arcspire.io — Cisco Umbrella Rank: 71920	317 B
1	mpraven.org mpraven.org — Cisco Umbrella Rank: 701782	567 B
1	installpack.net installpack.net	713 B
1	hunterers.com hunterers.com	9 KB
0	semantiqo.com Failed sonar.semantiqo.com Failed
0	whiteboxdigital.ru Failed mitdmp.whiteboxdigital.ru Failed
264	57

	Domain	Requested by
36	download-telegram.org	download-telegram.org
24	an.yandex.ru	1 redirects yandex.ru download-telegram.org
20	pix.eu.criteo.net	ads.eu.criteo.com
19	yandex.ru	8 redirects download-telegram.org yandex.ru yastatic.net
16	mc.yandex.com	3 redirects download-telegram.org mc.yandex.ru
16	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com download-telegram.org googleads.g.doubleclick.net www.googleadservices.com
14	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	yastatic.net	yandex.ru download-telegram.org yastatic.net
11	static.addtoany.com	download-telegram.org static.addtoany.com
10	fonts.gstatic.com	fonts.googleapis.com download-telegram.org
10	pagead2.googlesyndication.com	download-telegram.org pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
9	www.google.com	4 redirects tpc.googlesyndication.com
9	static.criteo.net	ads.eu.criteo.com
6	www.google.de
5	sm.rtb.mts.ru	5 redirects
5	ads.betweendigital.com	4 redirects download-telegram.org
5	dariolunus.com	1 redirects download-telegram.org dariolunus.com
5	mc.yandex.ru	2 redirects download-telegram.org yastatic.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	fcgi4.gnezdo.ru	4 redirects
4	cm.g.doubleclick.net	download-telegram.org uuidksinc.net
4	fonts.googleapis.com	download-telegram.org googleads.g.doubleclick.net
3	www.googleadservices.com	2 redirects yastatic.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	kimberlite.io	3 redirects
3	dmg.digitaltarget.ru	2 redirects uuidksinc.net
3	match.360yield.com	1 redirects download-telegram.org
3	acint.net	3 redirects
2	csm.eu.criteo.net	ads.eu.criteo.com
2	rtb.com.ru	2 redirects
2	d.uuidksinc.net	uuidksinc.net
2	favicon.yandex.net	download-telegram.org
2	x01.aidata.io	2 redirects
2	sync.gonet-ads.com	2 redirects
2	ssp.adriver.ru	download-telegram.org
2	redirect.frontend.weborama.fr	2 redirects
2	px.adhigh.net	2 redirects
2	tech.rtb.mts.ru	2 redirects
2	euw-ice.360yield.com	2 redirects
2	dm.hybrid.ai	download-telegram.org
2	dpm.demdex.net	1 redirects download-telegram.org
2	s.uuidksinc.net	2 redirects
2	avatars.mds.yandex.net	download-telegram.org
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl3.eu.criteo.com	download-telegram.org
1	ext-strm-cogent03.strm.yandex.net	download-telegram.org
1	strm.yandex.ru	1 redirects
1	log.strm.yandex.ru	yastatic.net
1	dm-eu.hybrid.ai	uuidksinc.net
1	dmpprof.com	uuidksinc.net
1	z.cdn.adtarget.me	uuidksinc.net
1	uuidksinc.net	dariolunus.com
1	yandex-sync.rutarget.ru	1 redirects
1	yandex-dmp-sync.rutarget.ru	1 redirects
1	sync.upravel.com	download-telegram.org
1	sync.dmp.otm-r.com	download-telegram.org
1	sync.bumlam.com	download-telegram.org
1	sync.1dmp.io	download-telegram.org
1	rtb-eu-warsaw.intent.ai	download-telegram.org
1	profile.ssp.rambler.ru	1 redirects
1	nr.bidderstack.com	download-telegram.org
1	match.new-programmatic.com	1 redirects
1	pixel.konnektu.ru	1 redirects
1	exchange.buzzoola.com	1 redirects
1	cm.tns-counter.ru	1 redirects
1	t.adx.opera.com	download-telegram.org
1	im.bluevoox.com	download-telegram.org
1	ssp-rtb.sape.ru	1 redirects
1	px.arcspire.io	1 redirects
1	ysa-static.passport.yandex.ru	download-telegram.org
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	mpraven.org	hunterers.com
1	installpack.net	download-telegram.org
1	hunterers.com	download-telegram.org
0	sonar.semantiqo.com Failed	download-telegram.org
0	mitdmp.whiteboxdigital.ru Failed	download-telegram.org
264	80

This site contains links to these domains. Also see Links.

Domain
icons8.ru
www.addtoany.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
download-telegram.org R3	`2023-02-18` - `2023-05-19`	3 months	crt.sh
hunterers.com R3	`2023-01-24` - `2023-04-24`	3 months	crt.sh
installpack.net R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
dariolunus.com R3	`2023-02-17` - `2023-05-18`	3 months	crt.sh
mpraven.org R3	`2023-01-11` - `2023-04-11`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-21` - `2023-04-21`	6 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2023-03-06` - `2023-10-06`	7 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
*.bidderstack.com Go Daddy Secure Certificate Authority - G2	`2022-11-20` - `2023-11-18`	a year	crt.sh
*.intent.ai GTS CA 1P5	`2023-02-10` - `2023-05-11`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
sync.1dmp.io R3	`2023-01-31` - `2023-05-01`	3 months	crt.sh
*.bumlam.com R3	`2023-02-09` - `2023-05-10`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
*.upravel.com GlobalSign GCC R3 DV TLS CA 2020	`2022-03-28` - `2023-04-29`	a year	crt.sh
favicon.yandex.net GlobalSign ECC OV SSL CA 2018	`2023-01-14` - `2023-06-15`	5 months	crt.sh
uuidksinc.net R3	`2023-01-14` - `2023-04-14`	3 months	crt.sh
adtarget.me R3	`2023-02-01` - `2023-05-02`	3 months	crt.sh
dmpprof.com R3	`2023-01-19` - `2023-04-19`	3 months	crt.sh
dmg.digitaltarget.ru R3	`2023-01-16` - `2023-04-16`	3 months	crt.sh
log.strm.yandex.ru GlobalSign RSA OV SSL CA 2018	`2022-12-16` - `2023-05-15`	5 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-04-05`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-06-04`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-18` - `2023-05-20`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh

This page contains 18 frames:

Primary Page: http://download-telegram.org/
Frame ID: 02563143751B5F341F40DD440FBBB4CE
Requests: 115 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: F84C76C5E13ADD9C2DEAB5A56852C211
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20190131/zrt_lookup.html
Frame ID: CC40E1815F9D2020346FE47AD4A2AFD1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5409240997335254&output=html&adk=1812271804&adf=3025194257&lmt=1678712305&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_r&format=0x0&url=http%3A%2F%2Fdownload-telegram.org%2F&ea=0&pra=5&wgl=1&dt=1678712305109&bpp=6&bdt=582&idt=414&shv=r20230308&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3124037108964&frm=20&pv=2&ga_vid=29744030.1678712306&ga_sid=1678712306&ga_hid=2014452662&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44777877%2C31072715%2C44774292&oid=2&pvsid=4424320484458750&tmod=1846162653&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=480
Frame ID: 6B690E975AD99BCD670490576E43D70A
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: 70254604DF8F11918D8554B7406521E1
Requests: 64 HTTP requests in this frame

Frame: https://dariolunus.com/js/cs?uuid=a78b46fc-d78c-42e0-b4af-bd9b15fbc5cc&oid=1wAYbu8DI5D9rynoQVUZ
Frame ID: 50EBD773CEC8A026860967570D662E7B
Requests: 1 HTTP requests in this frame

Frame: https://uuidksinc.net/matchx
Frame ID: 79795DAF041C6BC8D17D51F5374ED157
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1
Frame ID: 53FD08C0CCA96AA703057DD06DFA99B8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1
Frame ID: 558BDC60F6E15FD6234D7743BC413309
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1
Frame ID: 510D5CFC366983F593F03D2D082F590C
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZA8d8QAKZ8sEwsGuAAr0mwdCUmtRjZatPY5CMA&u=%7CbX1yiK3ZVptVtWd95ISrBMBJpjLs2zJUXHxjzme1DxQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAylUMGpeR7vM2_SSptuUfW1y6VvWCsHhhQhv5e0h5gREK8RQyYTD7t1a4dX_RW0XNIqC-us9jd_vb7R2YWjTNqEt4X4pZAvCcTgF_ZQOoGI9piNfEhWQJ7zIzUNG96FT9nm53zmfEx1Uu4NX002M3deN9_aOqqR3xmtqRz_CU3fcL8axl1kIHM6MX98qksSLPXK2C-V12QbHjfAFYyKW105r_37f0PhaU3Nf6mWRrtthHo3TgKRxapIYXJPtzjRnWcJJsnKVfZUp0ew0-YYPq5gD2VDlyZcRBXNPbUwSvcft-Q88qxz-PZ02ZWJ2ERj0gokFvc0fEA3Jwm-Ujzs3TCCcXzaLzv6To7peZnr9m9orcHBsXEs2ug7RoJRvxeuqQPL8vMkN9kB5XFTbNcAEqshjSOOVAhYVkcWPFKMf-EMyAUSK--QQNOc3SvaOyWprfxGF3jhTqtLn6UnLvngUdvykOsYtzecpvFnCfEXL-7FEqZh99GVnQ5Ed8uizZEzbYto2MYJ0dIBXbTfpDAeMuBvnosm19_Rm7A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYffh8R0PZMvPKa6Di9YPm-mr-AfJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MDkyNDA5OTczMzUyNTTIAQmpAmuZ0ioc_rE-qAMByAMCqgT1AU_QP_CCRQfQlWACwCSHb6641VV6CelIRZYSeygaLd_CVQ2UufeLh45xZdYAW-fkB0UipD12nQwQZScWFDvRDA9wYjyIbTSa9vZyXzYo97GjxtISriCKqBAaORbK9WCRns5038A3DuEpIcJPnSw_78evg28Ik_EweDFAAr_Fazg8xSHlGL35Ci1pB_4qji97AV5nG7vpb5IaCs7h6Lkpep8KX_h7OcoS6yNFNgcCOfP_s5sJplj_OhbaEQ2SO7DbM75niga8qg4z9JQdUMWrzSkaHfHFRy5p2oXKJqPjQOwTW190C1GcsEdPlu93rHBVeef0InAigAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ORIp_VUe3kSDNjlHQZ3v1hhtVWQ%26client%3Dca-pub-5409240997335254%26adurl%3D
Frame ID: 27113471AB9ABBA80BAD9ED5ECBEB859
Requests: 34 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 6D25FE5D9AA18A689F69D8A8C1C1B85C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 50E93E1D3B863181E806466DE326CD0A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 088A9907A47F0017B2F7CF6175C8AE56
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js
Frame ID: 319171739C4A097E2F2DA6D7745F8C2B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js
Frame ID: 3DF9FD37F1F59C336849A4F38C93F838
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EE5B94EDF3AC889698DEF9DA1B0AB328
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 853B44C1E65653FB0B4485E2D69DA047
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Про мессенджер Telegram: загрузка приложения, полезные советы

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

264
Requests

81 %
HTTPS

43 %
IPv6

57
Domains

80
Subdomains

55
IPs

9
Countries

6137 kB
Transfer

10145 kB
Size

67
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://icons8.ru/
Title: icons8

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=http%3A%2F%2Fdownload-telegram.org%2F&title=%D0%9F%D1%80%D0%BE%20%D0%BC%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20Telegram%3A%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%2C%20%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B
Title: Отправить

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9941.rZ89nVZYnEhBRc2H2WZ44M_OBn0DdQMTITYWP4kyoLMCStB95QookmVI5-JhbXD2.F22D_nMJb_2rSVPXyvhuMZ8VhM8%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9941.QTq1rqJVjiJBMBquz-r7LX14kxwb2klMJ8xxhlo7iqoqq7wku3noHbnuj2AyEi3v7M-HJBXkZibzKRhkV8fLA61hPYD857Bbk11bYKOFbZ4tue0_y-5oMC3L-LsGs52Dxth2KMaFzSPTamosFO-JsGK_Ga8V0Ax3VNnAAZzwzWOMJnvHTU5MDvU-BONC5DNuWURZiHrk83qipX0CZ7dqvrw8b2g4tnpBujla7XElfTo%2C.b-lpsOUi-bySKR0Jc93iyUhwVQM%2C

Request Chain 89

https://dariolunus.com/js/cs?uuid=a78b46fc-d78c-42e0-b4af-bd9b15fbc5cc HTTP 302
https://s.uuidksinc.net/match/1165/?remote_uid=a78b46fc-d78c-42e0-b4af-bd9b15fbc5cc&cb_url=https%3A%2F%2Fdariolunus.com%2Fjs%2Fcs%3Fuuid%3Da78b46fc-d78c-42e0-b4af-bd9b15fbc5cc%26oid%3D%5BUID%5D HTTP 302
https://dariolunus.com/js/cs?uuid=a78b46fc-d78c-42e0-b4af-bd9b15fbc5cc&oid=1wAYbu8DI5D9rynoQVUZ

Request Chain 91

https://mc.yandex.com/watch/1961151?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A1639979038165%3Ahid%3A793930901%3Az%3A0%3Ai%3A20230313125825%3Aet%3A1678712306%3Ac%3A1%3Arn%3A648122219%3Au%3A1678712305538391132%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1678712304172%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678712306%3At%3A%D0%9F%D1%80%D0%BE%20%D0%BC%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20Telegram%3A%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%2C%20%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B&t=gdpr(14)mc(p-1)clc(0-0-0)lt(35200)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/1961151/1?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A1639979038165%3Ahid%3A793930901%3Az%3A0%3Ai%3A20230313125825%3Aet%3A1678712306%3Ac%3A1%3Arn%3A648122219%3Au%3A1678712305538391132%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1678712304172%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678712306%3At%3A%D0%9F%D1%80%D0%BE%20%D0%BC%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20Telegram%3A%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%2C%20%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29lt%2835200%29aw%281%29ti%282%29

Request Chain 92

https://mc.yandex.com/watch/28975340?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A689%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1192532992562%3Ahid%3A793930901%3Az%3A0%3Ai%3A20230313125825%3Aet%3A1678712305%3Ac%3A1%3Arn%3A215085470%3Arqn%3A1%3Au%3A1678712305538391132%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A247%2C50%2C55%2C103%2C0%2C0%2C%2C395%2C7%2C%2C%2C%2C851%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1678712304172%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678712306%3At%3A%D0%9F%D1%80%D0%BE%20%D0%BC%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20Telegram%3A%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%2C%20%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/28975340/1?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A689%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1192532992562%3Ahid%3A793930901%3Az%3A0%3Ai%3A20230313125825%3Aet%3A1678712305%3Ac%3A1%3Arn%3A215085470%3Arqn%3A1%3Au%3A1678712305538391132%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A247%2C50%2C55%2C103%2C0%2C0%2C%2C395%2C7%2C%2C%2C%2C851%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1678712304172%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678712306%3At%3A%D0%9F%D1%80%D0%BE%20%D0%BC%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20Telegram%3A%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%2C%20%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 97

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389 HTTP 307
https://an.yandex.ru/mapuid/arcspireis/40c343949edcdf4eb8c3f6

Request Chain 98

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D HTTP 302
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=1C03420AF21D0F64B200F12E02297C0E&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/sapeis/0100007FF21D0F6470054DA5023129DF

Request Chain 99

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/8ed9d56f-3fc2-5248-af48-5290cb474f62

Request Chain 100

https://yandex.ru/an/mapuid/adobedmp/ HTTP 302
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=95D3085BC1AFEAE7 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=95D3085BC1AFEAE7

Request Chain 101

https://yandex.ru/an/mapuid/azerionis/ HTTP 302
https://match.360yield.com/match?external_user_id=9F10B48DEEF125D3&publisher_dsp_id=429&publisher_call_type=redirect HTTP 302
https://match.360yield.com/ul_cb/match?external_user_id=9F10B48DEEF125D3&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 103

https://yandex.ru/an/mapuid/betweenx/ HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=E8F361AC5B5B281F HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=E8F361AC5B5B281F&crf=1

Request Chain 104

https://yandex.ru/an/mapuid/blueseaxcom/ HTTP 302
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=82634EF002468EC9

Request Chain 106

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=190F90FC64F5D32A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 107

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=190F90FC64F5D32A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 108

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=190F90FC64F5D32A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 109

https://yandex.ru/an/mapuid/operacom/ HTTP 302
https://t.adx.opera.com/sync?vendor=60143&uid=4B3A26A4BD147F4E

Request Chain 111

https://cm.tns-counter.ru/yacm HTTP 302
https://an.yandex.ru/mapuid/mediascope/cd1f3fca65ba21b0e6005c1bfb2112fe7008b2590f018ca37106b4077a0f42dc

Request Chain 114

https://dmg.digitaltarget.ru/1/119/i/i?i=1678712305 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1678712306231&i=1678712305 HTTP 307
https://an.yandex.ru/mapuid/dmpamberdata/aYAsNsuNkkMRhk67U5Qp

Request Chain 115

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID} HTTP 302
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/azerionis/1d70c21b-7f58-4bb5-9d4a-5fa10b3ca0ac HTTP 302
https://match.360yield.com/match?external_user_id=1d70c21b-7f58-4bb5-9d4a-5fa10b3ca0ac&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 116

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D HTTP 301
https://an.yandex.ru/mapuid/buzzooladspis/71a73510-e5ac-4fa5-66a6-1219a383eb05

Request Chain 117

https://kimberlite.io/rtb/sync/yandex HTTP 307
https://ads.betweendigital.com/match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsoltadspis%252FZA8d8lDkzIE%26n%3D1 HTTP 302
https://kimberlite.io/rtb/sync/between2?u=8ed9d56f-3fc2-5248-af48-5290cb474f62&f=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FZA8d8lDkzIE&n=1 HTTP 307
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZA8d8lDkzIE HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZA8d8lDkzIE HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=e5f9344c-6572-41d9-98db-1667181638ab&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D59%2526em%253D1%2526ssp%253Dkonnektu%2526id%253D%257BUSER_ID%257D HTTP 302
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D HTTP 302
https://sm.rtb.mts.ru/em?next=59&em=1&ssp=konnektu&id= HTTP 301
https://kimberlite.io/rtb/sync/mts?u=e5f9344c-6572-41d9-98db-1667181638ab HTTP 307
https://an.yandex.ru/mapuid/soltadspis/ZA8d8lDkzIE

Request Chain 118

https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
https://an.yandex.ru/mapuid/targetrtbis/

Request Chain 121

https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 122

https://px.adhigh.net/p/cm/yandexssp HTTP 302
https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
https://an.yandex.ru/mapuid/getintentis/POfMEd3lUDD.AikABlGG2wz7Ew

Request Chain 123

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1599192620 HTTP 302
https://an.yandex.ru/mapuid/dmpweborama/noqTF1yJTh4bUvL5.kKUjO

Request Chain 125

https://s.uuidksinc.net/match/501 HTTP 302
https://an.yandex.ru/mapuid/kadamis/1wAYbu8DI5D9rynoQVUZ

Request Chain 126

https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=abd2b9de-dc14-4c1d-9022-a059f9d39d2b&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Fabd2b9de-dc14-4c1d-9022-a059f9d39d2b HTTP 302
https://an.yandex.ru/mapuid/mtsdspis/abd2b9de-dc14-4c1d-9022-a059f9d39d2b

Request Chain 133

https://sync.gonet-ads.com/match/yandex?id=[buyerUid] HTTP 302
https://sync.gonet-ads.com/match/yandex?id=%5BbuyerUid%5D&chk=1 HTTP 302
https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

Request Chain 135

https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/pMTOADNGu8JvoZaQUfytlg?sign=742231173

Request Chain 136

https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/dmpsegmento/DDd6fw3MTozN?sign=740188194

Request Chain 137

https://yandex-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/rutargetis/ErAn4BfuxOJc

Request Chain 150

https://mc.yandex.ru/watch/39370120?vsid=d6ae78f8651f56e46c9b59534b24c60949bd870a42abxVASx5032x1678712305 HTTP 302
https://mc.yandex.ru/watch/39370120/1?vsid=d6ae78f8651f56e46c9b59534b24c60949bd870a42abxVASx5032x1678712305

Request Chain 151

https://fcgi4.gnezdo.ru/cookie_matching/kadam/1wAYbu8DI5D9rynoQVUZ HTTP 302
https://fcgi4.gnezdo.ru/cookie_matching/kadam/1wAYbu8DI5D9rynoQVUZ/?redirect=1 HTTP 302
https://d.uuidksinc.net/match/216/?remote_uid=XV9maWQPHfIVgXPacdTdAg==

Request Chain 155

https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/1wAYbu8DI5D9rynoQVUZ HTTP 302
https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/1wAYbu8DI5D9rynoQVUZ/?redirect=1 HTTP 302
https://d.uuidksinc.net/match/493/?remote_uid=XV9maWQPHfIVgXPacdTdAg==

Request Chain 156

https://rtb.com.ru/kadam-sync?uid=1wAYbu8DI5D9rynoQVUZ HTTP 302
https://rtb.com.ru/sync?noRedirect=&sspKey=60&sspUserID=1wAYbu8DI5D9rynoQVUZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=640f1df21504a0467960abcf&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D640f1df21504a0467960abcf%26duid%3D1wAYbu8DI5D9rynoQVUZ%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D640f1df21504a0467960abcf%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D640f1df21504a0467960abcf%252526i%25253D6498534098283289795%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D640f1df21504a0467960abcf%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D640f1df21504a0467960abcf%2525252526nc%252525253D1399135144058746673%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D640f1df21504a0467960abcf%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252FbLvHtWv5iEWupUTRPfQKCX%2525252525253Fsign%2525252525253D208187977%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D640f1df21504a0467960abcf

Request Chain 161

https://strm.yandex.ru/vh-canvas-converted/vod-content/863491721736985975/f455d3ad-06e2-413e-8c7a-fcc3f766d6f1/webm/VP8_640_360_1000.webm?vsid=d6ae78f8651f56e46c9b59534b24c60949bd870a42abxVASx5032x1678712305 HTTP 302
https://ext-strm-cogent03.strm.yandex.net/vh-canvas-converted/vod-content/863491721736985975/f455d3ad-06e2-413e-8c7a-fcc3f766d6f1/webm/VP8_640_360_1000.webm?vsid=d6ae78f8651f56e46c9b59534b24c60949bd870a42abxVASx5032x1678712305&noredir=1&lid=1503

Request Chain 203

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 228

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 236

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9B0PZOq8Afi2mLAPwP2VwAQ&random=743168374&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=743168374&crd=&is_vtc=1&random=1656864664 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=743168374&crd=&is_vtc=1&random=1656864664&ipr=y

Request Chain 237

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9B0PZIC_AcfK1ga31bKgBA&random=1071111995&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1071111995&crd=&is_vtc=1&random=4283111948 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1071111995&crd=&is_vtc=1&random=4283111948&ipr=y

264 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
download-telegram.org/ 189 KB
47 KB 353ms
55ms Document
text/html 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 / PHP/7.4.19
Resource Hash: d0b3bc79248fc4404d4acb213f9585f7a52fc97273718a7f26045074b6da0bb0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=3, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 13 Mar 2023 12:58:24 GMT
Server: nginx/1.16.1
Transfer-Encoding: chunked
Vary: Accept-Encoding, Cookie
X-Cache: HIT
X-Powered-By: PHP/7.4.19

GET
H/1.1 200
OK style.min.css
download-telegram.org/wp-includes/css/dist/block-library/ 93 KB
13 KB 56ms
55ms Stylesheet
text/css 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:58:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Nov 2022 23:29:55 GMT
Server: nginx/1.16.1
ETag: W/"637420f3-172a9"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Tue, 14 Mar 2023 12:58:24 GMT

GET
H/1.1 200
OK classic-themes.min.css
download-telegram.org/wp-includes/css/ 217 B
517 B 107ms
52ms Stylesheet
text/css 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:58:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Nov 2022 05:19:29 GMT
Server: nginx/1.16.1
ETag: W/"6371cfe1-d9"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Tue, 14 Mar 2023 12:58:24 GMT

GET
H/1.1 200
OK styles.min.css
download-telegram.org/wp-content/plugins/expert-review/assets/public/css/ 100 KB
10 KB 108ms
53ms Stylesheet
text/css 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-content/plugins/expert-review/assets/public/css/styles.min.css?ver=1.7.0
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: b9f3ff3b4033aca5254266b9eeb88ec4f163462a9082b7ec6c039bc640a6c524

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:58:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Nov 2021 04:38:28 GMT
Server: nginx/1.16.1
ETag: W/"6180c0c4-18feb"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Tue, 14 Mar 2023 12:58:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 45ms
19ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7CUbuntu%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.1.1

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

18475b9108d7b371ac408a1c2feb6be285f485aa0bb556ec267c66ba5281282e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Mar 2023 12:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 12:58:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Mar 2023 12:58:24 GMT

GET
H/1.1 200
OK style.min.css
download-telegram.org/wp-content/themes/download-telegram/assets/css/ 223 KB
42 KB 108ms
54ms Stylesheet
text/css 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-content/themes/download-telegram/assets/css/style.min.css?ver=1.4.9
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 6f82a27bc12d72baa63167352a41b5452b402fba4f7c6d95a1710744f74c86b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:58:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Oct 2022 14:58:32 GMT
Server: nginx/1.16.1
ETag: W/"633af898-37db4"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Tue, 14 Mar 2023 12:58:24 GMT

GET
H/1.1 200
OK addtoany.min.css
download-telegram.org/wp-content/plugins/add-to-any/ 1 KB
817 B 110ms
56ms Stylesheet
text/css 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:58:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 09:07:47 GMT
Server: nginx/1.16.1
ETag: W/"63340ee3-5ef"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Tue, 14 Mar 2023 12:58:24 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 67ms
25ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c5cc47eb8499efe3f4353bc50b38690756e78da21b0e158e14293b39c5ef812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:24 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 128524
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 11 Jan 2023 01:11:30 GMT
server: cloudflare
etag: W/"c04-5f1f2ae2e431b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 7a7472c11f852c5b-FRA

GET
H/1.1 200
OK jquery.min.js Show response
download-telegram.org/wp-includes/js/jquery/ 88 KB
31 KB 114ms
58ms Script
application/javascript 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:58:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Nov 2022 05:19:29 GMT
Server: nginx/1.16.1
ETag: W/"6371cfe1-15e54"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Tue, 14 Mar 2023 12:58:24 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
download-telegram.org/wp-includes/js/jquery/ 11 KB
4 KB 160ms
64ms Script
application/javascript 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:58:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Dec 2020 12:43:01 GMT
Server: nginx/1.16.1
ETag: W/"5fdca3d5-2bd8"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Tue, 14 Mar 2023 12:58:24 GMT

GET
H/1.1 200
OK addtoany.min.js Show response
download-telegram.org/wp-content/plugins/add-to-any/ 129 B
468 B 52ms
50ms Script
application/javascript 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:58:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 09:07:47 GMT
Server: nginx/1.16.1
ETag: W/"63340ee3-81"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Tue, 14 Mar 2023 12:58:24 GMT

GET
H/1.1 200
OK wpshop-core.ttf
download-telegram.org/wp-content/themes/download-telegram/assets/fonts/ 57 KB
58 KB 160ms
53ms Font
application/octet-stream 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-content/themes/download-telegram/assets/fonts/wpshop-core.ttf
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 973408bd1a1da181c7eaa9293c0cd095f3836a76b626bc76af21e1cd96b5dcde

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:58:24 GMT
Last-Modified: Mon, 03 Oct 2022 14:58:32 GMT
Server: nginx/1.16.1
ETag: "633af898-e52c"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58668

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 283 KB
84 KB 224ms
78ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6e6509f577cb8d5f929606fd9c2c6fe454b6bd51e94eaceee14a39d5e507db39

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1678712304939805-6422085631749829088-sas2-0451-sas-l7-balancer-8080-BAL-3531
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 13 Mar 2023 13:58:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
48 KB 170ms
124ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c243586c593f49af9813b2c108792d4dca87282095e310d95794d022cbd115db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48784
x-xss-protection: 0
server: cafe
etag: 8649047402408327200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Mar 2023 12:58:24 GMT

GET
H2 200 logo-website-96.png
download-telegram.org/wp-content/uploads/2022/10/ 3 KB
3 KB 193ms
52ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2022/10/logo-website-96.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

106c8edc4d0efd3fa76416d64a5758928d2b68549945c0192058979a881ebd40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:24 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 04 Oct 2022 11:59:17 GMT
server: nginx/1.16.1
etag: "633c2015-c66"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3174
expires: Tue, 14 Mar 2023 12:58:24 GMT

GET
H/1.1 200
OK mSetupWidget Show response
hunterers.com/api/scripts/ 36 KB
9 KB 90ms
34ms Script
text/javascript 88.208.46.156
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hunterers.com/api/scripts/mSetupWidget?id=212
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.156 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: openresty / PHP/8.0.27
Resource Hash: 25602fcd92d50d8b56dd16d9b1a79e0b969981feb85b2f016c0825a769eafc18

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:58:24 GMT
Content-Encoding: gzip
Server: openresty
Connection: keep-alive
X-Powered-By: PHP/8.0.27
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
download-telegram.org/wp-includes/js/ 18 KB
5 KB 55ms
53ms Script
application/javascript 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:58:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 09:07:00 GMT
Server: nginx/1.16.1
ETag: W/"63340eb4-48b9"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Tue, 14 Mar 2023 12:58:24 GMT

GET
H2 200 logo-website-32.png
download-telegram.org/wp-content/uploads/2022/10/ 1 KB
2 KB 194ms
53ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2022/10/logo-website-32.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

6b829fb8f86ef0240affa313e529bbd854e648938d97a5c38645f0335205b504

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:24 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 04 Oct 2022 11:59:15 GMT
server: nginx/1.16.1
etag: "633c2013-5b6"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1462
expires: Tue, 14 Mar 2023 12:58:24 GMT

GET
H/1.1 200
OK scripts.min.js Show response
download-telegram.org/wp-content/plugins/expert-review/assets/public/js/ 12 KB
4 KB 55ms
53ms Script
application/javascript 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-content/plugins/expert-review/assets/public/js/scripts.min.js?ver=1.7.0
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 68d17341a90b4af7400a9096afe504bf2d21bf378c5f3e594436dbba105afe84

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:58:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Nov 2021 04:38:28 GMT
Server: nginx/1.16.1
ETag: W/"6180c0c4-2f87"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Tue, 14 Mar 2023 12:58:24 GMT

GET
H/1.1 200
OK scripts.min.js Show response
download-telegram.org/wp-content/themes/download-telegram/assets/js/ 52 KB
10 KB 54ms
51ms Script
application/javascript 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://download-telegram.org/wp-content/themes/download-telegram/assets/js/scripts.min.js?ver=1.4.9
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 80042a2ba4be8704e8b41ec93c8e81a2c6df1f2b4176b272fefa2611a5af30b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:58:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Oct 2022 14:58:32 GMT
Server: nginx/1.16.1
ETag: W/"633af898-d14f"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Tue, 14 Mar 2023 12:58:24 GMT

GET
DATA 200
OK truncated
/ 969 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 401503518894f575673732c689a7885c78bb615900c0c3f726765eb4ce6aa799

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK icons.svg
installpack.net/wp-content/themes/installpack/images/ 621 B
713 B 209ms
57ms Image
image/svg+xml 176.99.5.252
LOGOL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://installpack.net/wp-content/themes/installpack/images/icons.svg

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

176.99.5.252 , Russian Federation, ASN49352 (LOGOL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

54bc30a4cd8464bb75013d18866ffa4f74e08d1ffe3238e0100770ada8947969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:58:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 24 Apr 2018 13:24:09 GMT
Server: nginx
ETag: W/"5adf2ff9-26d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Tue, 12 Mar 2024 12:58:24 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 63ms
5ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7CUbuntu%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 16:23:53 GMT
x-content-type-options: nosniff
age: 419671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 16:23:53 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2
fonts.gstatic.com/s/ubuntu/v20/ 18 KB
18 KB 90ms
32ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7CUbuntu%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caeaf02fa4a8a45438c270767c4e50fc7f3ed5f94a4c90984eaacb87c2e8a693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:53:32 GMT
x-content-type-options: nosniff
age: 450292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18200
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:10:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 07:53:32 GMT

GET
H2 200 4iCs6KVjbNBYlgoKew72j00.woff2
fonts.gstatic.com/s/ubuntu/v20/ 20 KB
20 KB 82ms
25ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7CUbuntu%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:34:46 GMT
x-content-type-options: nosniff
age: 282218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20860
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:15:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 06:34:46 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 66ms
9ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7CUbuntu%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:06:08 GMT
x-content-type-options: nosniff
age: 276736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 08:06:08 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
29 KB 93ms
37ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7CUbuntu%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 15:36:23 GMT
x-content-type-options: nosniff
age: 249721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 15:36:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 72ms
15ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7CUbuntu%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 341568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 14:05:36 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
34 KB 81ms
34ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7CUbuntu%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:21:56 GMT
x-content-type-options: nosniff
age: 322588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 19:21:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 68ms
22ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%7CUbuntu%3A400%2C400i%2C700&subset=cyrillic&display=swap&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:23:47 GMT
x-content-type-options: nosniff
age: 473677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 01:23:47 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 211 KB
73 KB 255ms
126ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-11fef"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73711
expires: Mon, 13 Mar 2023 13:58:25 GMT

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame F84C 677 B
541 B 36ms
25ms Document
text/html 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1076113
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 7a7472c1b8a02c5b-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 13 Mar 2023 12:58:24 GMT
etag: W/"2a5-5edb40e6d10d8"
last-modified: Fri, 18 Nov 2022 00:47:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e2s
x-content-type-options: nosniff

GET
H3 200 core.26680508.js Show response
static.addtoany.com/menu/modules/ 69 KB
25 KB 48ms
21ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.26680508.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73cfb0ed71e314a835831530e27ba1fde5609b224781f7dbc2dd3eb9a08603cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:24 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 134666
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 11 Jan 2023 01:11:29 GMT
server: cloudflare
etag: W/"11452-5f1f2ae24215b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 7a7472c1cc2b9238-FRA

GET
H2 200 seksualnyj-nabor-stikery-dlya-telegram-150x150.png
download-telegram.org/wp-content/uploads/2017/01/ 8 KB
9 KB 55ms
50ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2017/01/seksualnyj-nabor-stikery-dlya-telegram-150x150.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

266d747bc2251130403b329830c637ae7aff70c14b8672adaeb3490e6726b4e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:24 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:11:29 GMT
server: nginx/1.16.1
etag: "5fdc9c71-21d9"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 8665
expires: Tue, 14 Mar 2023 12:58:24 GMT

GET
H2 200 gay-ok-animirovannye-1-100x100.png
download-telegram.org/wp-content/uploads/2019/12/ 10 KB
10 KB 59ms
51ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2019/12/gay-ok-animirovannye-1-100x100.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

d9f5a7bb86b216f27dfde6db9d0a65689c3bd94e63348d084489791df472533c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:24 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:20:19 GMT
server: nginx/1.16.1
etag: "5fdc9e83-27b6"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10166
expires: Tue, 14 Mar 2023 12:58:24 GMT

GET
H2 200 van-pis-8-100x100.png
download-telegram.org/wp-content/uploads/2019/12/ 12 KB
12 KB 103ms
95ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2019/12/van-pis-8-100x100.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

4958607da2a850ef6629c21420710b7c9fec2b0de527bcad62d9d88f54f079a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:24 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:33:00 GMT
server: nginx/1.16.1
etag: "5fdca17c-2f8c"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 12172
expires: Tue, 14 Mar 2023 12:58:24 GMT

GET
H2 200 v-rotik-ili-na-zhivotik-6-100x100.png
download-telegram.org/wp-content/uploads/2019/12/ 12 KB
12 KB 109ms
101ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2019/12/v-rotik-ili-na-zhivotik-6-100x100.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

9f3f0ace3076a9187e441c0a7dc34ec29b87b6c673317f0f59e5741a75918b41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:24 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:32:49 GMT
server: nginx/1.16.1
etag: "5fdca171-2e97"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 11927
expires: Tue, 14 Mar 2023 12:58:24 GMT

GET
H2 200 braun-i-koni-3-100x100.png
download-telegram.org/wp-content/uploads/2019/12/ 13 KB
13 KB 110ms
102ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2019/12/braun-i-koni-3-100x100.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

b1f798097d6f80c7dfa36878092865f5f88160f9e3f3786f158c78cc37820e14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:24 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:18:03 GMT
server: nginx/1.16.1
etag: "5fdc9dfb-3369"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 13161
expires: Tue, 14 Mar 2023 12:58:24 GMT

GET
H2 200 blinchik-i-smetanka-3-100x100.png
download-telegram.org/wp-content/uploads/2019/12/ 12 KB
13 KB 110ms
103ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2019/12/blinchik-i-smetanka-3-100x100.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

380b46f90ddea042fadd02cd90ba8a1c18b7ff302a0c82ee98e0a1aeba4c7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:24 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:17:46 GMT
server: nginx/1.16.1
etag: "5fdc9dea-31bc"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 12732
expires: Tue, 14 Mar 2023 12:58:24 GMT

GET
H2 200 telegram-logo1-13-150x150.png
download-telegram.org/wp-content/uploads/2016/02/ 7 KB
7 KB 111ms
104ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2016/02/telegram-logo1-13-150x150.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

ab77eaac8440d50b7b37c5eacace4b577536ad17c5ff562668ce9e8853be66d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:24 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:10:17 GMT
server: nginx/1.16.1
etag: "5fdc9c29-1c30"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7216
expires: Tue, 14 Mar 2023 12:58:24 GMT

GET
H2 200 robot-anton-150x150.png
download-telegram.org/wp-content/uploads/2015/10/ 17 KB
17 KB 112ms
104ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2015/10/robot-anton-150x150.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

f71a02c3678fa32960a613b256b1f91f4f4383bc95c24e8faf8771bc849083d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:24 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:08:49 GMT
server: nginx/1.16.1
etag: "5fdc9bd1-44da"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 17626
expires: Tue, 14 Mar 2023 12:58:24 GMT

GET
H2 200 telegram-logo1-5-150x150.png
download-telegram.org/wp-content/uploads/2016/03/ 6 KB
6 KB 112ms
104ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2016/03/telegram-logo1-5-150x150.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

3d3ea446b44bd1d64dd9e973c0fbc56c6c50541814b038653a80c723baed86a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:24 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:10:38 GMT
server: nginx/1.16.1
etag: "5fdc9c3e-17cd"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6093
expires: Tue, 14 Mar 2023 12:58:24 GMT

GET
H2 200 telegram-logo1-19-150x150.png
download-telegram.org/wp-content/uploads/2016/02/ 6 KB
6 KB 112ms
105ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2016/02/telegram-logo1-19-150x150.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

ba08211e0a4669384dee0dc42fae6962587e31a06146a31a2ad5a766a3354eb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:10:18 GMT
server: nginx/1.16.1
etag: "5fdc9c2a-1669"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5737
expires: Tue, 14 Mar 2023 12:58:25 GMT

GET
H2 200 telegram-logo1-150x150.png
download-telegram.org/wp-content/uploads/2016/02/ 6 KB
6 KB 112ms
105ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2016/02/telegram-logo1-150x150.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

46a9423304c00ed5bddd23e4db997587770ece0e0f30475b091b15da2c733bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:10:18 GMT
server: nginx/1.16.1
etag: "5fdc9c2a-1915"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6421
expires: Tue, 14 Mar 2023 12:58:25 GMT

GET
H2 200 telegram-logo1-3-150x150.png
download-telegram.org/wp-content/uploads/2016/03/ 8 KB
8 KB 112ms
105ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2016/03/telegram-logo1-3-150x150.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

7c0aea7b92e8dc151bd67d1344cf131f0d718598f7ed3371bcd72136458bd76a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:10:38 GMT
server: nginx/1.16.1
etag: "5fdc9c3e-1e13"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7699
expires: Tue, 14 Mar 2023 12:58:25 GMT

GET
H2 200 telegram-logo1-1-150x150.png
download-telegram.org/wp-content/uploads/2016/03/ 6 KB
7 KB 112ms
106ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2016/03/telegram-logo1-1-150x150.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

54b0132a1207a2ecf8ee8b12e208fe7551108d09de8f8aeb6a019b77c22057bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:10:37 GMT
server: nginx/1.16.1
etag: "5fdc9c3d-199b"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6555
expires: Tue, 14 Mar 2023 12:58:25 GMT

GET
H2 200 kak-skryt-nomer-telefona-v-telegram.gif
download-telegram.org/wp-content/uploads/2017/08/ 23 KB
23 KB 112ms
106ms Image
image/gif 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2017/08/kak-skryt-nomer-telefona-v-telegram.gif

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

9a8055e54d37fc509c6e60476b2139f392bd2c8eb4dea39ebb8b371e0cc2b624

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:12:38 GMT
server: nginx/1.16.1
etag: "5fdc9cb6-5b16"
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 23318
expires: Tue, 14 Mar 2023 12:58:25 GMT

GET
H2 200 telegram-soc-seti-150x150.png
download-telegram.org/wp-content/uploads/2016/02/ 8 KB
8 KB 112ms
106ms Image
image/png 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2016/02/telegram-soc-seti-150x150.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

28e06ebfb4e628e46f3ef087b728232d21808f9753b5370c20e78205973bba47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:10:20 GMT
server: nginx/1.16.1
etag: "5fdc9c2c-1f55"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 8021
expires: Tue, 14 Mar 2023 12:58:25 GMT

GET
H2 200 %C2%ABBlueDurov%C2%BB-%D1%82%D0%B5%D0%BC%D0%B0-%D0%B4%D0%BB%D1%8F-Telegram-ava.jpg
download-telegram.org/wp-content/uploads/2018/03/ 15 KB
15 KB 112ms
106ms Image
image/jpeg 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2018/03/%C2%ABBlueDurov%C2%BB-%D1%82%D0%B5%D0%BC%D0%B0-%D0%B4%D0%BB%D1%8F-Telegram-ava.jpg

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

eebf6cc55ea3e4ca212dd3da2673c12739e0e482b5665345bf87d2dea5589d34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:13:26 GMT
server: nginx/1.16.1
etag: "5fdc9ce6-3cb2"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15538
expires: Tue, 14 Mar 2023 12:58:25 GMT

GET
H2 200 blue-ice.jpg
download-telegram.org/wp-content/uploads/2018/03/ 96 KB
96 KB 112ms
107ms Image
image/jpeg 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2018/03/blue-ice.jpg

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

5d1dcfe8737cf39d0592a0c41c3533ebb5e9c5ae69de5f08b90e3dd9afc7fa93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:13:22 GMT
server: nginx/1.16.1
etag: "5fdc9ce2-1802f"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 98351
expires: Tue, 14 Mar 2023 12:58:25 GMT

GET
H2 200 %C2%ABCM-Branco%C2%BB-%D1%82%D0%B5%D0%BC%D0%B0-%D0%B4%D0%BB%D1%8F-Telegram-ava.jpg
download-telegram.org/wp-content/uploads/2018/03/ 15 KB
15 KB 112ms
107ms Image
image/jpeg 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2018/03/%C2%ABCM-Branco%C2%BB-%D1%82%D0%B5%D0%BC%D0%B0-%D0%B4%D0%BB%D1%8F-Telegram-ava.jpg

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

45eb85486762b6f590083f2dbaec645b06706824904b64fe0f55ae3f486bf716

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:13:27 GMT
server: nginx/1.16.1
etag: "5fdc9ce7-3a02"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 14850
expires: Tue, 14 Mar 2023 12:58:25 GMT

GET
H2 200 %C2%ABEpsa%C2%BB-%D1%82%D0%B5%D0%BC%D0%B0-%D0%B4%D0%BB%D1%8F-Telegram-ava.jpg
download-telegram.org/wp-content/uploads/2018/03/ 14 KB
14 KB 112ms
107ms Image
image/jpeg 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2018/03/%C2%ABEpsa%C2%BB-%D1%82%D0%B5%D0%BC%D0%B0-%D0%B4%D0%BB%D1%8F-Telegram-ava.jpg

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

9bfbf9f281853aa93ff0bdb29d5935fdede5b5aefecc87645b26c047d11129bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:13:28 GMT
server: nginx/1.16.1
etag: "5fdc9ce8-365b"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 13915
expires: Tue, 14 Mar 2023 12:58:25 GMT

GET
H2 200 %C2%ABAhri%C2%BB-%D1%82%D0%B5%D0%BC%D0%B0-%D0%B4%D0%BB%D1%8F-Telegram-ava.jpg
download-telegram.org/wp-content/uploads/2018/03/ 17 KB
17 KB 151ms
146ms Image
image/jpeg 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2018/03/%C2%ABAhri%C2%BB-%D1%82%D0%B5%D0%BC%D0%B0-%D0%B4%D0%BB%D1%8F-Telegram-ava.jpg

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

0e5ff0847eadf9d7d6cb7b17033f5e5995e55a4589cad919722369edfa151969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:13:25 GMT
server: nginx/1.16.1
etag: "5fdc9ce5-42f8"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 17144
expires: Tue, 14 Mar 2023 12:58:25 GMT

GET
H2 200 %C2%ABMaterialDark%C2%BB-%D1%82%D0%B5%D0%BC%D0%B0-%D0%B4%D0%BB%D1%8F-Telegram-ava.jpg
download-telegram.org/wp-content/uploads/2018/03/ 16 KB
16 KB 152ms
147ms Image
image/jpeg 2a01:230:2::21f
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-telegram.org/wp-content/uploads/2018/03/%C2%ABMaterialDark%C2%BB-%D1%82%D0%B5%D0%BC%D0%B0-%D0%B4%D0%BB%D1%8F-Telegram-ava.jpg

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:230:2::21f , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

2afb76ffc5374245e6402622fa34fd329aacd836ba1e7c3a865063cd446453ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 18 Dec 2020 12:13:29 GMT
server: nginx/1.16.1
etag: "5fdc9ce9-3f04"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 16132
expires: Tue, 14 Mar 2023 12:58:25 GMT

GET
H/1.1 200
OK 787276.js Show response
dariolunus.com/ 42 KB
17 KB 90ms
33ms Script
application/javascript 88.208.46.59
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dariolunus.com/787276.js
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.59 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9e18ee83ef2aff7978b95d3910f34cf2dec6bfb49b39146c5b334b9a5ccf5133

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Mar 2023 12:58:25 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK getslugv3 Show response
mpraven.org/api/ 102 B
567 B 94ms
22ms XHR
text/html 88.208.5.115
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mpraven.org/api/getslugv3?partner_apikey=a67b7b35dad41141f8bb33b698ac68e3&bl=0&raw=%3Cp%20style%3D%22text-align%3A%20center%3B%22%3ETelegram%3C%2Fp%3E&sourceURL=&sourceName=&sourceIntro=&sourceNote=&priority=source&tag=telegram&rnd=52a7ec3af04b3a56c17028b38e1d8733&d=1&utm_content=&err=0&b=1&rfr=http%3A%2F%2Fdownload-telegram.org%2F
Requested by: Host: hunterers.com
URL: https://hunterers.com/api/scripts/mSetupWidget?id=212
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.5.115 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: f15944f6f227cf9f6941788e04a4f529f29f1c2b7894c9143a3f751c6830df05

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:58:25 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/ 362 KB
119 KB 70ms
64ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5409240997335254&plah=download-telegram.org&bust=31072715

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b3dea4bed542174e552ea737d7bcafae537640c46a079ab169aab0c2198af9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121967
x-xss-protection: 0
server: cafe
etag: 6620570700514410371
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 13 Mar 2023 12:58:25 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230308/r20190131/ Frame CC40 10 KB
5 KB 58ms
14ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230308/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13040
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 09:21:05 GMT
etag: 2378337311435320485
expires: Mon, 27 Mar 2023 09:21:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 telegram.js Show response
static.addtoany.com/menu/svg/icons/ 360 B
527 B 37ms
34ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/telegram.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 134666
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
server: cloudflare
etag: W/"168-5edb43f8443f8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 7a7472c33e439238-FRA

GET
H3 200 vk.js Show response
static.addtoany.com/menu/svg/icons/ 1012 B
837 B 37ms
35ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/vk.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b65482c4f7f198e9e37a5a600bdda73dc504dbcb0f49454644b171bfded11786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 134666
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
server: cloudflare
etag: W/"3f4-5edb43f896478"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 7a7472c33e459238-FRA

GET
H3 200 twitter.js Show response
static.addtoany.com/menu/svg/icons/ 695 B
675 B 28ms
26ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/twitter.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 134666
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
server: cloudflare
etag: W/"2b7-5edb43f86f378"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 7a7472c33e479238-FRA

GET
H3 200 odnoklassniki.js Show response
static.addtoany.com/menu/svg/icons/ 764 B
704 B 32ms
30ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/odnoklassniki.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

562f74199a50c24bcb7d088e403d9cc7e0b5df53297b4d3a62fede4a4cb89623

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 134666
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:38 GMT
server: cloudflare
etag: W/"2fc-5edb43f775378"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 7a7472c33e489238-FRA

GET
H3 200 whatsapp.js Show response
static.addtoany.com/menu/svg/icons/ 1 KB
912 B 28ms
26ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/whatsapp.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96840bd7cc7d8edd1d1ffaff60d7f335fd866cd9a6132c8524d620482f4df64a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
via: e4s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 134666
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
server: cloudflare
etag: W/"471-5edb43f896478"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 7a7472c33e4a9238-FRA

GET
H3 200 facebook.js Show response
static.addtoany.com/menu/svg/icons/ 318 B
501 B 28ms
26ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a19ff3554a1e589f756a92be8263726674127c133feb1d333095668b77ba08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 134666
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:36 GMT
server: cloudflare
etag: W/"13e-5edb43f5ee978"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 7a7472c33e4d9238-FRA

GET
H3 200 email.js Show response
static.addtoany.com/menu/svg/icons/ 393 B
545 B 32ms
31ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/email.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15684309274ca43c5240c88c5be2c9ed2f56ed2b38d0367dc372760f9e287c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
via: e4s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 134666
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:36 GMT
server: cloudflare
etag: W/"189-5edb43f5e5cd8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 7a7472c33e4e9238-FRA

GET
H3 200 a2a.js Show response
static.addtoany.com/menu/svg/icons/ 182 B
416 B 33ms
31ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/a2a.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.26680508.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 134666
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:36 GMT
server: cloudflare
etag: W/"b6-5edb43f58ee38"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 7a7472c33e4f9238-FRA

POST
H/1.1 200
OK 78242 Show response
dariolunus.com/ 5 KB
6 KB 33ms
33ms Fetch
application/json 88.208.46.59
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dariolunus.com/78242
Requested by: Host: dariolunus.com
URL: https://dariolunus.com/787276.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.59 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: fc181b297bcd7d0ac64d2f6eec10ac1aa11c5e6b5a8030e44e622e31c277ea9b

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 13 Mar 2023 12:58:25 GMT
Server: nginx
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: http://download-telegram.org
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 0

GET
DATA 200
OK truncated
/ 477 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d74b7089a68f822f535c265ed9b4faf167417defaeed5985d00f7d1f8d83007

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 26 KB
26 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:49:05 GMT
x-content-type-options: nosniff
age: 277760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26240
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 07:49:05 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 23:44:24 GMT
x-content-type-options: nosniff
age: 393241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 23:44:24 GMT

GET
H2 200 1c0942547d39e10f5f56.js Show response
yastatic.net/partner-code-bundles/735032/ 14 KB
5 KB 267ms
113ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/735032/1c0942547d39e10f5f56.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b02f26cd50ee99e88dc04fcf64d3d02e024f8ce49447e9aad3962438e62b5709

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4802
last-modified: Thu, 09 Mar 2023 18:41:15 GMT
server: nginx/1.17.9
etag: "12ca686052b5d9d4a849f168941c9fe1"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 12 Mar 2053 19:30:59 GMT

GET
H2 200 2bc51aa1c79e2ebf9aa3.js Show response
yastatic.net/partner-code-bundles/735032/ 112 KB
24 KB 285ms
131ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/735032/2bc51aa1c79e2ebf9aa3.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

30491c6b81dad3b6bb4e8576dbfba06cdee3e80ccd39663af5426d10501b5f3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24270
last-modified: Thu, 09 Mar 2023 18:41:16 GMT
server: nginx/1.17.9
etag: "4846118fbd8205816361ca4b74b97572"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 12 Mar 2053 19:30:58 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 302ms
149ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 12 Mar 2053 19:30:32 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 231ms
86ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 7fc5cce9b48f3054
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Mar 2024 18:43:44 GMT

GET
H2 200 1961151 Show response
yandex.ru/ads/meta/ 96 KB
29 KB 267ms
259ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/1961151?target-ref=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C79%3B733957%2C0%2C79%3B735484%2C0%2C34%3B727351%2C0%2C93%3B729110%2C0%2C40%3B729105%2C0%2C72%3B734894%2C0%2C57%3B736384%2C0%2C67&pcode-flags-map=eJydWNty2zYQ%2FZWOnjMuryDpN5AEJYxIggVAK0omg1FixVbHl45jp64z%2BfcuCMomKRtK%2B2SZ0h4sds%2Be3eWP2RkWSizYSuFclTglpSoYV7RWKa5rwmenH3%2FMvm%2BuHraz05nkLZm9m91vv93Tc%2FgfId8PotnPT%2B9eYBrO8jaTQrFaNbgVxIoQuUngGwRS47QkimSsegEpqZDamTOaE6Y%2FwLcpU5hXI9jt418T1NAPO9Scig42Y20tFSc55STTkLhp7J55ThB4z3eDi6iqLSXlrCwBrZb6A%2BFqhWW2ILmStCKKFYUg0o7re040iJns3DsjXFBWjywj342ccGwbOo7xqa1pyXAODuh04Wp0mfu7h%2B3ALPBiP3GMGVxDiC6%2FE5tpDAdGwAxBSK1YKgg%2Fm3Bie7P5fLUdWfrIS8wNC%2FpeVXDWgtD5Qqpa2o8MQj9xO8M1rnPyXvFW5azCtLaZhU7k%2Bej5vJSzJTgLZ6k5p7nV0o3CGL16oALiSE5Tq7nnOijozD%2BQ2lNFC9RY0VwuFK3wnFhtAzeInRfbPU9TxnVSOc5pK377RYQ11n4bhxUuV3gt7JZ%2B1Mc5LxooCtGwGoihKczaMX09x3HGtoHjmzs3Gct1YYFpLe3nhQDTU6lgEGWiubs%2FT5H3VlrAkVHkHZrTQmvWShcRsPP%2FIOwdOMNlO8qW77xuXRLMa1UxDhWLOcWTe3ujQ6FW%2Byg3nDJO5Vqla1AysmoYtwcMRaivvT0vet3KBLcaJm4UDxhJhcow50wqnGWQJWFRiTDxQ9cd2XYsFkBpudBhanCe03puBwnCwHjeKS5QWa4bony710EchYP0VDyDOAma0hKiZj8uidCblroHZSXNlkdO32N0Am%2F6ngKBLSjoOtWXKHBmr%2BYk9npRN370IKZtSaaJ2pR4neJsOWgeNkjkeIHvjdKxIJ3gQxMjgs6tjEdu6CGTh5qswKSAKl%2Boks1pZreL%2FV7SwM2C8kpzlpN632kaTlK7qCJQRc8dkRe6DgcmQQOGVgkR0EIpMq57ihDW2kdu4gbBCGxBZefJAATisZTMDuRHnucPB43JSJGTAkP64UFBayoJsD1bwkRjLVQUhA5CI%2FdEhblUf7SkJRr82P1ChFD4PA3IBYcRauIZgQLmmsq0BqGi0IzLI15FbtRTJ8PQkljdJxAXuiBpwTHMKt34YM9kFCcoeZ4bCk4BplwrY69HiMZ%2BubF9ulSCfrDWEUKJ36d7YCG6fI%2BjYj83CZzoGQVEO9cI1pERoThA7vRkVcHAiO1neV4%2Fkg0IqQePX2JljALX35cb9G8YeuGqQBoFY6IZKDoBM7PB4UR%2BgBfF%2FuEt5Nx%2BB0hT7A5rQ2uGEZlXQt%2F1g2MjOEo81E8npiLEkjZK8k4Aj0kySmArMMaTo4uS6XE3V8bRIyBxXwVvgXTkGmF83T2q682jutzuLi7v34Drlge1JClOFUyc1k3EgdY2KkVTzasFsGRAmBpadCe48xbkXaWt3lUyQs%2FsFRq5TtB3Ts6VUXrZwohiKr0LdCcq7XxxZA8DJFOqJf6w7sRBdQPe0OzH7Ov2%2Fstltbm72N3MTt0QxqTr28%2B7q634srna3VzMTr2fI9QQ%2BuKABEYWYd5TaamZoNe74QEfZ9eb3dXJ3QP49s%2Fm5nz7CJ9%2F311vLrbfRo8uNtfdk%2FOn7Y35%2Beb77v7WfLw%2BGfxzfrPrn2rkZwR4cLd5urp9uuy%2Ffrozfx%2FuNic327%2B%2FHfzgz83t9a4z%2FfT6FYcV95Jae%2FrQnucjY81PfCTxYOlOZQe3MGpkJZss3bCVjjdb2NAMaWosgWKgcnzea52SeG5dHqCzeAOhLAjQlROcSVhfjxiGvuMdzki0bmA20EPSf5yQIh%2F5KH4TcCBloD32PLwgPb%2FHkFSCNWyFsJLl626Aw7rv6brqZ4URZIFLMVn0%2FSSMDrS9m6lNnvdrwQjny%2F3VJGpBP9GbEgIt1zM9g%2BCXxy%2Fmgb174EPGhI41CHmZpyBIdKKCUx%2B8BOThTZQ1VuDZcvLe4xUMx5BOdzfzIkFJUgGEtOp45AdxMtg4py8gdPIgQpN0djH7%2BS8Pzo3D&pcode-icookie=AyLH9%2F%2BaByc8%2FxJlpYp2knEowhmnKXZOqSllMkamS7CK%2FlLNTgpN35eKv3B3Z704VHw3juXTzRD6cz02RRjyyPI%2FB%2F4%3D&imp-id=3&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=452998790643714&ad-session-id=24271678712305326&target-id=88691455&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fdownload-telegram.org&top-ancestor-undetermined=0&pcode-version=735032&pcodever=735032&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1100%2C%22h%22%3A0%2C%22width%22%3A1100%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A250%2C%22top%22%3A910%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4OH0KEuOkkCQpBkJAHauw5J8lbmPHsViVtyn0edIUeekUXL60UzKm3cptdRzCJrEsS0_kiKZ_6r4o2xI8Yfm3TeosTdv8AvobwCWIxnjodk2aypGpmPBp1g0PYxCJQSQGwYY-LI_M53df6Is9Uo_UF_sCH9-H_iDJOri5KqeOCyWk3cfzZT6BR-YhfFSRL-s-9kMZ-Dg-_zg9xIFHyPyIHgTOg8DzBR6xL-7PHt-XPJskHjHkhspgh1zvw334eE_VQSDw-U8JiR90yHVUoVKl1VHlhVqrC7NQlWuBxfd0jEOdTpmHRU8LZQ6JUZ1HmjhThFmSGrsmScM8DSExumcjyaMoT6nzuP-ze_r_j30UHnIcj7B7CPdI2Z329Ir-tEeT9T1Ceu95RO3pg4t_p_mih5z_DLfnlvVbvY-7bEp8GVP3Yfqy3feftNcJ-6KJ5grZc21s_Ap5Xw-eRaLevnbZaIjM98JkZNTqGGfUNImavGtURRRBYqRKlHmnUSXUnUJR5kqaXF3GeaRI0ihDnPcoU-c0RVymSZobtTp1hrhCGGXhIS5cEJSZolRlKWX_leR5-kwX6jwuwxxRaPz2v-f_Ydzt7T9vR4m_iKDvrYEHT8dYTB__zO00lw0p2HKViuv3BqvM0vQ4Z4hytTlfmrhI1VlKPXC5YGwnG2tb1R7XMS4fhZWXrWG1_4f4Wxms_wDMn6nMbXrcO092B-kYFdrGLmOlRKuTqypbyjyV_6eq7FemdTsNnJxmN854CAamD-N2-O39u7yusMCCEBlgHaSMcpWdSncos9YoL2INldGcf5RoskK1k4uMprBp5GH4Xd4toMoyApS8iHNuJJos1tymrBc0sPlZq0sLl25lkaXlg8ioi1uR6cx4eddRuG3OeU-RokgrkjhXJoi_M-60nx_Av2YfsTySS6hjPG7uomzMlj8EZXdRy5BckZeKJAppD9UOP6EBdK4JS0VBbUNEVUSlhipTqeM8tSNBbtwxAfQr9s9IfHXye5bvC2wTQofPUdLN43C2Hn538r94Y3tEHrx79YousPQwncH6MPYOV-CBcaXB9rS9MRrYNzkXEWmlgFOJbzCmZS0wKtzvkOJhXwNaoTrktQupDF_UtU4NP4JwCG2k7ytSK3bPywfla_smzC_leJ-Ir8KJuy4K4ySl1nIl12-wgduvub8C_K4voQZb5iWb15c9gUf4SLfufjaTesST3bfOXv0hcFuBf5lUugnrEuon7YGSybSQulf81I4Efh7XfDloIC8NGM04Hmxa2kvEe0i9z4c9KfEIIfwHvBy6eVD6xYpkkAPFOcY8mXigXWIyidKP8f5p-A7DuYQC55MX2aYw2SRgvOckG4J4ieGR2krH5ZRDJp5kCvdfuj1d8rkUIWaeyH--P1qFS5LFx9l5qoW5so2vSa9lLhF-QryUEPh4y_ajS1ukLN667yFYCi4IJvgRwb9hewh2ith7PP7G-II_l2RgSzcSX2I9Yzhk5pu-A5j_0mns_8YD_QiG_R83WuwbIAsnCL1V3sD3-F3hw_NAr3Hm8wyY-8bCt0PRQbKtemwT7KwEe_ewibs0bHh6l9codkNAglvyg_q69_lr--pBTcNZiZk6b_3noJX0vchKxFlOoUjisDSYJwTNk5i8xyVFXCgUSyJsKf5C54Im_8b5EFPcyt5u8N_88BKyXpP7gnUkclWYgZeHckVFEBY0F36F1xIP8LNjqNb6IJkF939A0GLIb_-b2e3FHoA_VA8eOwyD-NAjuKzKFWnJ3HXgD83bww9zmp6_NwvMGeO965m4x4KZLjfN4j6x8D-EYPvuRzrUT5vNTIS-0JzaI3OiJa8CTscLJoBx-zbAghXGthfGtogpqq0O11HVcNsZhhN2uiGigna610CPgg6FQc-AGhXdJTofYDyOts2xX79fYu5U_wKdJod0e6iwNt6jcaYPxtHs1ju3522ddSgmkISNB60yOmqYckS5GypPzSh4s1lbqgWRQgvt3dsMcFTvxzN3ZKk6TjI1c__tAz6hzIr7nbmDk6XqhCLqjevDQ6oqNJRI8zgmP-7v3oL8NEM_Qvi72cK5dR60JdiLZu6nLvxHt3pYfQrJjRhDlfI_B2VCBuGkNMl6lC2LPREFHqZbiILNH5bKt7llq9B1CUnfh2RX8H0R8_Yw3jiFT3mw5Wa8lsnV9-AHwkds9vhrzIdIMGTEDXJ92WbcvXF-ht9uJOzNQcPff3iO28S51Ar2jfUspVcTa0IlWKLBr2xuitnqf0H4-lAeoX375yfB3aESXNF28p9kHN7NtkQtiZH-Agn_gGAfXRDnOc308Pexi6WFTorH-6ESDvKgrrhx2GK-uYvAlswxGjxfFBU5IN_pycOypKHWlPqeRWVElVCUIZVcSZMWmSoqw1ieGzmwREs7nnGtxya-o8mD93apKWJ11B2090qVBY_n48Jx-DWOnaIs0kxZhDlnyGlp3Zs3HLH_a8KjBY-2omuHpXlqqZOY3Mh92JTfKTKLdlu_RPw9j9CS7AQt_iPrQ-4r27Ukf_ITz2gm488zturo0mz6XaJ8xzx8Bwm1LW2Yc7vQ_XkiZ2LwRUzc9JtDbzHzw1nSzHftx2cS35BYVMPLu-m4b470SJm3fTZm27jC3JUBoJgFqBMnfXltgcmDqKZFzBoegoK8g0_ZJ6xjn23XnQFW-x45Koy0fj122sgJTpzm4HiRhwCKHIClmp8_KrvoHNblOfSZEr0BA1OyPmjLwaKLYCatAWBMMya4favjcuwb2FTjBfQNrRtc9BkNSpR61kfD5hfr0_7-dwpQ4oAAseESwrW29jFs-wG6jAw1HQZGZvbXxB_SsXcOxvFiQDe7dNAScwAFTmpMzOu1i3adMNZaO16hqJqd0HM6qAwG1qeD6S9Yh-em-OoYMn9x-_DmeJicnXsqPWfuFYfVDDNKx0ilx_o9mxHqUuoZhtczW0_QxZYTNefT6uRdfGVq5oO0684MocrOTuowjnOmmDMegTWB08SZ6xYFQHXxVH_gzQpVfZDeDNTYa2yTDOkbe5n4PUHirUfvnUknYnl3cL2QyUZrq2tOQDOBrMWiuVM1uMO1_2_6zBqs8BfLkGwYum3boT3LL_ZaFImdRwLL7lw2rzifmZPPZa23swZnCrVrgH_CaCNp4zsd4cRqh7ta0TkSzVN_MjI2XGI7hCAsxO54sfwUo2e5m-TA2GEt21u3uY5WbmtvMfUPpDv2s0MGzToz5oAFOMYxQcWPqiaCM7MT2UzDsrE9g7VDEjYD2Xc7U4fGNv5SXcSUJXJobd93MY7QnKl_bzRNyw3fF69Zd89M_L3zLQ99sZ55vAEWnEKDgYEtT0DPqifA_VbDFm_k2EN4aQj-xuqmmL3AwOCc07BgLvFbKx2oa_063LQlXYvoKoUNV5zFgSHXszkxA0qW3UMTQwHn4XwpHX1iUmCc-49RUma6_oYJKxh8W0eZHwPDYmCPdBlYsjKC7GCPYa9BBL-pah6SzTjMV4JJOAXsHhEanI9kAzZz5UxoWYT0KNgbFGtVCNYNdPUXr2yVG8ZL62yC9ffPENmIFNmkaS7yIUaTQ5q7DiB-P23-2gSSNcHg18FIuHGmPmwDTgVGT8-eV8jaMAAyIR9JO0zMbesZXbW9YvyCVb4XQoH1ZT1bsqkt3PqhrEzIwJ59iome1QmB0vDFFt9OOg734l3ZG8fFu7PhG6HdAZknJcloobMS-9CxV3dQMRlYnSTnONZx_tr946yN8-CGPGiRlK3GB5lHXN0QydQbN6zl1QIbdW3gVIcMKNkcjp6BdcsVCH86TgvuCfuWagJXbdbV4DWtvGg2Rbkdw63GJxud7esXIlbmx5abzEDPclQrW7s2jl3V7YMhwmYmhueBfiZAR9fZrtbGOYWxbreG1grr155CR8ffQpIxarymjjM1-9br42ltuoLtjsPEqsDpbh4dUqx6xtpfSFXyHGJ5nCCe8iwcHUquzaKn_UCPGgXvAxgnCsDMvQBJk0PVzRgMrFZ_Mz-pqou6RwMPs57IWQF54m3i5r0IxhyFRgYCZCQdaVykmgRqjoMBJcvqtsG49r6gO-d_FoVfrRmCNQMM9q6ghSUjoLjJYUwWrhpt8PFjE6HE9bHRyDggUkQFVJwJAwZmApKLI45TDeV9bm_411WRiWAxBjekflDlYtu6ot8zoMDRCqrXMKGRiSCjijOomctYtqqA2L7aP2pdaVJeZ2W5ePH0FnA8eCdM5eB0OVgeYrQxLCTPRJwVKoiLmBKqDomOnkPAawU7QU1Mo5QTwAQ7Sf7UFZ98yHlEKBss9BZWwzQIsctRwR71iufLLUnlwzztgdWWqGpO_GpxNREPXLC503zt3bbqMgrJVfk3V0HOUYSnceMW4THdHEWmps5DC9uDsA9A2jg_EV3aB4yzPDLlVlb_2Yex_if0rTObabBH_L-d1xTUq6KbbJV9Vgb_9IlJeQ3W-OzKkS2THLV9cR3zHjY3tOyp_dog56DtyVFaxlQbzKz5reAcFwTXvte6YFg-bAzLnjQoq2D1qdxaHuDEDTVb3FBgyg8IWSpHhClfJIWmgw8eZkSZ3UWCzAVU-fZmZH2DTQQY0-NHphdTrq4EL5Z8wSuUkTylxoS6Qo3ZMhk513yaJAwTpVlFylKwE6O261HrGVyg_u92YOq3iauu6DPZSs6OLKTwTM94v4gTSwQ6ByDoBxpTP_Ed2CsQbCM0W7CF4y-u8WlUmyUjpoS3ir1gbLTH55EnW2NSf7J00QKew-TIQzX5nI31VskXxw6k50GLy-EvxCLIVgxZcaWxXbAius1A6yjCYz-d0mb_GUb2pOvIexOXqfsAHownLv1huxow2ap_IrzeaqJGjtT6LIt0hHZXcoPYCmTeq5UN5gj_rFRelXRq4m_mvg2hL2Ru8pZjAzMTYQscLBoeIM_mt5rgaJxVidcm3VoNGJKFQry_NCD5PtGgpns6G1lRU-4NHzJJXyuioOFxCmsgOM37NzmHMJ0O5hj7m8iGqK1u2Qna61YJl6qBV2zVsBh7eNboaoa28_gN52ZC_J2I_YDN2H0V&uniformat=true&callback=Ya%5B7510190812625%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

96d05ac67ae923b75e43fdbe5b40f04de3b9dec0d77c355968df3313f1d68394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1678712305416737-1386713025726038803-sas2-0451-sas-l7-balancer-8080-BAL-1305
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 13 Mar 2023 12:58:25 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 13 Mar 2023 12:58:25 GMT

GET
H2 200 07cea2bf8567304efc16.js Show response
yastatic.net/partner-code-bundles/735032/ 23 KB
8 KB 181ms
157ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/735032/07cea2bf8567304efc16.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2e4188515828c942a5eb2f047a2246cdf68a7aeea374009dde58629fe0c9beed

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7926
last-modified: Thu, 09 Mar 2023 18:41:15 GMT
server: nginx/1.17.9
etag: "d6056820a626b7a179ef8875790bec2f"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 12 Mar 2053 19:30:59 GMT

GET
H2 200 2ec9a88e40a26b53acde.js Show response
yastatic.net/partner-code-bundles/735032/ 7 KB
3 KB 181ms
157ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/735032/2ec9a88e40a26b53acde.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

273746bfb4f9aab48bc043b02f453ae18fedad76a5244fdf2c24fe631fd5d46a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 2065
last-modified: Thu, 09 Mar 2023 18:41:16 GMT
server: nginx/1.17.9
etag: "30153dd7e842c8d0099df963a3543f22"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 12 Mar 2053 19:30:59 GMT

GET
H2 200 0da1c504dc46c7b712e3.js Show response
yastatic.net/partner-code-bundles/735032/ 576 KB
110 KB 53ms
48ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/735032/0da1c504dc46c7b712e3.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

24302da202d5f76b541e8be13ca84e5f59d04ca28b78280d8c62cc88e5e9a42a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 111813
last-modified: Thu, 09 Mar 2023 18:41:15 GMT
server: nginx/1.17.9
etag: "254228a3a3d9bec76527c77b680d3534"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 12 Mar 2053 19:30:58 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9941.rZ89nVZYnEhBRc2H2WZ44M_OBn0DdQMTITYWP4kyoLMCStB95QookmVI5-JhbXD2.F22D_nMJb_2rSVPXyvhuMZ8VhM8%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9941.QTq1rqJVjiJBMBquz-r7LX14kxwb2klMJ8xxhlo7iqoqq7wku3noHbnuj2AyEi3v7M-HJBXkZibzKRhkV8fLA61hPYD857Bbk11bYKOFbZ4tue0_y-5oMC3L-LsGs52Dxth2KMaFzSP...

43 B
478 B

65ms
64ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9941.QTq1rqJVjiJBMBquz-r7LX14kxwb2klMJ8xxhlo7iqoqq7wku3noHbnuj2AyEi3v7M-HJBXkZibzKRhkV8fLA61hPYD857Bbk11bYKOFbZ4tue0_y-5oMC3L-LsGs52Dxth2KMaFzSPTamosFO-JsGK_Ga8V0Ax3VNnAAZzwzWOMJnvHTU5MDvU-BONC5DNuWURZiHrk83qipX0CZ7dqvrw8b2g4tnpBujla7XElfTo%2C.b-lpsOUi-bySKR0Jc93iyUhwVQM%2C

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9941.QTq1rqJVjiJBMBquz-r7LX14kxwb2klMJ8xxhlo7iqoqq7wku3noHbnuj2AyEi3v7M-HJBXkZibzKRhkV8fLA61hPYD857Bbk11bYKOFbZ4tue0_y-5oMC3L-LsGs52Dxth2KMaFzSPTamosFO-JsGK_Ga8V0Ax3VNnAAZzwzWOMJnvHTU5MDvU-BONC5DNuWURZiHrk83qipX0CZ7dqvrw8b2g4tnpBujla7XElfTo%2C.b-lpsOUi-bySKR0Jc93iyUhwVQM%2C
date: Mon, 13 Mar 2023 12:58:25 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 409 B
610 B 52ms
22ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=download-telegram.org&callback=_gfp_s_&client=ca-pub-5409240997335254

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5409240997335254&plah=download-telegram.org&bust=31072715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

386e45abe00260ea48cb0b2d7e017908e6760b242c44837de4e857b0c9814697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 103ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=download-telegram.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 60ms
28ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=download-telegram.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6B69 323 KB
74 KB 665ms
662ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5409240997335254&output=html&adk=1812271804&adf=3025194257&lmt=1678712305&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_r&format=0x0&url=http%3A%2F%2Fdownload-telegram.org%2F&ea=0&pra=5&wgl=1&dt=1678712305109&bpp=6&bdt=582&idt=414&shv=r20230308&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3124037108964&frm=20&pv=2&ga_vid=29744030.1678712306&ga_sid=1678712306&ga_hid=2014452662&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44777877%2C31072715%2C44774292&oid=2&pvsid=4424320484458750&tmod=1846162653&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=480

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32101b805bf9c598ec6a2f26566d176fbcd6d91d5ba082cb621093f1d1a3fb8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 75073
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 12:58:26 GMT
expires: Mon, 13 Mar 2023 12:58:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
113 B 62ms
62ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 13 Mar 2023 13:58:25 GMT

POST
H/1.1 200
OK set
dariolunus.com/event/ 0
0 20ms
19ms Fetch
text/html 88.208.46.59
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dariolunus.com/event/set
Requested by: Host: dariolunus.com
URL: https://dariolunus.com/787276.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.59 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 13 Mar 2023 12:58:25 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
Access-Control-Allow-Methods: PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://download-telegram.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 206ms
67ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://download-telegram.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://download-telegram.org
access-control-max-age: 1728000
content-encoding: gzip
date: Mon, 13 Mar 2023 12:58:25 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
398 B 196ms
65ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:26 GMT

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/4936745/3OY2d4ZE407HJUNB-x6ldQ/ 13 KB
13 KB 207ms
76ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4936745/3OY2d4ZE407HJUNB-x6ldQ/y300
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: ec1a9a7a1efb55aff57d14ffde27c233c4568e4639b850030e1d0c617af0fef4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
last-modified: Tue, 01 Feb 2022 04:08:42 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 13394
x-request-id: 3db0fcfb3d2cb121

GET
H2 200 icon-192.png
yastatic.net/s3/games-static/favicons/ 24 KB
24 KB 185ms
94ms Image
image/png 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yastatic.net/s3/games-static/favicons/icon-192.png

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24134
last-modified: Thu, 14 Apr 2022 12:22:42 GMT
server: nginx/1.17.9
etag: "7819c957eaa80af5bf14f760d49b64a7"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=216013
x-nginx-request-id: 60e298b4b031e346
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Mar 2023 00:55:39 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 7025 24 KB
7 KB 115ms
54ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Mon, 13 Mar 2023 12:58:25 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Wed, 12 Mar 2053 19:29:36 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H/1.1

200
OK

cs Show response
dariolunus.com/js/ Frame 50EB
Redirect Chain

https://dariolunus.com/js/cs?uuid=a78b46fc-d78c-42e0-b4af-bd9b15fbc5cc
https://s.uuidksinc.net/match/1165/?remote_uid=a78b46fc-d78c-42e0-b4af-bd9b15fbc5cc&cb_url=https%3A%2F%2Fdariolunus.com%2Fjs%2Fcs%3Fuuid%3Da78b46fc-d78c-42e0-b4af-bd9b15fbc5cc%26oid%3D%5BUID%5D
https://dariolunus.com/js/cs?uuid=a78b46fc-d78c-42e0-b4af-bd9b15fbc5cc&oid=1wAYbu8DI5D9rynoQVUZ

43 B
492 B

26ms
26ms

Document
image/gif

88.208.46.59
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dariolunus.com/js/cs?uuid=a78b46fc-d78c-42e0-b4af-bd9b15fbc5cc&oid=1wAYbu8DI5D9rynoQVUZ
Requested by: Host: dariolunus.com
URL: https://dariolunus.com/787276.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.59 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Connection: keep-alive
Content-Type: image/gif
Date: Mon, 13 Mar 2023 12:58:25 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

content-length: 0
date: Mon, 13 Mar 2023 12:58:25 GMT
location: https://dariolunus.com/js/cs?uuid=a78b46fc-d78c-42e0-b4af-bd9b15fbc5cc&oid=1wAYbu8DI5D9rynoQVUZ
server: nginx/1.19.0

GET
H2 200 1961151 Show response
yandex.ru/ads/meta/ 62 KB
14 KB 235ms
233ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/1961151?target-ref=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C79%3B733957%2C0%2C79%3B735484%2C0%2C34%3B727351%2C0%2C93%3B729110%2C0%2C40%3B729105%2C0%2C72%3B734894%2C0%2C57%3B736384%2C0%2C67&pcode-flags-map=eJydWNty2zYQ%2FZWOnjMuryDpN5AEJYxIggVAK0omg1FixVbHl45jp64z%2BfcuCMomKRtK%2B2SZ0h4sds%2Be3eWP2RkWSizYSuFclTglpSoYV7RWKa5rwmenH3%2FMvm%2BuHraz05nkLZm9m91vv93Tc%2FgfId8PotnPT%2B9eYBrO8jaTQrFaNbgVxIoQuUngGwRS47QkimSsegEpqZDamTOaE6Y%2FwLcpU5hXI9jt418T1NAPO9Scig42Y20tFSc55STTkLhp7J55ThB4z3eDi6iqLSXlrCwBrZb6A%2BFqhWW2ILmStCKKFYUg0o7re040iJns3DsjXFBWjywj342ccGwbOo7xqa1pyXAODuh04Wp0mfu7h%2B3ALPBiP3GMGVxDiC6%2FE5tpDAdGwAxBSK1YKgg%2Fm3Bie7P5fLUdWfrIS8wNC%2FpeVXDWgtD5Qqpa2o8MQj9xO8M1rnPyXvFW5azCtLaZhU7k%2Bej5vJSzJTgLZ6k5p7nV0o3CGL16oALiSE5Tq7nnOijozD%2BQ2lNFC9RY0VwuFK3wnFhtAzeInRfbPU9TxnVSOc5pK377RYQ11n4bhxUuV3gt7JZ%2B1Mc5LxooCtGwGoihKczaMX09x3HGtoHjmzs3Gct1YYFpLe3nhQDTU6lgEGWiubs%2FT5H3VlrAkVHkHZrTQmvWShcRsPP%2FIOwdOMNlO8qW77xuXRLMa1UxDhWLOcWTe3ujQ6FW%2Byg3nDJO5Vqla1AysmoYtwcMRaivvT0vet3KBLcaJm4UDxhJhcow50wqnGWQJWFRiTDxQ9cd2XYsFkBpudBhanCe03puBwnCwHjeKS5QWa4bony710EchYP0VDyDOAma0hKiZj8uidCblroHZSXNlkdO32N0Am%2F6ngKBLSjoOtWXKHBmr%2BYk9npRN370IKZtSaaJ2pR4neJsOWgeNkjkeIHvjdKxIJ3gQxMjgs6tjEdu6CGTh5qswKSAKl%2Boks1pZreL%2FV7SwM2C8kpzlpN632kaTlK7qCJQRc8dkRe6DgcmQQOGVgkR0EIpMq57ihDW2kdu4gbBCGxBZefJAATisZTMDuRHnucPB43JSJGTAkP64UFBayoJsD1bwkRjLVQUhA5CI%2FdEhblUf7SkJRr82P1ChFD4PA3IBYcRauIZgQLmmsq0BqGi0IzLI15FbtRTJ8PQkljdJxAXuiBpwTHMKt34YM9kFCcoeZ4bCk4BplwrY69HiMZ%2BubF9ulSCfrDWEUKJ36d7YCG6fI%2BjYj83CZzoGQVEO9cI1pERoThA7vRkVcHAiO1neV4%2Fkg0IqQePX2JljALX35cb9G8YeuGqQBoFY6IZKDoBM7PB4UR%2BgBfF%2FuEt5Nx%2BB0hT7A5rQ2uGEZlXQt%2F1g2MjOEo81E8npiLEkjZK8k4Aj0kySmArMMaTo4uS6XE3V8bRIyBxXwVvgXTkGmF83T2q682jutzuLi7v34Drlge1JClOFUyc1k3EgdY2KkVTzasFsGRAmBpadCe48xbkXaWt3lUyQs%2FsFRq5TtB3Ts6VUXrZwohiKr0LdCcq7XxxZA8DJFOqJf6w7sRBdQPe0OzH7Ov2%2Fstltbm72N3MTt0QxqTr28%2B7q634srna3VzMTr2fI9QQ%2BuKABEYWYd5TaamZoNe74QEfZ9eb3dXJ3QP49s%2Fm5nz7CJ9%2F311vLrbfRo8uNtfdk%2FOn7Y35%2Beb77v7WfLw%2BGfxzfrPrn2rkZwR4cLd5urp9uuy%2Ffrozfx%2FuNic327%2B%2FHfzgz83t9a4z%2FfT6FYcV95Jae%2FrQnucjY81PfCTxYOlOZQe3MGpkJZss3bCVjjdb2NAMaWosgWKgcnzea52SeG5dHqCzeAOhLAjQlROcSVhfjxiGvuMdzki0bmA20EPSf5yQIh%2F5KH4TcCBloD32PLwgPb%2FHkFSCNWyFsJLl626Aw7rv6brqZ4URZIFLMVn0%2FSSMDrS9m6lNnvdrwQjny%2F3VJGpBP9GbEgIt1zM9g%2BCXxy%2Fmgb174EPGhI41CHmZpyBIdKKCUx%2B8BOThTZQ1VuDZcvLe4xUMx5BOdzfzIkFJUgGEtOp45AdxMtg4py8gdPIgQpN0djH7%2BS8Pzo3D&pcode-icookie=AyLH9%2F%2BaByc8%2FxJlpYp2knEowhmnKXZOqSllMkamS7CK%2FlLNTgpN35eKv3B3Z704VHw3juXTzRD6cz02RRjyyPI%2FB%2F4%3D&duid=MTY3ODcxMjMwNTUzODM5MTEzMg%3D%3D&imp-id=4&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=452998790643714&ad-session-id=24271678712305326&target-id=61249197&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fdownload-telegram.org&top-ancestor-undetermined=0&pcode-version=735032&pcodever=735032&flash-ver=0&skip-token=yabs.NzIwNTc2MDc1NDM5MTI5MTc%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1100%2C%22h%22%3A0%2C%22width%22%3A1100%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A250%2C%22top%22%3A2145%2C%22ad_no%22%3A1%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%7D&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4OH0KEuOkkCQpBkJAHauw5J8lbmPHsViVtyn0edIUeekUXL60UzKm3cptdRzCJrEsS0_kiKZ_6r4o2xI8Yfm3TeosTdv8AvobwCWIxnjodk2aypGpmPBp1g0PYxCJQSQGwYY-LI_M53df6Is9Uo_UF_sCH9-H_iDJOri5KqeOCyWk3cfzZT6BR-YhfFSRL-s-9kMZ-Dg-_zg9xIFHyPyIHgTOg8DzBR6xL-7PHt-XPJskHjHkhspgh1zvw334eE_VQSDw-U8JiR90yHVUoVKl1VHlhVqrC7NQlWuBxfd0jEOdTpmHRU8LZQ6JUZ1HmjhThFmSGrsmScM8DSExumcjyaMoT6nzuP-ze_r_j30UHnIcj7B7CPdI2Z329Ir-tEeT9T1Ceu95RO3pg4t_p_mih5z_DLfnlvVbvY-7bEp8GVP3Yfqy3feftNcJ-6KJ5grZc21s_Ap5Xw-eRaLevnbZaIjM98JkZNTqGGfUNImavGtURRRBYqRKlHmnUSXUnUJR5kqaXF3GeaRI0ihDnPcoU-c0RVymSZobtTp1hrhCGGXhIS5cEJSZolRlKWX_leR5-kwX6jwuwxxRaPz2v-f_Ydzt7T9vR4m_iKDvrYEHT8dYTB__zO00lw0p2HKViuv3BqvM0vQ4Z4hytTlfmrhI1VlKPXC5YGwnG2tb1R7XMS4fhZWXrWG1_4f4Wxms_wDMn6nMbXrcO092B-kYFdrGLmOlRKuTqypbyjyV_6eq7FemdTsNnJxmN854CAamD-N2-O39u7yusMCCEBlgHaSMcpWdSncos9YoL2INldGcf5RoskK1k4uMprBp5GH4Xd4toMoyApS8iHNuJJos1tymrBc0sPlZq0sLl25lkaXlg8ioi1uR6cx4eddRuG3OeU-RokgrkjhXJoi_M-60nx_Av2YfsTySS6hjPG7uomzMlj8EZXdRy5BckZeKJAppD9UOP6EBdK4JS0VBbUNEVUSlhipTqeM8tSNBbtwxAfQr9s9IfHXye5bvC2wTQofPUdLN43C2Hn538r94Y3tEHrx79YousPQwncH6MPYOV-CBcaXB9rS9MRrYNzkXEWmlgFOJbzCmZS0wKtzvkOJhXwNaoTrktQupDF_UtU4NP4JwCG2k7ytSK3bPywfla_smzC_leJ-Ir8KJuy4K4ySl1nIl12-wgduvub8C_K4voQZb5iWb15c9gUf4SLfufjaTesST3bfOXv0hcFuBf5lUugnrEuon7YGSybSQulf81I4Efh7XfDloIC8NGM04Hmxa2kvEe0i9z4c9KfEIIfwHvBy6eVD6xYpkkAPFOcY8mXigXWIyidKP8f5p-A7DuYQC55MX2aYw2SRgvOckG4J4ieGR2krH5ZRDJp5kCvdfuj1d8rkUIWaeyH--P1qFS5LFx9l5qoW5so2vSa9lLhF-QryUEPh4y_ajS1ukLN667yFYCi4IJvgRwb9hewh2ith7PP7G-II_l2RgSzcSX2I9Yzhk5pu-A5j_0mns_8YD_QiG_R83WuwbIAsnCL1V3sD3-F3hw_NAr3Hm8wyY-8bCt0PRQbKtemwT7KwEe_ewibs0bHh6l9codkNAglvyg_q69_lr--pBTcNZiZk6b_3noJX0vchKxFlOoUjisDSYJwTNk5i8xyVFXCgUSyJsKf5C54Im_8b5EFPcyt5u8N_88BKyXpP7gnUkclWYgZeHckVFEBY0F36F1xIP8LNjqNb6IJkF939A0GLIb_-b2e3FHoA_VA8eOwyD-NAjuKzKFWnJ3HXgD83bww9zmp6_NwvMGeO965m4x4KZLjfN4j6x8D-EYPvuRzrUT5vNTIS-0JzaI3OiJa8CTscLJoBx-zbAghXGthfGtogpqq0O11HVcNsZhhN2uiGigna610CPgg6FQc-AGhXdJTofYDyOts2xX79fYu5U_wKdJod0e6iwNt6jcaYPxtHs1ju3522ddSgmkISNB60yOmqYckS5GypPzSh4s1lbqgWRQgvt3dsMcFTvxzN3ZKk6TjI1c__tAz6hzIr7nbmDk6XqhCLqjevDQ6oqNJRI8zgmP-7v3oL8NEM_Qvi72cK5dR60JdiLZu6nLvxHt3pYfQrJjRhDlfI_B2VCBuGkNMl6lC2LPREFHqZbiILNH5bKt7llq9B1CUnfh2RX8H0R8_Yw3jiFT3mw5Wa8lsnV9-AHwkds9vhrzIdIMGTEDXJ92WbcvXF-ht9uJOzNQcPff3iO28S51Ar2jfUspVcTa0IlWKLBr2xuitnqf0H4-lAeoX375yfB3aESXNF28p9kHN7NtkQtiZH-Agn_gGAfXRDnOc308Pexi6WFTorH-6ESDvKgrrhx2GK-uYvAlswxGjxfFBU5IN_pycOypKHWlPqeRWVElVCUIZVcSZMWmSoqw1ieGzmwREs7nnGtxya-o8mD93apKWJ11B2090qVBY_n48Jx-DWOnaIs0kxZhDlnyGlp3Zs3HLH_a8KjBY-2omuHpXlqqZOY3Mh92JTfKTKLdlu_RPw9j9CS7AQt_iPrQ-4r27Ukf_ITz2gm488zturo0mz6XaJ8xzx8Bwm1LW2Yc7vQ_XkiZ2LwRUzc9JtDbzHzw1nSzHftx2cS35BYVMPLu-m4b470SJm3fTZm27jC3JUBoJgFqBMnfXltgcmDqKZFzBoegoK8g0_ZJ6xjn23XnQFW-x45Koy0fj122sgJTpzm4HiRhwCKHIClmp8_KrvoHNblOfSZEr0BA1OyPmjLwaKLYCatAWBMMya4favjcuwb2FTjBfQNrRtc9BkNSpR61kfD5hfr0_7-dwpQ4oAAseESwrW29jFs-wG6jAw1HQZGZvbXxB_SsXcOxvFiQDe7dNAScwAFTmpMzOu1i3adMNZaO16hqJqd0HM6qAwG1qeD6S9Yh-em-OoYMn9x-_DmeJicnXsqPWfuFYfVDDNKx0ilx_o9mxHqUuoZhtczW0_QxZYTNefT6uRdfGVq5oO0684MocrOTuowjnOmmDMegTWB08SZ6xYFQHXxVH_gzQpVfZDeDNTYa2yTDOkbe5n4PUHirUfvnUknYnl3cL2QyUZrq2tOQDOBrMWiuVM1uMO1_2_6zBqs8BfLkGwYum3boT3LL_ZaFImdRwLL7lw2rzifmZPPZa23swZnCrVrgH_CaCNp4zsd4cRqh7ta0TkSzVN_MjI2XGI7hCAsxO54sfwUo2e5m-TA2GEt21u3uY5WbmtvMfUPpDv2s0MGzToz5oAFOMYxQcWPqiaCM7MT2UzDsrE9g7VDEjYD2Xc7U4fGNv5SXcSUJXJobd93MY7QnKl_bzRNyw3fF69Zd89M_L3zLQ99sZ55vAEWnEKDgYEtT0DPqifA_VbDFm_k2EN4aQj-xuqmmL3AwOCc07BgLvFbKx2oa_063LQlXYvoKoUNV5zFgSHXszkxA0qW3UMTQwHn4XwpHX1iUmCc-49RUma6_oYJKxh8W0eZHwPDYmCPdBlYsjKC7GCPYa9BBL-pah6SzTjMV4JJOAXsHhEanI9kAzZz5UxoWYT0KNgbFGtVCNYNdPUXr2yVG8ZL62yC9ffPENmIFNmkaS7yIUaTQ5q7DiB-P23-2gSSNcHg18FIuHGmPmwDTgVGT8-eV8jaMAAyIR9JO0zMbesZXbW9YvyCVb4XQoH1ZT1bsqkt3PqhrEzIwJ59iome1QmB0vDFFt9OOg734l3ZG8fFu7PhG6HdAZknJcloobMS-9CxV3dQMRlYnSTnONZx_tr946yN8-CGPGiRlK3GB5lHXN0QydQbN6zl1QIbdW3gVIcMKNkcjp6BdcsVCH86TgvuCfuWagJXbdbV4DWtvGg2Rbkdw63GJxud7esXIlbmx5abzEDPclQrW7s2jl3V7YMhwmYmhueBfiZAR9fZrtbGOYWxbreG1grr155CR8ffQpIxarymjjM1-9br42ltuoLtjsPEqsDpbh4dUqx6xtpfSFXyHGJ5nCCe8iwcHUquzaKn_UCPGgXvAxgnCsDMvQBJk0PVzRgMrFZ_Mz-pqou6RwMPs57IWQF54m3i5r0IxhyFRgYCZCQdaVykmgRqjoMBJcvqtsG49r6gO-d_FoVfrRmCNQMM9q6ghSUjoLjJYUwWrhpt8PFjE6HE9bHRyDggUkQFVJwJAwZmApKLI45TDeV9bm_411WRiWAxBjekflDlYtu6ot8zoMDRCqrXMKGRiSCjijOomctYtqqA2L7aP2pdaVJeZ2W5ePH0FnA8eCdM5eB0OVgeYrQxLCTPRJwVKoiLmBKqDomOnkPAawU7QU1Mo5QTwAQ7Sf7UFZ98yHlEKBss9BZWwzQIsctRwR71iufLLUnlwzztgdWWqGpO_GpxNREPXLC503zt3bbqMgrJVfk3V0HOUYSnceMW4THdHEWmps5DC9uDsA9A2jg_EV3aB4yzPDLlVlb_2Yex_if0rTObabBH_L-d1xTUq6KbbJV9Vgb_9IlJeQ3W-OzKkS2THLV9cR3zHjY3tOyp_dog56DtyVFaxlQbzKz5reAcFwTXvte6YFg-bAzLnjQoq2D1qdxaHuDEDTVb3FBgyg8IWSpHhClfJIWmgw8eZkSZ3UWCzAVU-fZmZH2DTQQY0-NHphdTrq4EL5Z8wSuUkTylxoS6Qo3ZMhk513yaJAwTpVlFylKwE6O261HrGVyg_u92YOq3iauu6DPZSs6OLKTwTM94v4gTSwQ6ByDoBxpTP_Ed2CsQbCM0W7CF4y-u8WlUmyUjpoS3ir1gbLTH55EnW2NSf7J00QKew-TIQzX5nI31VskXxw6k50GLy-EvxCLIVgxZcaWxXbAius1A6yjCYz-d0mb_GUb2pOvIexOXqfsAHownLv1huxow2ap_IrzeaqJGjtT6LIt0hHZXcoPYCmTeq5UN5gj_rFRelXRq4m_mvg2hL2Ru8pZjAzMTYQscLBoeIM_mt5rgaJxVidcm3VoNGJKFQry_NCD5PtGgpns6G1lRU-4NHzJJXyuioOFxCmsgOM37NzmHMJ0O5hj7m8iGqK1u2Qna61YJl6qBV2zVsBh7eNboaoa28_gN52ZC_J2I_YDN2H0V&uniformat=true&callback=Ya%5B3905798299756%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

189e4417cfd2ba6e044f6c995f3a43091cee252626f2e7abdfeb7a05bb63d5a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1678712305863611-6314977989469788069-sas2-0451-sas-l7-balancer-8080-BAL-7063
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: VideoCreativeReach
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 13 Mar 2023 12:58:25 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: http://download-telegram.org
uniformat-video-answer: true
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 13 Mar 2023 12:58:25 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/1961151/
Redirect Chain

https://mc.yandex.com/watch/1961151?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3...
https://mc.yandex.com/watch/1961151/1?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8...

256 B
348 B

71ms
71ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1961151/1?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A1639979038165%3Ahid%3A793930901%3Az%3A0%3Ai%3A20230313125825%3Aet%3A1678712306%3Ac%3A1%3Arn%3A648122219%3Au%3A1678712305538391132%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1678712304172%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678712306%3At%3A%D0%9F%D1%80%D0%BE%20%D0%BC%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20Telegram%3A%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%2C%20%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29lt%2835200%29aw%281%29ti%282%29

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4e578c2bc7b4cb5ee47d4e240e887ec0edf515d1de0b69a5415c25408fcc96e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 13-Mar-2023 12:58:25 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:58:25 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:25 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Mar-2023 12:58:25 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/1961151/1?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A1639979038165%3Ahid%3A793930901%3Az%3A0%3Ai%3A20230313125825%3Aet%3A1678712306%3Ac%3A1%3Arn%3A648122219%3Au%3A1678712305538391132%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1678712304172%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678712306%3At%3A%D0%9F%D1%80%D0%BE%20%D0%BC%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20Telegram%3A%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%2C%20%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29lt%2835200%29aw%281%29ti%282%29
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:58:25 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/28975340/
Redirect Chain

https://mc.yandex.com/watch/28975340?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A689%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...
https://mc.yandex.com/watch/28975340/1?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A689%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...

427 B
463 B

80ms
79ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/28975340/1?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A689%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1192532992562%3Ahid%3A793930901%3Az%3A0%3Ai%3A20230313125825%3Aet%3A1678712305%3Ac%3A1%3Arn%3A215085470%3Arqn%3A1%3Au%3A1678712305538391132%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A247%2C50%2C55%2C103%2C0%2C0%2C%2C395%2C7%2C%2C%2C%2C851%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1678712304172%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678712306%3At%3A%D0%9F%D1%80%D0%BE%20%D0%BC%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20Telegram%3A%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%2C%20%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

2c8609a8930cbb1cbdeb839571ace81ecbb3b4b5609ff56f8162c61f32134acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 13-Mar-2023 12:58:25 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:58:25 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:25 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Mar-2023 12:58:25 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/28975340/1?wmode=7&page-url=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A689%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1192532992562%3Ahid%3A793930901%3Az%3A0%3Ai%3A20230313125825%3Aet%3A1678712305%3Ac%3A1%3Arn%3A215085470%3Arqn%3A1%3Au%3A1678712305538391132%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A247%2C50%2C55%2C103%2C0%2C0%2C%2C395%2C7%2C%2C%2C%2C851%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1678712304172%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678712306%3At%3A%D0%9F%D1%80%D0%BE%20%D0%BC%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20Telegram%3A%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%2C%20%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:58:25 GMT

GET
H2 200 1NEIell60Gm200000000U9nJ_33tr7JhhHUQ3UtEfhp8szSiOFbHbZ-50GWyOIAXPKjJesBtlv5bI6K4YcVQdRrp2oHUoWparOBKjZA2o4wGB10mCSnar5WBOIzaL965i5Ooxk22i3Q2r6q0QTxBg3o5a-4eMEOi8qZaAYD8yYuZWmm3mr_6MKmC37EPG29BcKu1f... Show response
yandex.ru/an/rtbcount/ 43 B
392 B 77ms
75ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1NEIell60Gm200000000U9nJ_33tr7JhhHUQ3UtEfhp8szSiOFbHbZ-50GWyOIAXPKjJesBtlv5bI6K4YcVQdRrp2oHUoWparOBKjZA2o4wGB10mCSnar5WBOIzaL965i5Ooxk22i3Q2r6q0QTxBg3o5a-4eMEOi8qZaAYD8yYuZWmm3mr_6MKmC37EPG29BcKu1fTSo_GAoppBz1u9NJ0BicsoCxSu2HKINhZh-ZPNXBnCBo37Ch42obraHI4vb1ccUoym4SW0pawC2o7wMZSphhksV_CqgZE4aCyp_Ly4gxuB9dymEJlmGvxESUVG1p5h1ik8MqmOMnXqiJ0TO_iC0uqqMY9y-s3za-R_rwIokhklsRrb0_bd0odcIrT2G6onzWRMXeO7b9kk7gUzFXxtFx_pA2jBTmTR0Ce7jm-vL-tOkN_kYcN46svN3mGlOrkwyjlZhjRz_kXbNii7CFC3cSOAD-H4RRx2ferM0cP5lIbfwklbBDfZjFzaojWR-CvtsoNuYUvtoVCVUdBVsizZPp8rD3OoDDh0pxM3dES4k_e3zuO6h9pjVl9kOzOETPm47q4ihE9PORU3O8Rg3Wn40KMwnMW00

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Mar 2023 12:58:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1678712305965231-62850064571620502-sas2-0451-sas-l7-balancer-8080-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 13 Mar 2023 12:58:25 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 13 Mar 2023 12:58:25 GMT

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 84ms
66ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:26 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 64ms
62ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://download-telegram.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://download-telegram.org
access-control-max-age: 1728000
content-encoding: gzip
date: Mon, 13 Mar 2023 12:58:25 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 7025 95 B
400 B 270ms
73ms Image
image/png 2a02:6b8::5:114
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:58:26 GMT
Strict-Transport-Security: max-age=315360000; includeSubDomains
Server: nginx/1.14.2
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Tue, 14 Mar 2023 12:58:26 GMT

GET
H2

200

40c343949edcdf4eb8c3f6
an.yandex.ru/mapuid/arcspireis/ Frame 7025
Redirect Chain

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389
https://an.yandex.ru/mapuid/arcspireis/40c343949edcdf4eb8c3f6

43 B
82 B

77ms
67ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/arcspireis/40c343949edcdf4eb8c3f6

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:26 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/arcspireis/40c343949edcdf4eb8c3f6
date: Mon, 13 Mar 2023 12:58:25 GMT
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

0100007FF21D0F6470054DA5023129DF
an.yandex.ru/mapuid/sapeis/ Frame 7025
Redirect Chain

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14
https://acint.net/rmatch?dp=14&euid=1C03420AF21D0F64B200F12E02297C0E&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D
https://an.yandex.ru/mapuid/sapeis/0100007FF21D0F6470054DA5023129DF

43 B
80 B

77ms
74ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007FF21D0F6470054DA5023129DF

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:26 GMT

Redirect headers

date: Mon, 13 Mar 2023 12:58:26 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://an.yandex.ru/mapuid/sapeis/0100007FF21D0F6470054DA5023129DF
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

8ed9d56f-3fc2-5248-af48-5290cb474f62
an.yandex.ru/mapuid/betweendigitalis/ Frame 7025
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1
https://an.yandex.ru/mapuid/betweendigitalis/8ed9d56f-3fc2-5248-af48-5290cb474f62

43 B
80 B

82ms
74ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/8ed9d56f-3fc2-5248-af48-5290cb474f62

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:26 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/8ed9d56f-3fc2-5248-af48-5290cb474f62
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 7025
Redirect Chain

https://yandex.ru/an/mapuid/adobedmp/
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=95D3085BC1AFEAE7
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=95D3085BC1AFEAE7

42 B
942 B

42ms
42ms

Image
image/gif

63.33.154.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=95D3085BC1AFEAE7

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

HTTP/1.1

Server

63.33.154.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-154-254.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-077489ad8.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Jb7L/g9WRn4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v046-05b75a697.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Fn9UbbpGTEM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=95D3085BC1AFEAE7
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

match
match.360yield.com/ul_cb/ Frame 7025
Redirect Chain

https://yandex.ru/an/mapuid/azerionis/
https://match.360yield.com/match?external_user_id=9F10B48DEEF125D3&publisher_dsp_id=429&publisher_call_type=redirect
https://match.360yield.com/ul_cb/match?external_user_id=9F10B48DEEF125D3&publisher_dsp_id=429&publisher_call_type=redirect

43 B
198 B

42ms
34ms

Image
image/gif

54.229.123.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/ul_cb/match?external_user_id=9F10B48DEEF125D3&publisher_dsp_id=429&publisher_call_type=redirect
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: H2
Server: 54.229.123.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-123-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Mar 2023 12:58:26 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://match.360yield.com/ul_cb/match?external_user_id=9F10B48DEEF125D3&publisher_dsp_id=429&publisher_call_type=redirect
date: Mon, 13 Mar 2023 12:58:26 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
yandex.ru/an/mapuid/behaviorx/ Frame 7025 0
0 88ms
67ms Image
text/html 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yandex.ru/an/mapuid/behaviorx/
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2

200

match
ads.betweendigital.com/ Frame 7025
Redirect Chain

https://yandex.ru/an/mapuid/betweenx/
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=E8F361AC5B5B281F
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=E8F361AC5B5B281F&crf=1

68 B
607 B

20ms
13ms

Image
image/png

188.42.34.64
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=E8F361AC5B5B281F&crf=1
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: H2
Server: 188.42.34.64 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=161&external_user_id=E8F361AC5B5B281F&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

204
No Content

pixel
im.bluevoox.com/ Frame 7025
Redirect Chain

https://yandex.ru/an/mapuid/blueseaxcom/
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=82634EF002468EC9

0
241 B

336ms
109ms

Image
text/plain

52.45.175.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=82634EF002468EC9
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Server: 52.45.175.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-175-185.compute-1.amazonaws.com
Software: openresty /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Connection: close
Date: Mon, 13 Mar 2023 12:58:26 GMT
Server: openresty

Redirect headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1678712306023030-10805592702882938828-sas2-0451-sas-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=82634EF002468EC9
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:26 GMT

GET
H2 200 /
yandex.ru/an/mapuid/eplanningrtb/ Frame 7025 0
0 87ms
68ms Image
text/html 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yandex.ru/an/mapuid/eplanningrtb/
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7025
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=190F90FC64F5D32A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
232 B

75ms
25ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=190F90FC64F5D32A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1678712306023497-15655763180020340973-sas2-0451-sas-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=190F90FC64F5D32A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:26 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7025
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=190F90FC64F5D32A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
232 B

85ms
24ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=190F90FC64F5D32A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1678712306023719-11522785361668899345-sas2-0451-sas-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=190F90FC64F5D32A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:26 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7025
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=190F90FC64F5D32A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
409 B

80ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=190F90FC64F5D32A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1678712306023946-6370818797882573324-sas2-0451-sas-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=190F90FC64F5D32A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:26 GMT

GET
H2

200

sync
t.adx.opera.com/ Frame 7025
Redirect Chain

https://yandex.ru/an/mapuid/operacom/
https://t.adx.opera.com/sync?vendor=60143&uid=4B3A26A4BD147F4E

35 B
467 B

118ms
30ms

Image
image/gif

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60143&uid=4B3A26A4BD147F4E
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1678712306024221-5002028882387266174-sas2-0451-sas-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://t.adx.opera.com/sync?vendor=60143&uid=4B3A26A4BD147F4E
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:26 GMT

GET
H2 200 /
yandex.ru/an/mapuid/xapadsssp/ Frame 7025 43 B
156 B 86ms
70ms Image
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yandex.ru/an/mapuid/xapadsssp/

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1678712306024535-8997779685165301103-sas2-0451-sas-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:26 GMT

GET
H2

200

cd1f3fca65ba21b0e6005c1bfb2112fe7008b2590f018ca37106b4077a0f42dc
an.yandex.ru/mapuid/mediascope/ Frame 7025
Redirect Chain

https://cm.tns-counter.ru/yacm
https://an.yandex.ru/mapuid/mediascope/cd1f3fca65ba21b0e6005c1bfb2112fe7008b2590f018ca37106b4077a0f42dc

43 B
80 B

81ms
73ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediascope/cd1f3fca65ba21b0e6005c1bfb2112fe7008b2590f018ca37106b4077a0f42dc

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:26 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
server: ms-counter-4.0.4/1.22.1
content-type: text/html
location: https://an.yandex.ru/mapuid/mediascope/cd1f3fca65ba21b0e6005c1bfb2112fe7008b2590f018ca37106b4077a0f42dc
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 204 match
dm.hybrid.ai/ Frame 7025 0
278 B 203ms
50ms Image
text/plain 37.18.16.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=182

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://yastatic.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 121
x-xss-protection: 1; mode=block
expires: -1

GET
H2 204 yandexdmp-match
dm.hybrid.ai/ Frame 7025 0
238 B 202ms
49ms Image
text/plain 37.18.16.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/yandexdmp-match

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 126
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

aYAsNsuNkkMRhk67U5Qp
an.yandex.ru/mapuid/dmpamberdata/ Frame 7025
Redirect Chain

https://dmg.digitaltarget.ru/1/119/i/i?i=1678712305
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1678712306231&i=1678712305
https://an.yandex.ru/mapuid/dmpamberdata/aYAsNsuNkkMRhk67U5Qp

43 B
80 B

65ms
65ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpamberdata/aYAsNsuNkkMRhk67U5Qp

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:26 GMT

Redirect headers

Date: Mon, 13 Mar 2023 12:58:26 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 13
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://an.yandex.ru/mapuid/dmpamberdata/aYAsNsuNkkMRhk67U5Qp
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

match
match.360yield.com/ Frame 7025
Redirect Chain

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID}
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D
https://an.yandex.ru/mapuid/azerionis/1d70c21b-7f58-4bb5-9d4a-5fa10b3ca0ac
https://match.360yield.com/match?external_user_id=1d70c21b-7f58-4bb5-9d4a-5fa10b3ca0ac&publisher_dsp_id=429&publisher_call_type=redirect

43 B
198 B

68ms
35ms

Image
image/gif

54.229.123.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?external_user_id=1d70c21b-7f58-4bb5-9d4a-5fa10b3ca0ac&publisher_dsp_id=429&publisher_call_type=redirect
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: H2
Server: 54.229.123.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-123-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Mar 2023 12:58:26 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://match.360yield.com/match?external_user_id=1d70c21b-7f58-4bb5-9d4a-5fa10b3ca0ac&publisher_dsp_id=429&publisher_call_type=redirect
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:26 GMT

GET
H2

200

71a73510-e5ac-4fa5-66a6-1219a383eb05
an.yandex.ru/mapuid/buzzooladspis/ Frame 7025
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D
https://an.yandex.ru/mapuid/buzzooladspis/71a73510-e5ac-4fa5-66a6-1219a383eb05

43 B
82 B

77ms
68ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/buzzooladspis/71a73510-e5ac-4fa5-66a6-1219a383eb05

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:26 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/buzzooladspis/71a73510-e5ac-4fa5-66a6-1219a383eb05
date: Mon, 13 Mar 2023 12:58:26 GMT
server: nginx
content-length: 113
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

ZA8d8lDkzIE
an.yandex.ru/mapuid/soltadspis/ Frame 7025
Redirect Chain

https://kimberlite.io/rtb/sync/yandex
https://ads.betweendigital.com/match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fso...
https://kimberlite.io/rtb/sync/between2?u=8ed9d56f-3fc2-5248-af48-5290cb474f62&f=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FZA8d8lDkzIE&n=1
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZA8d8lDkzIE
https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZA8d8lDkzIE
https://tech.rtb.mts.ru/?dsp_uid=e5f9344c-6572-41d9-98db-1667181638ab&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%...
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D
https://sm.rtb.mts.ru/em?next=59&em=1&ssp=konnektu&id=
https://kimberlite.io/rtb/sync/mts?u=e5f9344c-6572-41d9-98db-1667181638ab
https://an.yandex.ru/mapuid/soltadspis/ZA8d8lDkzIE

43 B
80 B

65ms
65ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/soltadspis/ZA8d8lDkzIE

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Mar 2023 12:58:27 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:27 GMT

Redirect headers

Date: Mon, 13 Mar 2023 12:58:27 GMT
referrer-policy: no-referrer
Server: nginx
access-control-allow-origin: *
location: https://an.yandex.ru/mapuid/soltadspis/ZA8d8lDkzIE
cache-control: no-store
access-control-allow-credentials: true
Connection: keep-alive
server-timing: app;srv=2;dur=0.0003
Content-Length: 0

GET
H2

200

/
an.yandex.ru/mapuid/targetrtbis/ Frame 7025
Redirect Chain

https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
https://an.yandex.ru/mapuid/targetrtbis/

43 B
80 B

68ms
65ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/targetrtbis/

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:26 GMT

Redirect headers

Date: Mon, 13 Mar 2023 12:58:26 GMT
Server: nginx/1.22.1
Vary: Origin
Access-Control-Allow-Origin: *
Location: https://an.yandex.ru/mapuid/targetrtbis/
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET pixel
mitdmp.whiteboxdigital.ru/ Frame 7025 0
0

GET
H/1.1 200
OK cm
nr.bidderstack.com/yandex/ Frame 7025 297 B
297 B 610ms
566ms Image
text/plain 23.88.12.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.88.12.13 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.13.12.88.23.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2

200

/
an.yandex.ru/mapuid/ramblerssp/ Frame 7025
Redirect Chain

https://profile.ssp.rambler.ru/sync3.302?pid=188
https://an.yandex.ru/mapuid/ramblerssp/

43 B
80 B

76ms
72ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:26 GMT

Redirect headers

date: Mon, 13 Mar 2023 12:58:26 GMT
strict-transport-security: max-age=0
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location: //an.yandex.ru/mapuid/ramblerssp/
content-type: application/x-javascript; charset=Windows-1251
x-passed: 2bal2
content-length: 0

GET
H2

200

POfMEd3lUDD.AikABlGG2wz7Ew
an.yandex.ru/mapuid/getintentis/ Frame 7025
Redirect Chain

https://px.adhigh.net/p/cm/yandexssp
https://px.adhigh.net/p/cm/yandexssp?bounced=1
https://an.yandex.ru/mapuid/getintentis/POfMEd3lUDD.AikABlGG2wz7Ew

43 B
80 B

66ms
65ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/getintentis/POfMEd3lUDD.AikABlGG2wz7Ew

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:26 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
server: nginx
x-backend-id: f13-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://an.yandex.ru/mapuid/getintentis/POfMEd3lUDD.AikABlGG2wz7Ew
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

noqTF1yJTh4bUvL5.kKUjO
an.yandex.ru/mapuid/dmpweborama/ Frame 7025
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1599192620
https://an.yandex.ru/mapuid/dmpweborama/noqTF1yJTh4bUvL5.kKUjO

43 B
80 B

98ms
65ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpweborama/noqTF1yJTh4bUvL5.kKUjO

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:26 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
via: 1.1 google
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://an.yandex.ru/mapuid/dmpweborama/noqTF1yJTh4bUvL5.kKUjO
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 y
rtb-eu-warsaw.intent.ai/um/ Frame 7025 68 B
840 B 85ms
42ms Image
image/png 2606:4700:20::681a:e45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb-eu-warsaw.intent.ai/um/y

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 68
pragma: no-cache
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKUW%2FDFgGOrKYxBAYqq8N8srJWnG2y%2B8dHUD2RBU0IGEJaK5H2IW5BA24Et%2FqGAGir0gr1u9NQU%2BUusBuv2T2fIpxqlSJiwZxpUwt4DS%2BYzfd9szQSLdmUVDnI34dTxZO6OhEcTdbB0Z3UJOYrIi0dGusXBQ"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
cf-ray: 7a7472cbaed09b9b-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2

200

1wAYbu8DI5D9rynoQVUZ
an.yandex.ru/mapuid/kadamis/ Frame 7025
Redirect Chain

https://s.uuidksinc.net/match/501
https://an.yandex.ru/mapuid/kadamis/1wAYbu8DI5D9rynoQVUZ

43 B
293 B

84ms
67ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/kadamis/1wAYbu8DI5D9rynoQVUZ

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:26 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/kadamis/1wAYbu8DI5D9rynoQVUZ
date: Mon, 13 Mar 2023 12:58:26 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

abd2b9de-dc14-4c1d-9022-a059f9d39d2b
an.yandex.ru/mapuid/mtsdspis/ Frame 7025
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=yandex&id=map
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map
https://tech.rtb.mts.ru/?dsp_uid=abd2b9de-dc14-4c1d-9022-a059f9d39d2b&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Fabd2b9de-dc14-4c1d-9022-a059f9d39d2b
https://an.yandex.ru/mapuid/mtsdspis/abd2b9de-dc14-4c1d-9022-a059f9d39d2b

43 B
152 B

86ms
85ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mtsdspis/abd2b9de-dc14-4c1d-9022-a059f9d39d2b

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Mar 2023 12:58:27 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:27 GMT

Redirect headers

Date: Mon, 13 Mar 2023 12:58:27 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/mapuid/mtsdspis/abd2b9de-dc14-4c1d-9022-a059f9d39d2b
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET scr.php
sonar.semantiqo.com/dmp/ Frame 7025 0
0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 7025 42 B
201 B 374ms
79ms Image
image/gif 81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:58:26 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 7025 42 B
201 B 446ms
93ms Image
image/gif 81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:58:26 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 pixel.gif
sync.1dmp.io/ Frame 7025 12 B
155 B 255ms
51ms Image
text/html 87.242.89.90
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 87.242.89.90 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
server: elb
accept-ranges: bytes
etag: "63d8131e-c"
content-length: 12
content-type: text/html

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame 7025 43 B
390 B 135ms
40ms Image
image/gif 31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=yandex
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 13 Mar 2023 12:58:26 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 204 yandexortb
sync.dmp.otm-r.com/match/ Frame 7025 0
69 B 148ms
49ms Image
text/plain 195.201.106.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/yandexortb
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.106.117 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.106.201.195.clients.your-server.de
Software: nginx/1.15.9 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Mar 2023 12:58:26 GMT
server: nginx/1.15.9

GET
H2

200

NjcyMmEwMWYyN2UyNDU2ZQ
an.yandex.ru/mapuid/gonetisnew/ Frame 7025
Redirect Chain

https://sync.gonet-ads.com/match/yandex?id=[buyerUid]
https://sync.gonet-ads.com/match/yandex?id=%5BbuyerUid%5D&chk=1
https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

43 B
80 B

80ms
66ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Mar 2023 12:58:27 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:27 GMT

Redirect headers

date: Mon, 13 Mar 2023 12:58:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
location: https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 204 sync
sync.upravel.com/yandex/ Frame 7025 0
40 B 4219ms
4125ms Image
text/plain 148.251.78.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.upravel.com/yandex/sync
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.78.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: prod-hzeu-bidder-8.community.moscow
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:31 GMT
server: nginx

GET
H2

200

pMTOADNGu8JvoZaQUfytlg
an.yandex.ru/mapuid/dmpaidatame/ Frame 7025
Redirect Chain

https://x01.aidata.io/0.gif?pid=YANDEX
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
https://an.yandex.ru/mapuid/dmpaidatame/pMTOADNGu8JvoZaQUfytlg?sign=742231173

43 B
80 B

65ms
64ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpaidatame/pMTOADNGu8JvoZaQUfytlg?sign=742231173

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Mar 2023 12:58:27 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:27 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:27 GMT
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://an.yandex.ru/mapuid/dmpaidatame/pMTOADNGu8JvoZaQUfytlg?sign=742231173
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 13 Mar 2023 12:58:26 GMT

GET
H2

200

DDd6fw3MTozN
an.yandex.ru/mapuid/dmpsegmento/ Frame 7025
Redirect Chain

https://yandex-dmp-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/dmpsegmento/DDd6fw3MTozN?sign=740188194

43 B
80 B

74ms
68ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpsegmento/DDd6fw3MTozN?sign=740188194

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Mar 2023 12:58:27 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:27 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/dmpsegmento/DDd6fw3MTozN?sign=740188194
Date: Mon, 13 Mar 2023 12:58:27 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

ErAn4BfuxOJc
an.yandex.ru/mapuid/rutargetis/ Frame 7025
Redirect Chain

https://yandex-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/rutargetis/ErAn4BfuxOJc

43 B
80 B

76ms
69ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/rutargetis/ErAn4BfuxOJc

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Mar 2023 12:58:27 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:27 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/rutargetis/ErAn4BfuxOJc
Date: Mon, 13 Mar 2023 12:58:27 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

POST
H2 200 1 Show response
mc.yandex.com/watch/1961151/ 43 B
158 B 62ms
61ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1961151/1?page-url=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&cnt-class=1&hittoken=1678712305_374a05eb793ef8150495c012f8ea9c12ea2aa5a6d05f7bb093deaabad135398a&browser-info=pa%3A1%3Aar%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A689%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A1639979038165%3Ahid%3A793930901%3Az%3A0%3Ai%3A20230313125826%3Aet%3A1678712306%3Ac%3A1%3Arn%3A537525086%3Arqn%3A1%3Au%3A1678712305538391132%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A247%2C50%2C55%2C103%2C0%2C0%2C%2C395%2C7%2C%2C%2C%2C851%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1678712304172%3Aadb%3A2%3Ast%3A1678712306&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(1)lt(44200)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Mar-2023 12:58:26 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:58:26 GMT

GET
H2 200 1961151 Show response
mc.yandex.com/watch/ 43 B
74 B 69ms
68ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1961151?page-url=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&cnt-class=1&hittoken=1678712305_374a05eb793ef8150495c012f8ea9c12ea2aa5a6d05f7bb093deaabad135398a&browser-info=pv%3A1%3Aar%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A1639979038165%3Ahid%3A793930901%3Az%3A0%3Ai%3A20230313125826%3Aet%3A1678712306%3Ac%3A1%3Arn%3A637412434%3Arqn%3A2%3Au%3A1678712305538391132%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1678712304172%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678712306%3At%3A%D0%9F%D1%80%D0%BE%20%D0%BC%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20Telegram%3A%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%2C%20%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(2)lt(44200)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Mar-2023 12:58:26 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:58:26 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/28975340/ 43 B
74 B 69ms
68ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/28975340/1?page-url=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&hittoken=1678712305_523b2e11c90d1018d3a62990b0c32cfb2afbc1ad91933d4cbf9fc3d05c6b74ea&browser-info=pa%3A1%3Aar%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1192532992562%3Ahid%3A793930901%3Az%3A0%3Ai%3A20230313125826%3Aet%3A1678712306%3Ac%3A1%3Arn%3A975935023%3Arqn%3A2%3Au%3A1678712305538391132%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1678712304172%3Aadb%3A2%3Ast%3A1678712306&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(2)lt(44200)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Mar-2023 12:58:26 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:58:26 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 76ms
70ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://download-telegram.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://download-telegram.org
access-control-max-age: 1728000
content-encoding: gzip
date: Mon, 13 Mar 2023 12:58:26 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 75ms
73ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:58:26 GMT

GET
H2 200 02cea12995d91bd47132.js Show response
yastatic.net/partner-code-bundles/735032/ 30 KB
9 KB 44ms
42ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/735032/02cea12995d91bd47132.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a1a1b86ef87abb664993bd9b1fe433f3f1f60834793d4ce968f08ed4f9f04b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8825
last-modified: Thu, 09 Mar 2023 18:41:15 GMT
server: nginx/1.17.9
etag: "f5d7c6e366b2c12c5ca86b59ce59523a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 12 Mar 2053 19:31:07 GMT

GET
H2 200 7fbffdcbfbe94ff9a280.js Show response
yastatic.net/partner-code-bundles/735032/ 47 KB
12 KB 45ms
43ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/735032/7fbffdcbfbe94ff9a280.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

3286f9a70293454f005e1f6352083d63bbf12fefa3a192cd1f27405679ea3bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 12152
last-modified: Thu, 09 Mar 2023 18:41:16 GMT
server: nginx/1.17.9
etag: "8cd51d844914e5175469a4a092b91490"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 12 Mar 2053 19:32:34 GMT

GET
H2 200 orig
avatars.mds.yandex.net/get-vh/6374015/2a000001851b008795969fc69643a26c7843/ 41 KB
42 KB 78ms
77ms Image
image/jpeg 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-vh/6374015/2a000001851b008795969fc69643a26c7843/orig
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 99aff61d2168ad41285dadb39fe1472d4b66bcb3f4f4f1e0c0a443d329b59569

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
last-modified: Fri, 16 Dec 2022 12:54:57 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
content-type: image/jpeg
cache-control: max-age=86400,immutable
timing-allow-origin: *
content-length: 42442
x-request-id: c525614231d01317

GET
H/1.1 200
Ok ngphaselisbay.com
favicon.yandex.net/favicon/ 838 B
1 KB 221ms
72ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/ngphaselisbay.com?size=32&stub=2

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a143601cbf91eb6fd625e915d15103fdb1883e63177e7065f439870cb24025a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 inpage.bundle.js Show response
yastatic.net/vas-bundles/731705/bundles-es2017/ 729 KB
182 KB 49ms
45ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/vas-bundles/731705/bundles-es2017/inpage.bundle.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/735032/02cea12995d91bd47132.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1c1561e7cda9cf1a36d405c1dfa965ae7e0b6d7589b203d0177bb18e60316fb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=946708560; includeSubDomains;

Request headers

Referer: http://download-telegram.org/
Origin: http://download-telegram.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: br
strict-transport-security: max-age=946708560; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 186051
last-modified: Fri, 03 Mar 2023 07:32:09 GMT
server: nginx/1.17.9
etag: "1d11e07c8d08566ec108660d44704e02"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 12 Mar 2053 19:30:23 GMT

GET
H2 200 matchx Show response
uuidksinc.net/ Frame 7979 3 KB
1 KB 57ms
39ms Document
text/html 31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://uuidksinc.net/matchx
Requested by: Host: dariolunus.com
URL: https://dariolunus.com/787276.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: fd855412a4f1e588f022460fd8d8eacadea666dfb8996306ce9f12e56074ccb1

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 13 Mar 2023 12:58:26 GMT
server: nginx/1.19.0
vary: Accept-Encoding

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/ 150 KB
51 KB 125ms
93ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/reactive_library_fy2021.js?bust=31072715

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1406b0fa38677e563293cb09c96df2ea236b1da0ab520fdd9f19622b80264a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52398
x-xss-protection: 0
server: cafe
etag: 6160637109041585858
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Mar 2023 12:58:26 GMT

GET
H2

200

1
mc.yandex.ru/watch/39370120/
Redirect Chain

https://mc.yandex.ru/watch/39370120?vsid=d6ae78f8651f56e46c9b59534b24c60949bd870a42abxVASx5032x1678712305
https://mc.yandex.ru/watch/39370120/1?vsid=d6ae78f8651f56e46c9b59534b24c60949bd870a42abxVASx5032x1678712305

43 B
72 B

71ms
70ms

Ping
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/39370120/1?vsid=d6ae78f8651f56e46c9b59534b24c60949bd870a42abxVASx5032x1678712305

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Mar-2023 12:58:26 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:58:26 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Mar-2023 12:58:26 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/39370120/1?vsid=d6ae78f8651f56e46c9b59534b24c60949bd870a42abxVASx5032x1678712305
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:58:26 GMT

GET
H2

200

/
d.uuidksinc.net/match/216/ Frame 7979
Redirect Chain

https://fcgi4.gnezdo.ru/cookie_matching/kadam/1wAYbu8DI5D9rynoQVUZ
https://fcgi4.gnezdo.ru/cookie_matching/kadam/1wAYbu8DI5D9rynoQVUZ/?redirect=1
https://d.uuidksinc.net/match/216/?remote_uid=XV9maWQPHfIVgXPacdTdAg==

74 B
141 B

48ms
25ms

Image
image/png

31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.uuidksinc.net/match/216/?remote_uid=XV9maWQPHfIVgXPacdTdAg==
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol: H2
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
server: nginx/1.19.0
content-length: 74
content-type: image/png

Redirect headers

location: https://d.uuidksinc.net/match/216/?remote_uid=XV9maWQPHfIVgXPacdTdAg==
access-control-allow-origin: *
date: Mon, 13 Mar 2023 12:58:26 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With
access-control-allow-methods: GET, POST, HEAD

GET
H2 204 smc
z.cdn.adtarget.me/ Frame 7979 0
41 B 104ms
12ms Image
text/plain 212.32.253.229
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.adtarget.me/smc?s=22&u=1wAYbu8DI5D9rynoQVUZ
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 212.32.253.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:56:53 GMT
server: nginx

GET
H2 200 pixel.gif
dmpprof.com/matching/external/ Frame 7979 43 B
745 B 214ms
69ms Image
image/gif 85.192.12.173
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmpprof.com/matching/external/pixel.gif?sid=14&uid=1wAYbu8DI5D9rynoQVUZ
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type: image/gif
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 204 match
dm-eu.hybrid.ai/ Frame 7979 0
281 B 157ms
33ms Image
text/plain 37.18.103.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=158&vid=1wAYbu8DI5D9rynoQVUZ

Requested by

Host: uuidksinc.net
URL: https://uuidksinc.net/matchx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.22 , Netherlands, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://uuidksinc.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 528
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

/
d.uuidksinc.net/match/493/ Frame 7979
Redirect Chain

https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/1wAYbu8DI5D9rynoQVUZ
https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/1wAYbu8DI5D9rynoQVUZ/?redirect=1
https://d.uuidksinc.net/match/493/?remote_uid=XV9maWQPHfIVgXPacdTdAg==

74 B
141 B

39ms
17ms

Image
image/png

31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.uuidksinc.net/match/493/?remote_uid=XV9maWQPHfIVgXPacdTdAg==
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol: H2
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
server: nginx/1.19.0
content-length: 74
content-type: image/png

Redirect headers

location: https://d.uuidksinc.net/match/493/?remote_uid=XV9maWQPHfIVgXPacdTdAg==
access-control-allow-origin: *
date: Mon, 13 Mar 2023 12:58:26 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With
access-control-allow-methods: GET, POST, HEAD

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7979
Redirect Chain

https://rtb.com.ru/kadam-sync?uid=1wAYbu8DI5D9rynoQVUZ
https://rtb.com.ru/sync?noRedirect=&sspKey=60&sspUserID=1wAYbu8DI5D9rynoQVUZ
https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=640f1df21504a0467960abcf&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D640f1df21504a0467960abcf%26d...

170 B
232 B

39ms
38ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=640f1df21504a0467960abcf&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D640f1df21504a0467960abcf%26duid%3D1wAYbu8DI5D9rynoQVUZ%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D640f1df21504a0467960abcf%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D640f1df21504a0467960abcf%252526i%25253D6498534098283289795%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D640f1df21504a0467960abcf%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D640f1df21504a0467960abcf%2525252526nc%252525253D1399135144058746673%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D640f1df21504a0467960abcf%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252FbLvHtWv5iEWupUTRPfQKCX%2525252525253Fsign%2525252525253D208187977%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D640f1df21504a0467960abcf

Requested by

Host: uuidksinc.net
URL: https://uuidksinc.net/matchx

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 13 Mar 2023 12:58:26 GMT
Server: nginx/1.18.0
P3p: CP="rtb.com.ru does not have a P3P policy"
Location: https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=640f1df21504a0467960abcf&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D640f1df21504a0467960abcf%26duid%3D1wAYbu8DI5D9rynoQVUZ%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D640f1df21504a0467960abcf%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D640f1df21504a0467960abcf%252526i%25253D6498534098283289795%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D640f1df21504a0467960abcf%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D640f1df21504a0467960abcf%2525252526nc%252525253D1399135144058746673%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D640f1df21504a0467960abcf%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252FbLvHtWv5iEWupUTRPfQKCX%2525252525253Fsign%2525252525253D208187977%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D640f1df21504a0467960abcf
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Length: 1537

GET
H/1.1 200
OK i
dmg.digitaltarget.ru/1/6573/i/ Frame 7979 49 B
602 B 69ms
67ms Image
image/gif 185.15.175.147
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/1/6573/i/i?a=662&e=1wAYbu8DI5D9rynoQVUZ&i=0.028738885700275274

Requested by

Host: uuidksinc.net
URL: https://uuidksinc.net/matchx

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:58:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 4
Connection: keep-alive
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: DENY
Content-Type: image/gif
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true

POST
H2 200 WVuejI_zO4W1fGy0X1i00000pyTMyWK0I08nyHqFP000000u_hBl0M2C66W4W07faDe6Y07FgQaJa06QpUZ7ue20W0AO0PhDwCTYi06-jEcm2BW1w8UkW2RO0U3nZwq1u07owBcd0Q02YeMt681dY0L0a0MR0h05amEu1OCEm0Nl0iW5cXBW1NQW1iW1g0R80Sa6y...
yandex.ru/an/tracking/ 0
654 B 66ms
65ms Ping
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/tracking/WVuejI_zO4W1fGy0X1i00000pyTMyWK0I08nyHqFP000000u_hBl0M2C66W4W07faDe6Y07FgQaJa06QpUZ7ue20W0AO0PhDwCTYi06-jEcm2BW1w8UkW2RO0U3nZwq1u07owBcd0Q02YeMt681dY0L0a0MR0h05amEu1OCEm0Nl0iW5cXBW1NQW1iW1g0R80Sa6y9tAbpkrq3xDK4AAleCGk0U01T071E07wWwQYe21mf211kW91_09W0hu2T05W0eAY0i8gWiGH_yoYJxD002bxwkgn_O50F0B1k0DWeA1WO20W8W4yBkglhcdhUY3-0wffvUe2QWFlfgZsAJHxy4Gk0yQW12dWOSaaKIO4OdbBA6vFu0Ke8301AWKcmA4lfUW1k0K0TWMyRcZ-ENAqg7P0O4N003mFvWNbxkNBz0Nq8O3s1UXXplG627u6C6AzkoZZxpyOu0Pk1e2WXmDKpL1Ea9rTKvaPcTdD-aSW1r_eHrVUf1ukgtdFwWT0fWUy_OHq1xvlBpDdQ3g_4dO7hYD7w0VyBRm9h0V2SWVyFZ7Lj8V1ZSpDJ0pCk0W0T0X____0TKY__z__u4ZYIEQcPcPcPdPFn40Pv04aXZ6OKXhJv0xbo9183R1zDpRonnBwCdu2uGSi1p3aiP59fpAM-G793Pc9wzU2Or3VxJ8O1G0~1?action-id=11&adsdk-bundle-version=731705&adsdk-bundle-name=InPage&ad-session-id=24271678712305326&vsid=d6ae78f8651f56e46c9b59534b24c60949bd870a42abxVASx5032x1678712305&top-ancestor=http%3A%2F%2Fdownload-telegram.org&top-ancestor-undetermined=0&client-ts=1678712306531&client-timezone-offset=0&viewability-undetermined=0&video-volume=50&video-muted=1&pcode-active-testids=733957%2C0%2C79%3B735484%2C0%2C34&document-has-focus=true&is-fullscreen=false&ad-pod-id=a34sdf%3B1124936991%3B0%3B98a4c44b4b0a12e8%3B1190004227729575230%3B181533808%3B1961151%3B4%3B0&product-theme=video-default&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22width%22%3A682%2C%22height%22%3A384%2C%22w%22%3A682%2C%22h%22%3A384%2C%22left%22%3A265%2C%22top%22%3A2154%2C%22visible%22%3A0%2C%22req_no%22%3A0%7D

Requested by

Host: yastatic.net
URL: https://yastatic.net/vas-bundles/731705/bundles-es2017/inpage.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1678712306555332-16295795613678919346-sas2-0451-sas-l7-balancer-8080-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 13 Mar 2023 12:58:26 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 13 Mar 2023 12:58:26 GMT

POST
H2 200 log
log.strm.yandex.ru/ 0
216 B 349ms
94ms Ping
text/plain 2a02:6b8::28d
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://log.strm.yandex.ru/log?VAS=731705&event=PrioritiseMediaFiles
Requested by: Host: yastatic.net
URL: https://yastatic.net/vas-bundles/731705/bundles-es2017/inpage.bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::28d Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: http://download-telegram.org
access-control-expose-headers: Date
date: Mon, 13 Mar 2023 12:58:26 GMT
access-control-allow-credentials: true
timing-allow-origin: http://download-telegram.org
content-length: 0
x-request-id: 1678712306821676-1067567575283020211

GET
H/1.1 200
Ok ngphaselisbay.com
favicon.yandex.net/favicon/ 838 B
1 KB 91ms
70ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/ngphaselisbay.com?size=32&stub=1

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a143601cbf91eb6fd625e915d15103fdb1883e63177e7065f439870cb24025a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2

206

VP8_640_360_1000.webm
ext-strm-cogent03.strm.yandex.net/vh-canvas-converted/vod-content/863491721736985975/f455d3ad-06e2-413e-8c7a-fcc3f766d6f1/webm/
Redirect Chain

https://strm.yandex.ru/vh-canvas-converted/vod-content/863491721736985975/f455d3ad-06e2-413e-8c7a-fcc3f766d6f1/webm/VP8_640_360_1000.webm?vsid=d6ae78f8651f56e46c9b59534b24c60949bd870a42abxVASx5032x...
https://ext-strm-cogent03.strm.yandex.net/vh-canvas-converted/vod-content/863491721736985975/f455d3ad-06e2-413e-8c7a-fcc3f766d6f1/webm/VP8_640_360_1000.webm?vsid=d6ae78f8651f56e46c9b59534b24c60949b...

3 MB
3 MB

321ms
102ms

Media
video/webm

2001:978:7401:1::19
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://ext-strm-cogent03.strm.yandex.net/vh-canvas-converted/vod-content/863491721736985975/f455d3ad-06e2-413e-8c7a-fcc3f766d6f1/webm/VP8_640_360_1000.webm?vsid=d6ae78f8651f56e46c9b59534b24c60949bd870a42abxVASx5032x1678712305&noredir=1&lid=1503
Requested by: Host: download-telegram.org
URL: http://download-telegram.org/
Protocol: H2
Server: 2001:978:7401:1::19 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ac61d879ee5336da40d53dab917787f98ea515ff764da62136d238e2e219d3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-server-time-ms: 1678712307130
date: Mon, 13 Mar 2023 12:58:27 GMT
x-estimated-bandwidth: 1165928
nel: {"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
Content-Range: bytes 0-3382876/3382877
x_h: strm-kiv14.strm.yandex.net
x-strm-request-id: 4b88c43854406d86
x-connection-id: 439081095
Content-Length: 3382877
x-request-id: 4b88c43854406d86
x-estimated-rtt: 44508
last-modified: Fri, 16 Dec 2022 12:55:04 GMT
server: nginx
etag: "0fefd50e81150dd0295bf1478a6951ac"
x-strm-log-split: 7
content-type: video/webm
report-to: {"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
access-control-expose-headers: Date, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID, Age, X-Server-Time-Ms, X-Plg-URL
cache-control: max-age=300
access-control-allow-credentials: true
x-robots-tag: noindex, noarchive, nofollow
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Range, X-Client-Timestamp, X-Strm-Session
expires: Mon, 13 Mar 2023 13:03:27 GMT

Redirect headers

date: Mon, 13 Mar 2023 12:58:26 GMT
nel: {"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
x-strm-request-id: 9a4b1934b0be436d
x_h: strm-anycast-ru-net-production-37.vla.yp-c.yandex.net
content-length: 0
x-request-id: 9a4b1934b0be436d
server: nginx
x-strm-log-split: 2
report-to: {"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
location: https://ext-strm-cogent03.strm.yandex.net/vh-canvas-converted/vod-content/863491721736985975/f455d3ad-06e2-413e-8c7a-fcc3f766d6f1/webm/VP8_640_360_1000.webm?vsid=d6ae78f8651f56e46c9b59534b24c60949bd870a42abxVASx5032x1678712305&noredir=1&lid=1503
access-control-expose-headers: Date, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID, Age, X-Server-Time-Ms, X-Plg-URL
cache-control: no-cache
access-control-allow-credentials: true
x-plg: host=strm-plgo-production-245.sas.yp-c.yandex.net; version=10923993
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Range, X-Client-Timestamp, X-Strm-Session
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 28ms
26ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=download-telegram.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 22ms
21ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=download-telegram.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/ Frame 53FD 10 KB
4 KB 9ms
9ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 01:30:57 GMT
etag: 2378337311435320485
expires: Mon, 27 Mar 2023 01:30:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/ Frame 558B 10 KB
4 KB 16ms
14ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 01:30:57 GMT
etag: 2378337311435320485
expires: Mon, 27 Mar 2023 01:30:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/ Frame 510D 10 KB
4 KB 32ms
18ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 01:30:57 GMT
etag: 2378337311435320485
expires: Mon, 27 Mar 2023 01:30:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 53FD 4 KB
732 B 59ms
24ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 11:15:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Mar 2023 12:58:26 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 53FD 205 B
649 B 90ms
7ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:47:46 GMT
x-content-type-options: nosniff
age: 640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 12 Mar 2024 12:47:46 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 53FD 604 B
693 B 92ms
9ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:56:16 GMT
x-content-type-options: nosniff
age: 130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 12 Mar 2024 12:56:16 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/ Frame 53FD 20 KB
9 KB 100ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:45:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8547
x-xss-protection: 0
server: cafe
etag: 17360858034827311943
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 17:45:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 558B 8 KB
967 B 59ms
34ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74017d97a0876e72ef09a14ea0b3ad49a744811c726e7b05e305d4a6e3e07612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 12:20:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Mar 2023 12:58:26 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 558B 2 KB
846 B 98ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 17:39:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame 558B 22 KB
9 KB 80ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 17:39:25 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 558B 3 KB
1 KB 98ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Mar 2023 10:41:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 558B 20 KB
8 KB 81ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 17:39:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 558B 158 KB
49 KB 136ms
29ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Mar 2023 12:58:26 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 558B 34 KB
14 KB 73ms
16ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 13:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 09 Jun 2023 13:26:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 510D 0
0 78ms
60ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1D4m8R0PZMvPKa6Di9YPm-mr-AfJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MDkyNDA5OTczMzUyNTTIAQmpAmuZ0ioc_rE-qAMByAMCqgTyAU_QP_CCRQfQlWACwCSHb6641VV6CelIRZYSeygaLd_CVQ2UufeLh45xZdYAW-fkB0UipD12nQwQZScWFDvRDA9wYjyIbTSa9vZyXzYo97GjxtISriCKqBAaORbK9WCRns5038A3DuEpIcJPnSw_78evg28Ik_EweDFAAr_Fazg8xSHlGL35Ci1pB_4qji97AV5nG7vpb5IaCs7h6Lkpep8KX_h7OcoS6yNFNgcCOfP_s5sJplj_OhbaEQ2SO7DbM75niga8qg4z9JQdUIep7Ludkm3W-LJ9eVX3gFvqVOalUXFsieVUjeG9KfFbtPX__fRLgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01NDA5MjQwOTk3MzM1MjU0GAA&sigh=tZ88b4A_rsg&uach_m=[UACH]&cid=CAQSGwDUE5ymZ8rQnGtBrBe8y2tgYxYKwBrbaxl-dxgB

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 13 Mar 2023 12:58:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 13 Mar 2023 12:58:26 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 510D 0
0 121ms
39ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kqW_EMz6RO0HfJ2DYgICAAAAENCLXIskYWf9r7W_EPEdD2RFQZ_xsVoIZsZ_AAASAAAKDkFRVUJBUVlCQVFFQkFR&wp=ZA8d8QAKZ8sEwsGuAAr0mwdCUmtRjZatPY5CMA

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 12720213
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 2711 211 KB
60 KB 259ms
173ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZA8d8QAKZ8sEwsGuAAr0mwdCUmtRjZatPY5CMA&u=%7CbX1yiK3ZVptVtWd95ISrBMBJpjLs2zJUXHxjzme1DxQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAylUMGpeR7vM2_SSptuUfW1y6VvWCsHhhQhv5e0h5gREK8RQyYTD7t1a4dX_RW0XNIqC-us9jd_vb7R2YWjTNqEt4X4pZAvCcTgF_ZQOoGI9piNfEhWQJ7zIzUNG96FT9nm53zmfEx1Uu4NX002M3deN9_aOqqR3xmtqRz_CU3fcL8axl1kIHM6MX98qksSLPXK2C-V12QbHjfAFYyKW105r_37f0PhaU3Nf6mWRrtthHo3TgKRxapIYXJPtzjRnWcJJsnKVfZUp0ew0-YYPq5gD2VDlyZcRBXNPbUwSvcft-Q88qxz-PZ02ZWJ2ERj0gokFvc0fEA3Jwm-Ujzs3TCCcXzaLzv6To7peZnr9m9orcHBsXEs2ug7RoJRvxeuqQPL8vMkN9kB5XFTbNcAEqshjSOOVAhYVkcWPFKMf-EMyAUSK--QQNOc3SvaOyWprfxGF3jhTqtLn6UnLvngUdvykOsYtzecpvFnCfEXL-7FEqZh99GVnQ5Ed8uizZEzbYto2MYJ0dIBXbTfpDAeMuBvnosm19_Rm7A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYffh8R0PZMvPKa6Di9YPm-mr-AfJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MDkyNDA5OTczMzUyNTTIAQmpAmuZ0ioc_rE-qAMByAMCqgT1AU_QP_CCRQfQlWACwCSHb6641VV6CelIRZYSeygaLd_CVQ2UufeLh45xZdYAW-fkB0UipD12nQwQZScWFDvRDA9wYjyIbTSa9vZyXzYo97GjxtISriCKqBAaORbK9WCRns5038A3DuEpIcJPnSw_78evg28Ik_EweDFAAr_Fazg8xSHlGL35Ci1pB_4qji97AV5nG7vpb5IaCs7h6Lkpep8KX_h7OcoS6yNFNgcCOfP_s5sJplj_OhbaEQ2SO7DbM75niga8qg4z9JQdUMWrzSkaHfHFRy5p2oXKJqPjQOwTW190C1GcsEdPlu93rHBVeef0InAigAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ORIp_VUe3kSDNjlHQZ3v1hhtVWQ%26client%3Dca-pub-5409240997335254%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d4f751659e7cb5039beef6aa7c8a0ce37b3943209ee90896c790b1c7cbc9cf4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 12:58:26 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=OhaACVIaiOOLFFGJdaNAMqVooWAmqGENTrd3QDH-QlBXrJeDyrtHe1ruIi3HWlTa7pxrbl12nFTdhhPC_wTbjkrxa4mN0dTgRhoiGUWsDO1avsl3JdfcsKlZ6KJfI0N6dujjayaFNfusCzJja_1nnNmLQPYPQ08oZv8Y6CwM2b-bPdbtFssxDcT5BlrgSxrkoB0EWOrXbj76nkw8Kx21FjUkJksJl8_CD8mZ4y3pRDrLHV-oHgBExVR17HihnWoMszLZNQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 140925450
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 510D 3 KB
1 KB 71ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Mar 2023 10:41:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 510D 20 KB
8 KB 62ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 17:39:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 510D 158 KB
49 KB 123ms
43ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Mar 2023 12:58:26 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6D25 8 KB
895 B 28ms
26ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 11:53:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Mar 2023 12:58:26 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 6D25 2 KB
799 B 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 17:39:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame 6D25 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 17:39:25 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 6D25 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Mar 2023 10:41:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 6D25 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 17:39:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6D25 158 KB
49 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Mar 2023 12:58:26 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 6D25 34 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 13:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 09 Jun 2023 13:26:36 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 50E9 143 B
166 B 59ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2180
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 12:22:07 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 510D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab548a93ed36fe1ef106f1905a89684ec097c373107ccb0e62cb5c2d1ae1769c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 088A 143 B
166 B 21ms
16ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2180
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 12:22:07 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 2711 2 KB
1 KB 115ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZA8d8QAKZ8sEwsGuAAr0mwdCUmtRjZatPY5CMA&u=%7CbX1yiK3ZVptVtWd95ISrBMBJpjLs2zJUXHxjzme1DxQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAylUMGpeR7vM2_SSptuUfW1y6VvWCsHhhQhv5e0h5gREK8RQyYTD7t1a4dX_RW0XNIqC-us9jd_vb7R2YWjTNqEt4X4pZAvCcTgF_ZQOoGI9piNfEhWQJ7zIzUNG96FT9nm53zmfEx1Uu4NX002M3deN9_aOqqR3xmtqRz_CU3fcL8axl1kIHM6MX98qksSLPXK2C-V12QbHjfAFYyKW105r_37f0PhaU3Nf6mWRrtthHo3TgKRxapIYXJPtzjRnWcJJsnKVfZUp0ew0-YYPq5gD2VDlyZcRBXNPbUwSvcft-Q88qxz-PZ02ZWJ2ERj0gokFvc0fEA3Jwm-Ujzs3TCCcXzaLzv6To7peZnr9m9orcHBsXEs2ug7RoJRvxeuqQPL8vMkN9kB5XFTbNcAEqshjSOOVAhYVkcWPFKMf-EMyAUSK--QQNOc3SvaOyWprfxGF3jhTqtLn6UnLvngUdvykOsYtzecpvFnCfEXL-7FEqZh99GVnQ5Ed8uizZEzbYto2MYJ0dIBXbTfpDAeMuBvnosm19_Rm7A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYffh8R0PZMvPKa6Di9YPm-mr-AfJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MDkyNDA5OTczMzUyNTTIAQmpAmuZ0ioc_rE-qAMByAMCqgT1AU_QP_CCRQfQlWACwCSHb6641VV6CelIRZYSeygaLd_CVQ2UufeLh45xZdYAW-fkB0UipD12nQwQZScWFDvRDA9wYjyIbTSa9vZyXzYo97GjxtISriCKqBAaORbK9WCRns5038A3DuEpIcJPnSw_78evg28Ik_EweDFAAr_Fazg8xSHlGL35Ci1pB_4qji97AV5nG7vpb5IaCs7h6Lkpep8KX_h7OcoS6yNFNgcCOfP_s5sJplj_OhbaEQ2SO7DbM75niga8qg4z9JQdUMWrzSkaHfHFRy5p2oXKJqPjQOwTW190C1GcsEdPlu93rHBVeef0InAigAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ORIp_VUe3kSDNjlHQZ3v1hhtVWQ%26client%3Dca-pub-5409240997335254%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 07 Mar 2024 12:58:27 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2711 2 KB
1 KB 123ms
25ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 07 Mar 2024 12:58:27 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 2711 308 B
637 B 96ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 07 Mar 2024 12:58:27 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 2711 293 B
621 B 97ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 07 Mar 2024 12:58:27 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 2711 43 B
348 B 114ms
24ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=mfe0jHsnO68UYrYiDu2RaQt1qcwTk4LYwa0CsN2aexZgcDGLH8dy-RgGjEHGIF8M4K-Sop9mwOH639s_M2GO32vzK9VK69z6j2w85HSnPYaO5JaqbI49_-pMYur-WznaWjtm5LEh5mPs_RjHirkvKfYZcNIpg1Nv8fxrZwNdnwURDE5et_zDc7I3vZY8RDMqZG78KlfD-xk_i6IZVpVNR2VnXM-uUZxjlIa3Zc4qaZDHQcspN_ugPnBwAsIvLd0X6_hOcJSf-KRI60srd69r1r8jefA0a3sW4DR7gPSncZ3O_yluknjCDyOuYjAJRKzvtXjedEsHjlAPBjyii2V9MG7QdwC4ukVZL-sUowKRKs3crkjY-itK7UxXYc7V9Vx1gIuP5ZM8QIWTRdcrn1w-Z-TWlwP-lsN5iL1hDoSVIU8HO7Gg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3176106
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 2711 12 KB
5 KB 106ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2126419
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=of%2Fi%2Fsdpdn06kk9G3Qjoa%2F%2BHe7k3tOVoIWQ27v7dEWvYYYICNwPSLsXTvRBT5dLYQMs94IdCxMhzYmWpGLak6%2B7xF1Z4UrgKNrLwaAIfjo6ow%2B39C7b0DIh%2FiC0ntNFjM64suRs4w7w7h876lAgeTkng"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a7472d028dc3829-FRA
expires: Sat, 02 Mar 2024 12:58:27 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 2711 12 KB
6 KB 92ms
23ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 07 Mar 2024 12:58:27 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 2711 46 KB
46 KB 94ms
32ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 07 Mar 2024 12:58:27 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 2711 38 KB
38 KB 118ms
56ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 07 Mar 2024 12:58:27 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 50E9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

60ms
23ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 12:58:27 GMT
expires: Mon, 13 Mar 2023 12:58:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 12:58:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3191 36 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:26:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14292
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Mar 2024 17:26:18 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2711 17 KB
17 KB 233ms
27ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2Ff5aeb75966fa423aa72c4303d62e50ae_logocon.png&v=3&w=464&s=y6IXaXUIGhmJ6GKvAx03Pt7I

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

0559962f37bbdd47b3a5d9c220346a96de131e7d0ef210a0a0dfd98942c6d9d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30129300
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16952
expires: Sun, 25 Feb 2024 06:13:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2711 62 KB
63 KB 265ms
60ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F221121%2F71409a64baf248aca03b351b9195ce6d_img_horizontal_1.jpg&v=3&w=1200&s=m66f0H_H8Qfa9PszLewKKMhG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

713ba573bd44652ff38f4445d9807d587e34e2e81ebdcae673a4414606d784e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29842568
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 63762
expires: Wed, 21 Feb 2024 22:34:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2711 18 KB
18 KB 245ms
40ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23000124-lXmAf13E.jpg&v=3&w=400&s=eKV7A1ZbmI5wX6FnsGYIIrkI&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c2539f1380cb321bf513209e5dbb5b375bf734954123e821a62c9bbd8d8a859f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=280173
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17994
expires: Thu, 16 Mar 2023 18:48:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2711 5 KB
5 KB 255ms
50ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F17200823-sXJJxkAy.jpg&v=3&w=400&s=Gn2kCuuWguzAC4p5BL8Nhijh&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3696083e5110b4c83765aaadf53e1f4a2bb8f43a419b9c4e42e7ff9d5573267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=96079
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5290
expires: Tue, 14 Mar 2023 15:39:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2711 15 KB
16 KB 256ms
52ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1606124992%2F18074023-vhMJzNCw.jpg&v=3&w=400&s=ePwI7QNK8ZDrkvdjQr7GhppS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e33e056a54e2512fcdfde9634812a65ce2eb43a5b0c3f2659c5816391b51d8c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=232572
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15632
expires: Thu, 16 Mar 2023 05:34:40 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2711 45 KB
45 KB 256ms
53ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F19285277-3HDq6cSr.jpg&v=3&w=400&s=n3bFLxUQ_h0x-uDIUolfFIW_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5342e0087d729ac69f6c912d0ecb369d87778525083731480176eb9c1a377758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=431873
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 45620
expires: Sat, 18 Mar 2023 12:56:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2711 9 KB
9 KB 48ms
45ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1573478455%2F19305485-Eyk2dNTp.jpg&v=3&w=400&s=clGqG9peNAg-I2yiIhVl_pcN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

4ab456e9461641e5efb81e0b5fc8d235d73981534a2ca5cea3e092c1678e625a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=91075
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9320
expires: Tue, 14 Mar 2023 14:16:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2711 3 KB
4 KB 45ms
42ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23010859-BuyLJwzz.jpg&v=3&w=400&s=K_jJveXeKjPmSVRUWSGJvnBc&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b4dbefa28cde38647288171fe8ece2474aa07b63104590bb1d23c9f575b74dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=252119
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3398
expires: Thu, 16 Mar 2023 11:00:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2711 53 KB
53 KB 51ms
48ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F19001946-gvhXUMPK.jpg&v=3&w=400&s=VJbiGnnKfBEMuZLsddc30r7q&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

84489af3e3f7bc393e5655151c23cbaf8019c33336c856a557524ae1ccd5a8ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=95970
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 53888
expires: Tue, 14 Mar 2023 15:37:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2711 7 KB
7 KB 52ms
48ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F19341487-q4u1lv0N.jpg&v=3&w=400&s=WPkzw7nlrQFcSJFDFbPR6CkK&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

a4dec481356a8c5d96f80302b02304fdb74eb8b522327d956d12907772d7498d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=415857
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7146
expires: Sat, 18 Mar 2023 08:29:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2711 7 KB
8 KB 52ms
49ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1544803151%2F18300358-BQBk5bjM.jpg&v=3&w=400&s=7q9r08ZyY2ZjqaZMxEethEAi&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

19bded2d9cba71a31fd4aa13a02b22c9b7648e067be1c27c4c9f90549e745cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=64961
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7468
expires: Tue, 14 Mar 2023 07:01:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2711 20 KB
20 KB 54ms
51ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1604937410%2F20266468-4iuJr3T8.jpg&v=3&w=400&s=EGCRv97Alzhy_xpej7cAyXYD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f804f52520f38b47e6b486e45fc2760fe5226f268a19768dbb24dd5697653df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=90064
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20490
expires: Tue, 14 Mar 2023 13:59:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2711 24 KB
24 KB 63ms
60ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22240119-G7bbZeSB.jpg&v=3&w=400&s=A2q2g9lZ-jMzlpYdyxDQDd4y&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f76accc5bfe44328a3a0b532ce8cac01d2d854a02bbd07d20b5a4c6f72fd4092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=238882
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24758
expires: Thu, 16 Mar 2023 07:19:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2711 7 KB
7 KB 76ms
73ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F21277028-GZwtCYmV.jpg&v=3&w=400&s=k4ddrs53tGgC3ti6iayumLEy&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

50b37f427de29e8c0e67028aad2efc781545509eda179b655934921dbbda8daf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=236319
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7232
expires: Thu, 16 Mar 2023 06:37:07 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2711 10 KB
10 KB 57ms
54ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22272909-6qk6rns9.jpg&v=3&w=400&s=DoklHJFfPhiML3kidYWZUFWF&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

066bac8a91b3f25c83032f9d8cc7fb348ae401a436546e689881c888322ea4ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=264809
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10252
expires: Thu, 16 Mar 2023 14:31:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2711 19 KB
19 KB 65ms
62ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1551428723%2F19075305-LeuEx9Ug.jpg&v=3&w=400&s=1G2YJgwocPSQxOpD5LO42IGl&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b11ab555e92666583e7f4f0d2e42ea85c8e725b5bbdbc2bc4371d3f5c1c6537b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=192135
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19102
expires: Wed, 15 Mar 2023 18:20:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2711 13 KB
13 KB 58ms
55ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1646733277%2F22061096-mNrAZZF9.jpg&v=3&w=400&s=kK27ZlE1hRah1XPVHepos-3N&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

58920a300786955023c97a0a6d468e3c1ea14e622011797d432baefdf739cca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=264616
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13536
expires: Thu, 16 Mar 2023 14:28:44 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2711 19 KB
19 KB 66ms
64ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1576497231%2F19371908-RoFSpeGp.jpg&v=3&w=400&s=GZmWA9IWi6GfyfQjne2cif3I&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

704beee66106a28dc06b0eb5dda0de4d29beccc49b95d1f77b10d301e24272be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=240838
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19494
expires: Thu, 16 Mar 2023 07:52:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2711 8 KB
8 KB 75ms
72ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F16032499-DMrk319o.jpg&v=3&w=400&s=t_RJtTHn-BlALV_PhmbvnAY0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

1d3ded4b9344b60b3bceaa329a439ef0feb33215bcbf35c4cbcb8cc14d2daf29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=96229
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7716
expires: Tue, 14 Mar 2023 15:42:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2711 26 KB
26 KB 78ms
75ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F20266421-SFFeKXd4.jpg&v=3&w=400&s=pDUTbeGSX7guL1Uy7IrgBgd0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

eb370d0cf8a89e349d3fa9ce2f3901ad5e890aec3eb38c94f286fff00617ce18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=89805
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26196
expires: Tue, 14 Mar 2023 13:55:12 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 2711 0
128 B 126ms
29ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=OhaACVIaiOOLFFGJdaNAMqVooWAmqGENTrd3QDH-QlBXrJeDyrtHe1ruIi3HWlTa7pxrbl12nFTdhhPC_wTbjkrxa4mN0dTgRhoiGUWsDO1avsl3JdfcsKlZ6KJfI0N6dujjayaFNfusCzJja_1nnNmLQPYPQ08oZv8Y6CwM2b-bPdbtFssxDcT5BlrgSxrkoB0EWOrXbj76nkw8Kx21FjUkJksJl8_CD8mZ4y3pRDrLHV-oHgBExVR17HihnWoMszLZNQ&sds=2&rev=85089&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 13 Mar 2023 12:58:26 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2711 2 KB
1 KB 57ms
19ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 07 Mar 2024 12:58:27 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 2711 2 KB
1 KB 57ms
20ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 07 Mar 2024 12:58:27 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 088A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

25ms
21ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 12:58:27 GMT
expires: Mon, 13 Mar 2023 12:58:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 12:58:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3DF9 36 KB
14 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:26:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14292
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Mar 2024 17:26:18 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 75ms
54ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230308&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd2c212a7991be7272bc2d5b0163c875b8070234c548eb5453d5f4627f2e2ea3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11240
x-xss-protection: 0

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame 7025 105 KB
37 KB 53ms
53ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: download-telegram.org
URL: http://download-telegram.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 0e9d92cb045fce46
timing-allow-origin: *
expires: Thu, 16 Mar 2023 00:55:53 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 7025 162 KB
57 KB 121ms
120ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

cf0e934daa92ef101fcdf4f64d318324f197533bc3a8ad60630a947cef5d7073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-e3bd"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58301
expires: Mon, 13 Mar 2023 13:58:27 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame 7025 403 B
703 B 94ms
94ms Fetch
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=http%3A%2F%2Fdownload-telegram.org%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

91cf709fd2276a4261651f0814eb4460acd00d0f0ec38ea9815a4a2b075f868b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1678712307900776-16290307052686155764-sas2-0451-sas-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 1517ms
1516ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Mar 2023 12:58:29 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 7025 43 KB
16 KB 115ms
71ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

eabbdf222a6fdefc15823ad881245c5b3d19f3cd9e76537cf6eac726d47f3005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15853
x-xss-protection: 0
server: cafe
etag: 14394192626789988969
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Mar 2023 12:58:28 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 7025
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9B0PZOq8Afi2mLAPwP2VwA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=743168374&crd=&is_vtc=1&random=1656864664
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=743168374&crd=&is_vtc=1&random=1656864664&ipr=y

42 B
455 B

39ms
17ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=743168374&crd=&is_vtc=1&random=1656864664&ipr=y

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=743168374&crd=&is_vtc=1&random=1656864664&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 7025
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9B0PZIC_AcfK1ga31bKgBA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1071111995&crd=&is_vtc=1&random=4283111948
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1071111995&crd=&is_vtc=1&random=4283111948&ipr=y

42 B
108 B

19ms
18ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1071111995&crd=&is_vtc=1&random=4283111948&ipr=y

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1071111995&crd=&is_vtc=1&random=4283111948&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1LvQc8t50Gm200000000U9nJ_33tr7JhhHUQ3UtEfhp8szSiOFbHbZ-50GWyOIAXPKjJesBtlv5bI6K4YcVQdRrp2oHUoWparOBKjZA2o4wGB10mCSnar5WBOIzaL965i5Ooxk22i3Q2r6q0QTxBg3o5a-4eMEOi8qZuAfYyoyWWmy3mbt4M4mF3N2QGo5AcKq0DQ... Show response
yandex.ru/an/rtbcount/ 43 B
220 B 66ms
65ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1LvQc8t50Gm200000000U9nJ_33tr7JhhHUQ3UtEfhp8szSiOFbHbZ-50GWyOIAXPKjJesBtlv5bI6K4YcVQdRrp2oHUoWparOBKjZA2o4wGB10mCSnar5WBOIzaL965i5Ooxk22i3Q2r6q0QTxBg3o5a-4eMEOi8qZuAfYyoyWWmy3mbt4M4mF3N2QGo5AcKq0DQvb-0TbdcVu3mIic0VPDDiPsPu4YeajN7V_6ol2NYGNa66PM8DdBh0WafpA3DCzbPW8vW9d9KG5aFyj6vdNNza_-PXN6S98Pvl-hO9LtmUHFPWSdVeZpMSuy-W1chM1PSOjf0mlZ3XQc0op_OO3n9Wl4Jn_i7xByt_fq5bVNTVktB23_B63bFCbgQCWDbhx0sj3Gm7AJzSFKzwV3tkTtVcK5wUvWQs2PmFPXzwfzEvUlVT7CE8Fjok7W1MnhTrvR_FNQtp_TZ2lPO6OUOFCumSRyY8qtsDJHAi3Co3SbBJtT_2KRpFQVR1bR0_-PJljaFv6zJdc-Os_EM_jPx6pcngO6naORs9bsiFESO1T_mFxmmDMJdI_UJSpwmSwpW0FefHKSIwmsSEmGtS71201ERh5O?confirmTime=2136000&confirmRatio=970000&test-tag=452998790643714&format-type=118&actual-format=8&rnd=6554734716474&pcode-active-testids=735484%2C0%2C34%3B733957%2C0%2C79&banner-sizes=eyI3MjA1NzYwNzU0MzkxMjkxNyI6IjExMDB4MzAwIn0%3D&width=1100&height=300

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Mar 2023 12:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1678712308084959-9895218936186074068-sas2-0451-sas-l7-balancer-8080-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 13 Mar 2023 12:58:28 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 13 Mar 2023 12:58:28 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame 7025 256 B
352 B 66ms
65ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1536865061348%3Ahid%3A344738029%3Az%3A0%3Ai%3A20230313125828%3Aet%3A1678712308%3Ac%3A1%3Arn%3A658345415%3Arqn%3A1%3Au%3A1678712308490401116%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C60%2C46%2C16%2C5%2C0%2C%2C31%2C0%2C160%2C161%2C0%2C160%3Aco%3A0%3Acpf%3A1%3Ans%3A1678712305810%3Ast%3A1678712308&t=clc(0-0-0)rqnt(1)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

72fa686f1716fa37e17ffde689f8128a47d29d4b07855d5dc7a8e6386b448f18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 13-Mar-2023 12:58:28 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:58:28 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 7025 43 B
149 B 61ms
60ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:28 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 13 Mar 2023 13:58:28 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 7025 3 KB
1 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1678712308097&cv=9&fst=1678712308097&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fdownload-telegram.org%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff40b9071942315f5de76b3a6fe687ba75df1903a2d131f1714da59d16299a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 7025 3 KB
1 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1678712308100&cv=9&fst=1678712308100&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fdownload-telegram.org%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91cf4fc3fe45dac57c4e9a50dcb46c8796dda060ef34759f1672d83966ed8d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 7025 3 KB
1 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1678712308103&cv=9&fst=1678712308103&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fdownload-telegram.org%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76577d7a991403b3ec131c3a0902f9ea59f168e28951f3c6ad31c16b4dfa7eb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1377
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 7025 3 KB
1 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1678712308104&cv=9&fst=1678712308104&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fdownload-telegram.org%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d22812d5c843fc8b5ada6412be7927d2ff7d31c2718e6b78b98911c4938cf46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1376
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 510D 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvfBbAnC0vTdlpj8cEgwhiTb05bvjkEY7lXeae2_neRrDo0wMgpu1j1W40ztoXTaiejqD_7Q54S4iFJT8520GrsHc&sig=Cg0ArKJSzOgeH422y9_oEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=196,696,1000,1000,1000&tos=196,500,304,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1678712306661&rpt=432&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 7025 42 B
64 B 23ms
23ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1678712308100&cv=9&fst=1678708800000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fdownload-telegram.org%2F&async=1&fmt=3&is_vtc=1&random=1587460996&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 7025 42 B
108 B 24ms
18ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1678712308100&cv=9&fst=1678708800000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fdownload-telegram.org%2F&async=1&fmt=3&is_vtc=1&random=1587460996&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 7025 42 B
64 B 28ms
25ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1678712308097&cv=9&fst=1678708800000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fdownload-telegram.org%2F&async=1&fmt=3&is_vtc=1&random=1060276573&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 7025 42 B
108 B 24ms
20ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1678712308097&cv=9&fst=1678708800000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fdownload-telegram.org%2F&async=1&fmt=3&is_vtc=1&random=1060276573&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 7025 42 B
64 B 24ms
24ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1678712308103&cv=9&fst=1678708800000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fdownload-telegram.org%2F&async=1&fmt=3&is_vtc=1&random=3881417058&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 7025 42 B
108 B 22ms
22ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1678712308103&cv=9&fst=1678708800000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fdownload-telegram.org%2F&async=1&fmt=3&is_vtc=1&random=3881417058&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 7025 42 B
64 B 23ms
22ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1678712308104&cv=9&fst=1678708800000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fdownload-telegram.org%2F&async=1&fmt=3&is_vtc=1&random=1611705885&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 7025 42 B
108 B 20ms
20ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1678712308104&cv=9&fst=1678708800000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fdownload-telegram.org%2F&async=1&fmt=3&is_vtc=1&random=1611705885&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 WPeejI_zOFa0XGm0j1HQPQLsacb4t0K0-G4GW8200J7n7Gza000003Z-iky1Y083kG9GFZmj47OY0V02uwQ_oWg0P_050Q06o0791l2TofSxjT23FitSscw-Wn3uW0e1Y0g118WB1geB40UoF3C-pG0001MbgiVsy0i6u0s2We61W820Y0IO3l2xghwvfwteWm6e3... Show response
yandex.ru/an/count/ 43 B
252 B 109ms
108ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WPeejI_zOFa0XGm0j1HQPQLsacb4t0K0-G4GW8200J7n7Gza000003Z-iky1Y083kG9GFZmj47OY0V02uwQ_oWg0P_050Q06o0791l2TofSxjT23FitSscw-Wn3uW0e1Y0g118WB1geB40UoF3C-pG0001MbgiVsy0i6u0s2We61W820Y0IO3l2xghwvfwteWm6e3xwQayFkpU_1490GyRcZ-ENAqg7P0VWG4FF9luT9y18G1k0K0V0LmOhsxAEFlFnZc1QGdQ6W1g395l0_s1Q15wWN2T0O8VWOWiks_C-OxiHaW1c96J4n2ncu6V___m706V2hlj_iwlktYG7I6H9vOM9pNtDbSdPbSYzoDparBJFe6Sm8y1c0mWEO6jJ3Kx0RIBWR0u8S3LCrGJfGDZ9DP6PdPpVf780T_t-080A880pG8V___m7L8l__V_-18m0000000F0_5G0o0t6OSO4ySWR8Q3wpXVvdXjw44d98M_7EoCJ0L8QcDH-0Uxy32TUFcWD9orh0T-sSKSCVHMoIHi5psE5X4971FG00~1=WPeejI_zOBe0XGm0j1PtTmKCkW6qYxcspTcxmB81W041Y07wdjs-eG6G0Qhdfz3aW8200fW1gkUdq6Iu0UpPe9ycs06chEkk0U01bfMlcG7e0Te3-07OZzw-0Q02Zlg50S022x03b2Q81UBZ5905hi5ei0M3oHgu1OF96i05tQEi0yW5dF5iq0NouWce1iW1gGS-pTpQRhw34BW7W0NG1nRW1uOAq0YwY821meA01k08X_r2w0a7W0e1-0g0jHZe39C2c0smc3R1i9220PWHYUKieRc05820W0JG5EJal7le58m2c1QGdQ6W1g395l0_q1ROZzw-0PWNbxMqBBWN0S0NjTO1e1d00RWP____0O4Q__y_HAXqTVse7W6m7m787vFMjLUf81OZuPXeIT0_k23UtIcG8jUbB90YsAKia2B2g2oG8eFbB90YXEKia2A9vIpL8l__V_-18uaZcfcPcPcPsJ-G8ypMsecT_wkyH9WZjSIcyV-lrdyA0CyU9EQyXXCc1aPbJ8ZXC1bpOR1vsHHDbmofL4gx4mmMS000~1?stat-id=3&test-tag=452998790699537&banner-sizes=eyI3MjA1NzYwNzU0MzkxMjkxNyI6IjExMDB4MzAwIn0%3D&format-type=118&actual-format=8&pcodever=735032&banner-test-tags=eyI3MjA1NzYwNzU0MzkxMjkxNyI6IjU3MzkzIn0%3D&constructor-rendered-assets=eyI3MjA1NzYwNzU0MzkxMjkxNyI6MTcwMzd9&pcode-active-testids=735484%2C0%2C34%3B733957%2C0%2C79&width=1100&height=300&confirmTime=2100000&confirmRatio=970000&wmode=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Mar 2023 12:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1678712308274029-10610868336665591639-sas2-0451-sas-l7-balancer-8080-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 13 Mar 2023 12:58:28 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 13 Mar 2023 12:58:28 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 2711 0
127 B 21ms
20ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 13 Mar 2023 12:58:28 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame 7025 439 B
808 B 64ms
64ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fdownload-telegram.org%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A1521549468191%3Ahid%3A344738029%3Aphid%3A793930901%3Az%3A0%3Ai%3A20230313125828%3Aet%3A1678712308%3Ac%3A1%3Arn%3A457538566%3Arqn%3A1%3Au%3A1678712308490401116%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C60%2C46%2C16%2C5%2C0%2C%2C31%2C0%2C160%2C161%2C0%2C160%3Aco%3A0%3Acpf%3A1%3Ans%3A1678712305810%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678712308%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)lt(67900)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ea84bda00a05c4bad2d4208a17b812416293602e158394ad5280567c4a1f0d8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 13-Mar-2023 12:58:28 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:58:28 GMT

POST
H2 200 28975340 Show response
mc.yandex.com/webvisor/ 43 B
167 B 420ms
62ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/28975340?wmode=0&wv-part=1&wv-hit=793930901&page-url=http%3A%2F%2Fdownload-telegram.org%2F&rn=204016881&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1678712309%3Aw%3A1600x1200%3Av%3A970%3Az%3A0%3Ai%3A20230313125828%3Au%3A1678712305538391132%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Ast%3A1678712309&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:29 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Mar-2023 12:58:29 GMT
content-type: image/gif
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:58:29 GMT

POST
H2 200 28975340 Show response
mc.yandex.com/webvisor/ 43 B
73 B 61ms
61ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/28975340?wmode=0&wv-part=1&wv-hit=793930901&page-url=http%3A%2F%2Fdownload-telegram.org%2F&rn=144626842&wv-type=3&browser-info=we%3A1%3Aet%3A1678712309%3Aw%3A1600x1200%3Av%3A970%3Az%3A0%3Ai%3A20230313125829%3Au%3A1678712305538391132%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Ast%3A1678712309&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:29 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Mar-2023 12:58:29 GMT
content-type: image/gif
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:58:29 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EE5B 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9302
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 10:23:27 GMT
expires: Tue, 12 Mar 2024 10:23:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 853B 783 B
535 B 17ms
17ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9bbc26e9654a129a6df830248b94862ada7a4c2bdb2389a32e466c7a42d2c98f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KrkICphfJiAPZtXKhXE5Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-KrkICphfJiAPZtXKhXE5Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 12:58:29 GMT
expires: Mon, 13 Mar 2023 12:58:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Show response
pagead2.googlesyndication.com/bg/ Frame EE5B 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:26:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14292
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Mar 2024 17:26:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 853B 0
0 40ms
40ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230308&jk=4424320484458750&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EE5B 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?78Sv_Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:58:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
42ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230308&jk=4424320484458750&bg=!4-Cl4LTNAAZKh9k7aoc7ADkAdvg8WqFUCSLTVbhM6MMcXRjmkRBZPRXFNVnM2_x75tBKoI5hlhUg1iFefZhQ1XH8LZlG6oppzJwCAAAAUVIAAAACaAEHCgBlZDzdidYNxLpis63HCfXJmT51d9-R7rR0Lz6DXMVgRbdSL48W6rc7lwTb2IZp5dZ5lxSH494pJfkQ0k7Lu5mEMvw71wFHI5GjC2LqAEMd-4naqifoX2WEdFpV8APWT1UITRj45tqZAvc5a2XUEahEU4JyaHEDQVPxf0_7NSQCBn-2xYqXk3HSPt0uoMUGmfrrJdv5anjFQFsWYWo75_wIKa2garxiujEEfoBkm6QosroSBQAqEd0jBXw9Cg6jcVl_frJAyUSLd04xV55QqRJuD9Yeu4YtygyGGJApiZ2sqWPV_G7HHPOtDCK3BZZwIclBm3yOTm0IiI37s7LydGLN9Usi0sZDpSwfNppSuCGvbjqgfT7q7EZ0jnF1Z8iUxorZgS-UQ5JRy-wpXhy_HtDBC-NE_K8E06gVRmHeWUWX4B7q2X3h80xFXw3W5PJl1hTE_Ye0ZzSvdTp80ICWXl1b1vCWBautacNPtDbhcJRLyYZa5LNb9n56EaGcdELQZAk3jZlCTchlQKobJ2wCvLmRek9s0WKw1mvuLBZzDQkw35yJ1sPMnhfQfhfqi4jsl8Wd3kigmmnulArY1kfmaZZXIo_BRh60iSidD8ECifMeOnU8e8TJGNn27aymZL9yPlXsO7odG9xRbAYGJ0xV7igj0muiBD_-Hszbw6-_WEmk2WneJlq9cK3floUhQUelpSF8KqjrSTuvzAVR7EAlFPHdFkX7I8hQBCbkh5iAShnxuy_Xw1OWlwckZuRPB0qgO8lEuYL8tPQpHqEO2q63II-KaiuMEgdxs8osZ3hoCF2MljRI_J3WxCuzIrclm2gN4i9k8_jm5dm8SWACYA8LfirpKdaZa81GmhPjDo6MrCrvONxOJkUrqIR3EsJ-r53a1iFoel1s38VbEbqxlcAiG5pxZwcDBMJGmPyRl50jjc338SpWgGeA1xoZNZsE8UnRUBQVFg3ySMNT--pGAHGOWeiXQMUi13ivEr52-2aKVZuV8-E8TLxddyyvVOkWLnzinzudtJ7Ve-nIoU_IKpMnLrKLATslujEPJcKHJm6KMDB54OKRZtp1J9e-7WL-c83ptu-iI3j74b-SVfk46Loxg7CnqvvLnNtJ5cYbzhMREDvwv7fuWbhSXJVyoxmR6J9N3qw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://download-telegram.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

POST
H2 200 28975340 Show response
mc.yandex.com/webvisor/ 43 B
145 B 62ms
62ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/28975340?wmode=0&wv-part=2&wv-hit=793930901&page-url=http%3A%2F%2Fdownload-telegram.org%2F&rn=709080844&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1678712310%3Aw%3A1600x1200%3Av%3A970%3Az%3A0%3Ai%3A20230313125830%3Au%3A1678712305538391132%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Ast%3A1678712310&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://download-telegram.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:58:30 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Mar-2023 12:58:30 GMT
content-type: image/gif
access-control-allow-origin: http://download-telegram.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:58:30 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mitdmp.whiteboxdigital.ru
URL: https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D

Domain: sonar.semantiqo.com
URL: https://sonar.semantiqo.com/dmp/scr.php

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

67 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 10:19:58	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 10:27:10	Name: pcssspb Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 10:19:58	Name: pcs3 Value: 1
kimberlite.io/rtb/sync	1970-01-20 10:18:32	Name: f Value: https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FZA8d8lDkzIE
kimberlite.io/rtb/sync	1970-01-20 10:18:32	Name: n Value: 2
.yandex.ru/	1970-01-20 19:54:32	Name: i Value: Kr4IbrKKnQ6iR9XshSSpAqZHpCn6hT28qorqJg3amk9z3t7lFoKJG710rgLK0TS2iJ/JFtaNIE7hqiACZmpVCFuIskg=
.yandex.ru/	1970-01-20 19:04:08	Name: yandexuid Value: 9498290881678712304
dariolunus.com/	1970-01-20 19:54:32	Name: userid Value: a78b46fc-d78c-42e0-b4af-bd9b15fbc5cc
download-telegram.org/	1969-12-31 23:59:59	Name: yexp Value:
.download-telegram.org/	1970-01-20 19:04:08	Name: _ym_uid Value: 1678712305538391132
.download-telegram.org/	1970-01-20 19:04:08	Name: _ym_d Value: 1678712305
.mc.yandex.com/	1970-01-20 10:18:32	Name: sync_cookie_csrf Value: 3459246090fake
.download-telegram.org/	1970-01-20 19:04:08	Name: pmvid Value: a78b46fc-d78c-42e0-b4af-bd9b15fbc5cc
.download-telegram.org/	1970-01-20 19:40:08	Name: __gads Value: ID=8309d461f21747a1-22af6a3c4fdd0004:T=1678712305:RT=1678712305:S=ALNI_MZXrPCC-xg86_nKjeeD8_7Fo7U5sg
.download-telegram.org/	1970-01-20 19:40:08	Name: __gpi Value: UID=00000bc57cc4203b:T=1678712305:RT=1678712305:S=ALNI_MZbCEwnSrj7nPQn5T-krKFRkfQfUQ
.download-telegram.org/	1970-01-20 10:19:44	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 10:18:32	Name: sync_cookie_csrf Value: 2527506729fake
.dariolunus.com/	1970-01-20 11:01:44	Name: uuid Value: a78b46fc-d78c-42e0-b4af-bd9b15fbc5cc
.yandex.com/	1970-01-20 19:04:08	Name: yandexuid Value: 9498290881678712304
.yandex.com/	1970-01-20 19:04:08	Name: yuidss Value: 9498290881678712304
.yandex.com/	1970-01-20 19:54:32	Name: i Value: Kr4IbrKKnQ6iR9XshSSpAqZHpCn6hT28qorqJg3amk9z3t7lFoKJG710rgLK0TS2iJ/JFtaNIE7hqiACZmpVCFuIskg=
.mc.yandex.com/	1970-01-20 10:19:58	Name: sync_cookie_ok Value: synced
.uuidksinc.net/	1970-01-20 19:04:08	Name: jcsuuid Value: 1wAYbu8DI5D9rynoQVUZ
.dariolunus.com/	1970-01-20 11:01:44	Name: oid Value: 1wAYbu8DI5D9rynoQVUZ
.yandex.com/	1970-01-20 19:04:08	Name: ymex Value: 1710248305.yrts.1678712305
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2640166141678712305
.download-telegram.org/	1970-01-20 10:18:34	Name: _ym_visorc Value: w
px.arcspire.io/	1970-01-20 11:01:44	Name: arcid Value: 40c343949edcdf4eb8c3f6
.yandex.ru/	1970-01-20 19:04:08	Name: yuidss Value: 9498290881678712304
.betweendigital.com/	1970-01-20 19:04:08	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 19:04:08	Name: ss Value: 1
.betweendigital.com/	1970-01-20 19:04:08	Name: tuuid Value: 8ed9d56f-3fc2-5248-af48-5290cb474f62
.360yield.com/	1970-01-20 12:28:08	Name: tuuid_lu Value: 1678712306
.360yield.com/	1970-01-20 12:28:08	Name: tuuid Value: 3f8f5543-f2f1-4bef-ae36-fe897c574041
.tns-counter.ru/	1970-01-20 19:04:08	Name: guid Value: D4936A04640F1DF2X1678712306
.adx.opera.com/	1970-01-20 19:04:08	Name: UID Value: OPUbd84efd2b8e04563ba0beb3cbf6f205a
.acint.net/	1970-01-20 10:18:32	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-20 19:54:32	Name: aid Value: fwAAAWQPHfKlTQVw3ykxAhEbVr1IIy3U0vCC6dd4wcc1w+hP
.dmg.digitaltarget.ru/	1970-01-20 19:54:32	Name: viuserid Value: aYAsNsuNkkMRhk67U5Qp
.weborama.fr/	1970-01-20 19:44:27	Name: AFFICHE_W Value: bIdqMMwTLR5s42
.demdex.net/	1970-01-20 14:37:44	Name: demdex Value: 35522717068896678961853439491431546828
.acint.net/	1970-01-20 11:01:44	Name: cSyncDp14v3 Value: 1678712306
kimberlite.io/	1970-01-20 12:28:08	Name: u Value: ZA8d8lDkzIE~tfprQZaB0TSHOeYlEWIBdzRA_eI
.dpm.demdex.net/	1970-01-20 14:37:44	Name: dpm Value: 35522717068896678961853439491431546828
.adhigh.net/	1970-01-20 19:04:08	Name: gi_u Value: POfMEd3lUDD.AikABlGG2wz7Ew
.betweendigital.com/	1970-01-20 19:04:08	Name: ut Value: ZA8d8gAHJCC6nCG6RbCjua4rreI9FZLnyUnkhg==
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1694924081678712306
.yandex.ru/	1970-01-20 19:04:08	Name: ymex Value: 1710248306.yrts.1678712306
.adhigh.net/	1970-01-20 19:04:08	Name: yandexssp_sync Value: LKvW
dmpprof.com/	1970-01-20 10:19:15	Name: nmatch Value: 14_1wAYbu8DI5D9rynoQVUZ
dmpprof.com/	1970-01-20 19:54:32	Name: uid Value: 7261ff0e-1386-4946-aa8b-0f0fb02e9d0d
.gnezdo.ru/	1970-01-20 19:54:32	Name: uid Value: XV9maWQPHfIVgXPacdTdAg==
.mts.ru/	1970-01-20 18:51:10	Name: dspid Value: e5f9344c-6572-41d9-98db-1667181638ab
.ssp-rtb.sape.ru/	1970-01-20 19:54:32	Name: sspuid Value: CkIDHGQPHfIu8QCyDnwpAjO8UC0DXJKYyJh+0j7PN7mCctAL
rtb.com.ru/	1970-01-20 19:04:08	Name: as-user Value: 640f1df21504a0467960abcf
.doubleclick.net/	1970-01-20 19:40:08	Name: IDE Value: AHWqTUk2OPKDLKKhsrJllw4e7SskLn9eu9m18U1l8g9kS24q41L2MsRjnxhE-_4fQa4
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.mts.ru/	1970-01-20 19:54:32	Name: mts_id_last_sync Value: 1678712307
.mts.ru/	1970-01-20 19:54:32	Name: mts_id Value: 369a17ef-f769-4a67-9d5c-3651f3e7bb8c
.gonet-ads.com/	1970-01-20 19:05:34	Name: pid Value: NjcyMmEwMWYyN2UyNDU2ZQ
.rutarget.ru/	1970-01-20 14:37:44	Name: userId Value: DDd6fw3MTozN
.aidata.io/	1970-01-20 19:54:32	Name: __upin Value: pMTOADNGu8JvoZaQUfytlg
.aidata.io/	1970-01-20 19:54:32	Name: __upints Value: 1678712307
.doubleclick.net/	1970-01-20 10:18:35	Name: DSID Value: NO_DATA
x01.aidata.io/	1970-01-20 10:28:37	Name: yaya Value: 1
.yandex.ru/	1970-01-20 19:54:32	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 19:54:32	Name: is_gdpr_b Value: CJ6rGBDXqwEYAQ==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271804&client=ca-pub-5409240997335254&fa=4&ifi=3&uci=a!3&btvi=1&xpc=BFEzjQYD8p&p=http%3A//download-telegram.org Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acint.net
ads.betweendigital.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
an.yandex.ru
avatars.mds.yandex.net
cat.fr.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.tns-counter.ru
csm.eu.criteo.net
d.uuidksinc.net
dariolunus.com
dm-eu.hybrid.ai
dm.hybrid.ai
dmg.digitaltarget.ru
dmpprof.com
download-telegram.org
dpm.demdex.net
euw-ice.360yield.com
exchange.buzzoola.com
ext-strm-cogent03.strm.yandex.net
favicon.yandex.net
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hunterers.com
im.bluevoox.com
installpack.net
kimberlite.io
log.strm.yandex.ru
match.360yield.com
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
mpraven.org
nr.bidderstack.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.konnektu.ru
profile.ssp.rambler.ru
px.adhigh.net
px.arcspire.io
redirect.frontend.weborama.fr
rtb-eu-warsaw.intent.ai
rtb.com.ru
rtb.nl3.eu.criteo.com
s.uuidksinc.net
sm.rtb.mts.ru
sonar.semantiqo.com
ssp-rtb.sape.ru
ssp.adriver.ru
static.addtoany.com
static.criteo.net
strm.yandex.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.gonet-ads.com
sync.upravel.com
t.adx.opera.com
tech.rtb.mts.ru
tpc.googlesyndication.com
uuidksinc.net
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
z.cdn.adtarget.me
mitdmp.whiteboxdigital.ru
sonar.semantiqo.com
130.193.58.13
142.250.185.226
142.250.186.98
148.251.78.49
159.69.142.212
176.99.5.252
178.250.0.160
185.15.175.147
188.42.105.236
188.42.34.64
193.232.150.69
193.3.184.137
193.3.184.200
195.201.106.117
2001:6d0:4001::226
2001:978:7401:1::19
212.32.253.229
213.87.44.187
217.65.2.150
217.66.147.40
23.88.12.13
2606:4700:10::6816:47c5
2606:4700:20::681a:e45
2606:4700::6811:180e
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a01:230:2::21f
2a02:2638:3::3
2a02:2638:3::9
2a02:2638::21
2a02:2638::b
2a02:2638::c
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::28d
2a02:6b8::36
2a02:6b8::487
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
31.172.81.160
31.220.27.134
35.177.4.157
35.190.24.218
37.18.103.22
37.18.16.16
52.45.175.185
54.229.123.96
63.33.154.254
81.222.128.215
82.145.213.8
83.222.114.188
85.192.12.173
87.242.89.90
87.242.93.112
88.208.46.156
88.208.46.59
88.208.5.115
89.108.120.76
89.108.127.68
91.192.148.30
93.95.102.105
94.139.255.195
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
0559962f37bbdd47b3a5d9c220346a96de131e7d0ef210a0a0dfd98942c6d9d9
066bac8a91b3f25c83032f9d8cc7fb348ae401a436546e689881c888322ea4ae
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e5ff0847eadf9d7d6cb7b17033f5e5995e55a4589cad919722369edfa151969
106c8edc4d0efd3fa76416d64a5758928d2b68549945c0192058979a881ebd40
1406b0fa38677e563293cb09c96df2ea236b1da0ab520fdd9f19622b80264a64
15684309274ca43c5240c88c5be2c9ed2f56ed2b38d0367dc372760f9e287c50
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18475b9108d7b371ac408a1c2feb6be285f485aa0bb556ec267c66ba5281282e
189e4417cfd2ba6e044f6c995f3a43091cee252626f2e7abdfeb7a05bb63d5a7
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
19bded2d9cba71a31fd4aa13a02b22c9b7648e067be1c27c4c9f90549e745cb9
1c1561e7cda9cf1a36d405c1dfa965ae7e0b6d7589b203d0177bb18e60316fb1
1d3ded4b9344b60b3bceaa329a439ef0feb33215bcbf35c4cbcb8cc14d2daf29
24302da202d5f76b541e8be13ca84e5f59d04ca28b78280d8c62cc88e5e9a42a
25602fcd92d50d8b56dd16d9b1a79e0b969981feb85b2f016c0825a769eafc18
266d747bc2251130403b329830c637ae7aff70c14b8672adaeb3490e6726b4e2
273746bfb4f9aab48bc043b02f453ae18fedad76a5244fdf2c24fe631fd5d46a
28e06ebfb4e628e46f3ef087b728232d21808f9753b5370c20e78205973bba47
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2afb76ffc5374245e6402622fa34fd329aacd836ba1e7c3a865063cd446453ea
2c5cc47eb8499efe3f4353bc50b38690756e78da21b0e158e14293b39c5ef812
2c8609a8930cbb1cbdeb839571ace81ecbb3b4b5609ff56f8162c61f32134acc
2d22812d5c843fc8b5ada6412be7927d2ff7d31c2718e6b78b98911c4938cf46
2e4188515828c942a5eb2f047a2246cdf68a7aeea374009dde58629fe0c9beed
30491c6b81dad3b6bb4e8576dbfba06cdee3e80ccd39663af5426d10501b5f3f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32101b805bf9c598ec6a2f26566d176fbcd6d91d5ba082cb621093f1d1a3fb8e
3286f9a70293454f005e1f6352083d63bbf12fefa3a192cd1f27405679ea3bb4
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
380b46f90ddea042fadd02cd90ba8a1c18b7ff302a0c82ee98e0a1aeba4c7fa6
386e45abe00260ea48cb0b2d7e017908e6760b242c44837de4e857b0c9814697
3a19ff3554a1e589f756a92be8263726674127c133feb1d333095668b77ba08c
3d3ea446b44bd1d64dd9e973c0fbc56c6c50541814b038653a80c723baed86a2
3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43
401503518894f575673732c689a7885c78bb615900c0c3f726765eb4ce6aa799
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
45eb85486762b6f590083f2dbaec645b06706824904b64fe0f55ae3f486bf716
46a9423304c00ed5bddd23e4db997587770ece0e0f30475b091b15da2c733bbf
4958607da2a850ef6629c21420710b7c9fec2b0de527bcad62d9d88f54f079a1
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4ab456e9461641e5efb81e0b5fc8d235d73981534a2ca5cea3e092c1678e625a
4b3dea4bed542174e552ea737d7bcafae537640c46a079ab169aab0c2198af9a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e578c2bc7b4cb5ee47d4e240e887ec0edf515d1de0b69a5415c25408fcc96e4
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
50b37f427de29e8c0e67028aad2efc781545509eda179b655934921dbbda8daf
5342e0087d729ac69f6c912d0ecb369d87778525083731480176eb9c1a377758
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b0132a1207a2ecf8ee8b12e208fe7551108d09de8f8aeb6a019b77c22057bf
54bc30a4cd8464bb75013d18866ffa4f74e08d1ffe3238e0100770ada8947969
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562f74199a50c24bcb7d088e403d9cc7e0b5df53297b4d3a62fede4a4cb89623
58920a300786955023c97a0a6d468e3c1ea14e622011797d432baefdf739cca9
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5ac61d879ee5336da40d53dab917787f98ea515ff764da62136d238e2e219d3b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d1dcfe8737cf39d0592a0c41c3533ebb5e9c5ae69de5f08b90e3dd9afc7fa93
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138
68d17341a90b4af7400a9096afe504bf2d21bf378c5f3e594436dbba105afe84
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b829fb8f86ef0240affa313e529bbd854e648938d97a5c38645f0335205b504
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6e6509f577cb8d5f929606fd9c2c6fe454b6bd51e94eaceee14a39d5e507db39
6f82a27bc12d72baa63167352a41b5452b402fba4f7c6d95a1710744f74c86b8
704beee66106a28dc06b0eb5dda0de4d29beccc49b95d1f77b10d301e24272be
713ba573bd44652ff38f4445d9807d587e34e2e81ebdcae673a4414606d784e8
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72fa686f1716fa37e17ffde689f8128a47d29d4b07855d5dc7a8e6386b448f18
73cfb0ed71e314a835831530e27ba1fde5609b224781f7dbc2dd3eb9a08603cd
74017d97a0876e72ef09a14ea0b3ad49a744811c726e7b05e305d4a6e3e07612
74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f
76577d7a991403b3ec131c3a0902f9ea59f168e28951f3c6ad31c16b4dfa7eb2
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7c0aea7b92e8dc151bd67d1344cf131f0d718598f7ed3371bcd72136458bd76a
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
80042a2ba4be8704e8b41ec93c8e81a2c6df1f2b4176b272fefa2611a5af30b5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84489af3e3f7bc393e5655151c23cbaf8019c33336c856a557524ae1ccd5a8ea
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8d74b7089a68f822f535c265ed9b4faf167417defaeed5985d00f7d1f8d83007
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
91cf4fc3fe45dac57c4e9a50dcb46c8796dda060ef34759f1672d83966ed8d8e
91cf709fd2276a4261651f0814eb4460acd00d0f0ec38ea9815a4a2b075f868b
96840bd7cc7d8edd1d1ffaff60d7f335fd866cd9a6132c8524d620482f4df64a
96d05ac67ae923b75e43fdbe5b40f04de3b9dec0d77c355968df3313f1d68394
973408bd1a1da181c7eaa9293c0cd095f3836a76b626bc76af21e1cd96b5dcde
99aff61d2168ad41285dadb39fe1472d4b66bcb3f4f4f1e0c0a443d329b59569
9a8055e54d37fc509c6e60476b2139f392bd2c8eb4dea39ebb8b371e0cc2b624
9bbc26e9654a129a6df830248b94862ada7a4c2bdb2389a32e466c7a42d2c98f
9bfbf9f281853aa93ff0bdb29d5935fdede5b5aefecc87645b26c047d11129bd
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9e18ee83ef2aff7978b95d3910f34cf2dec6bfb49b39146c5b334b9a5ccf5133
9f3f0ace3076a9187e441c0a7dc34ec29b87b6c673317f0f59e5741a75918b41
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a143601cbf91eb6fd625e915d15103fdb1883e63177e7065f439870cb24025a7
a1a1b86ef87abb664993bd9b1fe433f3f1f60834793d4ce968f08ed4f9f04b68
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4dec481356a8c5d96f80302b02304fdb74eb8b522327d956d12907772d7498d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ab548a93ed36fe1ef106f1905a89684ec097c373107ccb0e62cb5c2d1ae1769c
ab77eaac8440d50b7b37c5eacace4b577536ad17c5ff562668ce9e8853be66d7
b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2
b02f26cd50ee99e88dc04fcf64d3d02e024f8ce49447e9aad3962438e62b5709
b11ab555e92666583e7f4f0d2e42ea85c8e725b5bbdbc2bc4371d3f5c1c6537b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f798097d6f80c7dfa36878092865f5f88160f9e3f3786f158c78cc37820e14
b4dbefa28cde38647288171fe8ece2474aa07b63104590bb1d23c9f575b74dc8
b65482c4f7f198e9e37a5a600bdda73dc504dbcb0f49454644b171bfded11786
b9f3ff3b4033aca5254266b9eeb88ec4f163462a9082b7ec6c039bc640a6c524
ba08211e0a4669384dee0dc42fae6962587e31a06146a31a2ad5a766a3354eb8
c243586c593f49af9813b2c108792d4dca87282095e310d95794d022cbd115db
c2539f1380cb321bf513209e5dbb5b375bf734954123e821a62c9bbd8d8a859f
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e
caeaf02fa4a8a45438c270767c4e50fc7f3ed5f94a4c90984eaacb87c2e8a693
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
cf0e934daa92ef101fcdf4f64d318324f197533bc3a8ad60630a947cef5d7073
d0b3bc79248fc4404d4acb213f9585f7a52fc97273718a7f26045074b6da0bb0
d4f751659e7cb5039beef6aa7c8a0ce37b3943209ee90896c790b1c7cbc9cf4b
d9f5a7bb86b216f27dfde6db9d0a65689c3bd94e63348d084489791df472533c
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e33e056a54e2512fcdfde9634812a65ce2eb43a5b0c3f2659c5816391b51d8c1
e3696083e5110b4c83765aaadf53e1f4a2bb8f43a419b9c4e42e7ff9d5573267
e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
ea84bda00a05c4bad2d4208a17b812416293602e158394ad5280567c4a1f0d8b
eabbdf222a6fdefc15823ad881245c5b3d19f3cd9e76537cf6eac726d47f3005
eb370d0cf8a89e349d3fa9ce2f3901ad5e890aec3eb38c94f286fff00617ce18
ec1a9a7a1efb55aff57d14ffde27c233c4568e4639b850030e1d0c617af0fef4
eebf6cc55ea3e4ca212dd3da2673c12739e0e482b5665345bf87d2dea5589d34
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76
f15944f6f227cf9f6941788e04a4f529f29f1c2b7894c9143a3f751c6830df05
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f71a02c3678fa32960a613b256b1f91f4f4383bc95c24e8faf8771bc849083d0
f76accc5bfe44328a3a0b532ce8cac01d2d854a02bbd07d20b5a4c6f72fd4092
f804f52520f38b47e6b486e45fc2760fe5226f268a19768dbb24dd5697653df5
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
fc181b297bcd7d0ac64d2f6eec10ac1aa11c5e6b5a8030e44e622e31c277ea9b
fd2c212a7991be7272bc2d5b0163c875b8070234c548eb5453d5f4627f2e2ea3
fd855412a4f1e588f022460fd8d8eacadea666dfb8996306ce9f12e56074ccb1
ff40b9071942315f5de76b3a6fe687ba75df1903a2d131f1714da59d16299a55

download-telegram.org Open in urlscan Pro 2a01:230:2::21f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

264 Requests

81 %HTTPS

43 %IPv6

57 Domains

80 Subdomains

55 IPs

9 Countries

6137 kBTransfer

10145 kBSize

67 Cookies

3 Outgoing links

Redirected requests

264 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

download-telegram.org Open in urlscan Pro
2a01:230:2::21f Public Scan

Screenshot
Live screenshot

Full Image

264
Requests

81 %
HTTPS

43 %
IPv6

57
Domains

80
Subdomains

55
IPs

9
Countries

6137 kB
Transfer

10145 kB
Size

67
Cookies

264 HTTP transactions
3 data transactions