www.presstelegram.com Open in urlscan Pro
192.0.66.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/2s9RVa2UZV
Effective URL:
https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-thro...
Submission: On June 27 via manual (June 27th 2024, 2:46:36 pm UTC) from IN — Scanned from GB

Summary HTTP 137 Redirects Behaviour Indicators

Summary

This website contacted 38 IPs in 7 countries across 29 domains to perform 137 HTTP transactions. The main IP is 192.0.66.2, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is www.presstelegram.com. The Cisco Umbrella rank of the primary domain is 418018.
TLS certificate: Issued by E5 on June 7th 2024. Valid for: 3 months.

This is the only time www.presstelegram.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	93.184.221.165 93.184.221.165	15133 (EDGECAST) (EDGECAST)
1 1	99.86.4.62 99.86.4.62	16509 (AMAZON-02) (AMAZON-02)
25	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	13.32.27.92 13.32.27.92	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
5	2600:9000:266... 2600:9000:266e:d000:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:235... 2600:9000:2359:6a00:10:474e:104a:2961	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:401... 2a00:1450:4013:c16::54	15169 (GOOGLE) (GOOGLE)
15	18.66.147.86 18.66.147.86	16509 (AMAZON-02) (AMAZON-02)
2	18.66.122.52 18.66.122.52	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	18.66.112.4 18.66.112.4	16509 (AMAZON-02) (AMAZON-02)
1 17	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.162.0.228 35.162.0.228	16509 (AMAZON-02) (AMAZON-02)
3	18.235.100.15 18.235.100.15	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
5	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	35.190.38.143 35.190.38.143	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2	18.66.130.11 18.66.130.11	16509 (AMAZON-02) (AMAZON-02)
1	18.244.18.122 18.244.18.122	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	3.161.77.50 3.161.77.50	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c09::9c	15169 (GOOGLE) (GOOGLE)
1	172.67.75.166 172.67.75.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	63.34.81.234 63.34.81.234	16509 (AMAZON-02) (AMAZON-02)
1	104.18.41.104 104.18.41.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	18.157.142.191 18.157.142.191	16509 (AMAZON-02) (AMAZON-02)
137	38

1 93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.62 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-62.fra6.r.cloudfront.net

ift.tt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 192.0.66.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

www.presstelegram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-92.fra56.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:266e:d000:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2359:6a00:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4013:c16::54 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 18.66.147.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-86.fra60.r.cloudfront.net

m869.presstelegram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-52.fra60.r.cloudfront.net

tags.remixd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-4.fra56.r.cloudfront.net

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.64.146.152 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ins.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.162.0.228 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-0-228.us-west-2.compute.amazonaws.com

session.presstelegram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.235.100.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-100-15.compute-1.amazonaws.com

digitalfirstmedia.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

loader-config.presstelegram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fp.theoaklandpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g2i.theoaklandpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
engage.theoaklandpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.38.143 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 143.38.190.35.bc.googleusercontent.com

pubcast-files.remixd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.130.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-130-11.fra60.r.cloudfront.net

cdn.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.18.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-122.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.77.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-77-50.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.166 (United States)

ASN13335 (CLOUDFLARENET, US)

api-mg2.db-ip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)

lit.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.142.191 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-142-191.eu-central-1.compute.amazonaws.com

k.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	presstelegram.com www.presstelegram.com — Cisco Umbrella Rank: 418018 m869.presstelegram.com — Cisco Umbrella Rank: 870771 session.presstelegram.com loader-config.presstelegram.com	784 KB
18	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 4096 cds.connatix.com — Cisco Umbrella Rank: 4006 capi.connatix.com — Cisco Umbrella Rank: 903 ins.connatix.com — Cisco Umbrella Rank: 5341 lit.connatix.com — Cisco Umbrella Rank: 6331 vid.connatix.com Failed	399 KB
5	google.com accounts.google.com — Cisco Umbrella Rank: 45 region1.analytics.google.com — Cisco Umbrella Rank: 3125 www.google.com — Cisco Umbrella Rank: 5	84 KB
5	osano.com cmp.osano.com — Cisco Umbrella Rank: 5804	90 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71	22 KB
4	theoaklandpress.com fp.theoaklandpress.com — Cisco Umbrella Rank: 50715 g2i.theoaklandpress.com — Cisco Umbrella Rank: 50800 engage.theoaklandpress.com — Cisco Umbrella Rank: 43985	525 KB
4	gstatic.com fonts.gstatic.com	107 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 844 trc-events.taboola.com — Cisco Umbrella Rank: 2315	220 KB
4	p-n.io cdn.p-n.io — Cisco Umbrella Rank: 4752 k.p-n.io — Cisco Umbrella Rank: 2563	57 KB
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235	32 KB
3	blueconic.net digitalfirstmedia.blueconic.net — Cisco Umbrella Rank: 92489	2 KB
3	remixd.com tags.remixd.com — Cisco Umbrella Rank: 24281 pubcast-files.remixd.com — Cisco Umbrella Rank: 25815	49 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83 ajax.googleapis.com — Cisco Umbrella Rank: 469 imasdk.googleapis.com Failed	34 KB
2	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3827	126 B
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3831 p1.parsely.com — Cisco Umbrella Rank: 2653	22 KB
2	listrakbi.com cdn.listrakbi.com — Cisco Umbrella Rank: 12791	41 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	260 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 3745 pixel.wp.com — Cisco Umbrella Rank: 3684	3 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	97 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 9091	154 KB
1	db-ip.com api-mg2.db-ip.com — Cisco Umbrella Rank: 24613	766 B
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 188	227 B
1	w.org s.w.org — Cisco Umbrella Rank: 3961	747 B
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2932	22 KB
1	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 6702	38 KB
1	ift.tt 1 redirects ift.tt — Cisco Umbrella Rank: 453102	561 B
1	t.co t.co — Cisco Umbrella Rank: 726	542 B
0	jwplayer.com Failed cdn.jwplayer.com Failed
0	polyfill.io Failed polyfill.io Failed
137	29

	Domain	Requested by
25	www.presstelegram.com	t.co www.presstelegram.com cmp.osano.com
15	m869.presstelegram.com	www.presstelegram.com m869.presstelegram.com cmp.osano.com
11	cds.connatix.com	cd.connatix.com cds.connatix.com cmp.osano.com
5	cmp.osano.com	www.presstelegram.com cmp.osano.com
4	www.google-analytics.com	cmp.osano.com www.google-analytics.com
4	fonts.gstatic.com	fonts.googleapis.com
3	capi.connatix.com	1 redirects www.presstelegram.com cds.connatix.com
3	digitalfirstmedia.blueconic.net	cmp.osano.com
2	k.p-n.io	cdn.p-n.io
2	trc-events.taboola.com	cdn.taboola.com
2	ins.connatix.com	cds.connatix.com
2	www.google.co.uk	www.presstelegram.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	cdn.listrakbi.com	cmp.osano.com
2	engage.theoaklandpress.com	cmp.osano.com
2	www.googletagmanager.com	cmp.osano.com
2	cdn.taboola.com	cmp.osano.com
2	session.presstelegram.com	www.presstelegram.com
2	cdn.p-n.io	www.presstelegram.com cmp.osano.com
2	tags.remixd.com	www.presstelegram.com tags.remixd.com
2	accounts.google.com	www.presstelegram.com cmp.osano.com
2	cdn.jsdelivr.net	www.presstelegram.com cdn.jsdelivr.net
2	htlbid.com	www.presstelegram.com
2	fonts.googleapis.com	www.presstelegram.com
1	securepubads.g.doubleclick.net	cmp.osano.com
1	www.google.com	www.presstelegram.com
1	lit.connatix.com	cds.connatix.com
1	p1.parsely.com	www.presstelegram.com
1	api-mg2.db-ip.com	fp.theoaklandpress.com
1	cdn.parsely.com	cmp.osano.com
1	sb.scorecardresearch.com	www.presstelegram.com
1	g2i.theoaklandpress.com	cmp.osano.com
1	fp.theoaklandpress.com	cmp.osano.com
1	s.w.org	www.presstelegram.com
1	pubcast-files.remixd.com	tags.remixd.com
1	loader-config.presstelegram.com	www.presstelegram.com
1	az416426.vo.msecnd.net	cmp.osano.com
1	pixel.wp.com	www.presstelegram.com
1	cd.connatix.com	www.presstelegram.com
1	stats.wp.com	www.presstelegram.com
1	cdn.auth0.com	www.presstelegram.com
1	ajax.googleapis.com	www.presstelegram.com
1	ift.tt	1 redirects
1	t.co
0	imasdk.googleapis.com Failed	cds.connatix.com
0	vid.connatix.com Failed	cds.connatix.com
0	cdn.jwplayer.com Failed	tags.remixd.com
0	polyfill.io Failed	cmp.osano.com
137	49

This site contains no links.

Subject Issuer	Validity	Valid
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
presstelegram.com E5	`2024-06-07` - `2024-09-05`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
htlbid.com Amazon RSA 2048 M01	`2023-09-21` - `2024-10-18`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.osano.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
*.auth0.com Amazon RSA 2048 M03	`2024-01-25` - `2025-02-22`	a year	crt.sh
accounts.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
a352.sandiegouniontribune.com Amazon RSA 2048 M02	`2023-11-01` - `2024-11-29`	a year	crt.sh
*.remixd.com Amazon RSA 2048 M03	`2024-01-10` - `2025-02-07`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
pushlycdn.com Amazon RSA 2048 M03	`2023-12-16` - `2025-01-12`	a year	crt.sh
connatix.com GTS CA 1P5	`2024-04-29` - `2024-07-28`	3 months	crt.sh
*.presstelegram.com Amazon RSA 2048 M02	`2024-02-29` - `2025-03-30`	a year	crt.sh
*.blueconic.net Amazon RSA 2048 M02	`2024-05-08` - `2025-06-06`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2024-06-06` - `2025-06-06`	a year	crt.sh
sni320d9gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-19` - `2024-10-18`	a year	crt.sh
pubcast-files.remixd.com GTS CA 1D4	`2024-05-07` - `2024-08-06`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh
sni32107gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-19` - `2024-10-18`	a year	crt.sh
sni32105gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-19` - `2024-10-18`	a year	crt.sh
sni32106gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-19` - `2024-10-18`	a year	crt.sh
*.listrakbi.com Amazon RSA 2048 M03	`2023-12-08` - `2025-01-03`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.parsely.com Amazon RSA 2048 M03	`2024-04-05` - `2025-05-04`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.co.uk WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
db-ip.com GTS CA 1P5	`2024-05-15` - `2024-08-13`	3 months	crt.sh
ins.connatix.com WE1	`2024-06-15` - `2024-09-13`	3 months	crt.sh
lit.connatix.com WE1	`2024-06-09` - `2024-09-07`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.p-n.io Amazon RSA 2048 M02	`2023-12-08` - `2025-01-03`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Frame ID: 5575DE39117AAA5FD1ED5BADD629FC2C
Requests: 117 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.playspace.js
Frame ID: 755FF8CFC4C7D4A6F7CB48175A6D7E2D
Requests: 18 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 887F2D13F49E40A169FCB9699B351D4E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: 7039245927EBE9EEBCC0AFE423E37545
Requests: 1 HTTP requests in this frame

Frame: https://cdn.jwplayer.com/libraries/FUtg69tL.js
Frame ID: 69CCE4FCDD34C2CEF871442F0A427EEA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.co/2s9RVa2UZV Page URL
https://ift.tt/MnpxdTt HTTP 302
https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-av... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

137
Requests

88 %
HTTPS

39 %
IPv6

29
Domains

49
Subdomains

38
IPs

7
Countries

3075 kB
Transfer

12130 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/2s9RVa2UZV Page URL
https://ift.tt/MnpxdTt HTTP 302
https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97

https://capi.connatix.com/core/sync HTTP 302
https://capi.connatix.com/core/sync?tier=1&final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=9

137 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 2s9RVa2UZV
t.co/ 221 B
542 B 317ms
153ms Document
text/html 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/2s9RVa2UZV

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 171
content-type: text/html; charset=utf-8
date: Thu, 27 Jun 2024 14:46:05 GMT
expires: Thu, 27 Jun 2024 14:51:06 GMT
perf: 7402827104
server: tsa_f
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 9176cef8fe51a7637e7d824c27ac1e7a367bd04621db727cbefe2f47c0f68cec
x-response-time: 118
x-transaction-id: ac27699a65c11b3f
x-xss-protection: 0

GET
H2

200

Primary Request / Show response
www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Redirect Chain

https://ift.tt/MnpxdTt
https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

169 KB
37 KB

588ms
459ms

Document
text/html

192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Requested by

Host: t.co
URL: https://t.co/2s9RVa2UZV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

84126c860d5590d092cc1039b4da58ec9323b4fbfaebafdbd698aa85e9013ffc

Security Headers

Name

Value

Content-Security-Policy

default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;

Strict-Transport-Security

max-age=31536000;includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://t.co/2s9RVa2UZV
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: private, no-store
content-encoding: br
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
content-type: text/html; charset=UTF-8
date: Thu, 27 Jun 2024 14:46:07 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.presstelegram.com/wp-json/>; rel="https://api.w.org/" <https://www.presstelegram.com/wp-json/wp/v2/posts/4716807>; rel="alternate"; type="application/json" <https://wp.me/p9cWYN-jN3x>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: MISS
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: lhr3 111 253 443

Redirect headers

cache-control: no-cache
content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 27 Jun 2024 14:46:06 GMT
location: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.22.1
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
x-amz-cf-id: pImOFwCxpt0UNar_MvvKKaJh8ijlSFtgApEhEgP7IZNZ_Hglj1cWfw==
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
x-clacks-overhead: GNU Terry Pratchett
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 4cf97c9a-82a0-40bc-90e6-bdff748952a0
x-runtime: 0.008975
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 472ms
74ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;400;700&family=Noto+Sans:wght@300;400&display=swap

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ffdbde5525c0f91c0b7a999645cf1c30811576d7ce82699d7fdafaa06c1487f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Jun 2024 14:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Jun 2024 14:46:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jun 2024 14:46:07 GMT

GET
H2 200 htlbid.css
htlbid.com/v3/presstelegram.com/ 1 KB
570 B 671ms
487ms Stylesheet
text/css 13.32.27.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/presstelegram.com/htlbid.css?ver=6.5.5
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-92.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 794d444f814675361a19cff0e4169285c1c2ef8d1a3125718e584ce05d8f584f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: br
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
last-modified: Wed, 26 Jun 2024 12:01:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: W/"67012a504121d11a41d8929b8092809c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: max-age=600
x-amz-cf-id: LinWkHOruK2K20fLcGFby2drcEaMJ0wRriRsldOl1ehftCBW0zC9tg==

GET
H2 200 style.css
www.presstelegram.com/wp-content/client-mu-plugins/src/Sitemap/includes/ 880 B
546 B 44ms
39ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-content/client-mu-plugins/src/Sitemap/includes/style.css?m=1670265521g

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c540cdeba4eb897beea1c93c6452269a4de7b86a2e670b5b0ad37f9bbfc78c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Mon, 05 Dec 2022 18:38:41 GMT
server: nginx
x-rq: lhr3 111 254 443
etag: W/"638e3ab1-370"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 trust-indicators.min.css
www.presstelegram.com/wp-content/plugins/dfm-trust-indicators/static/css/ 4 KB
1 KB 45ms
39ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-content/plugins/dfm-trust-indicators/static/css/trust-indicators.min.css?m=1698234336g

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e6b879680c38e48bbf0ba91c2c9e104a7846fa2af3b2f0727c2837a8de24dbc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Wed, 25 Oct 2023 11:45:36 GMT
server: nginx
x-rq: lhr3 111 254 443
etag: W/"6538ffe0-e03"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 mng-digisubs.styles.css
www.presstelegram.com/wp-content/plugins/mng-digisubs/static/ 16 KB
5 KB 45ms
39ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-content/plugins/mng-digisubs/static/mng-digisubs.styles.css?ver=1719343358

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f1be20933a0c951dd3888ee8a23b5f93aec5bca3bc8dfa6107bdcc6170c4163d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Tue, 25 Jun 2024 19:22:38 GMT
server: nginx
x-rq: lhr3 111 253 443
etag: W/"667b18fe-3f5f"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 mobile-adhesion-style.css
www.presstelegram.com/wp-content/client-mu-plugins/src/Ads/assets/css/ 1 KB
639 B 45ms
40ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-content/client-mu-plugins/src/Ads/assets/css/mobile-adhesion-style.css?m=1670265521g

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6ef1aa2d1945fd9fb1bd4eb00c603d868f89477a33e9ec2ef7c7035c5a16df31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Mon, 05 Dec 2022 18:38:41 GMT
server: nginx
x-rq: lhr3 111 253 443
etag: W/"638e3ab1-441"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 bootstrap-icons.min.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ 56 KB
9 KB 195ms
33ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de71eb66c755f04802db6d9c95ec1b72f6ffde96a270a414dae8c35112dc2edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 27 Jun 2024 14:46:07 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1861685
x-jsd-version: 1.5.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8291
x-served-by: cache-fra-eddf8230113-FRA, cache-lon420135-LON
x-jsd-version-type: version
etag: W/"e199-s4EOtcHNHDucfaSQW8X8tLnt6FQ"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css
fonts.googleapis.com/ 20 KB
2 KB 1482ms
65ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i&ver=6.5.5

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44d6f214e7cb063546a15bd93afd0b633ffd08d0255c6b3721fd01cc96d96183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Origin: https://www.presstelegram.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Jun 2024 14:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Jun 2024 14:46:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jun 2024 14:46:08 GMT

GET
H2 200 /
www.presstelegram.com/_static/ 121 KB
28 KB 44ms
40ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/_static/??-eJyVj0EKAjEMRS9kJtai4kI8ipQ0DtW2KSbD4O3tgILudJf/4T1+cG5AUo2rYcvTmKpivBQIEYpERbVgiZC0n3RnrkNJdehxhR9kmeANX9laoBs4P2yxK6bMinOKI5uiSYMmaov3kflnzzlVQhVKIUOWUfQr/DVp+eRVLMypHN3eHfxuvfH+CXSxYRw=

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f229e6122ebd4c1106e73ab793141dc727ce4b34524553b49481b4d471fce78f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Wed, 26 Jun 2024 00:03:53 GMT
server: nginx
x-rq: lhr3 111 254 443
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 osano.js Show response
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/ 232 KB
58 KB 444ms
235ms Script
application/javascript 2600:9000:266e:d000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:d000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

1fc5d9e09d849e1b345b3998034947759f32ef5f25f2130067565a2a3537b962

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:07 GMT
content-encoding: br
via: 1.1 383422f03bfc9d77974d0ac637421c22.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58615
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 26 Jun 2024 16:36:15 GMT
server: CloudFront
etag: "5d261f7efb259a8a4a03644fc977158f"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: sas2lnutgtfYadsa4fbVP45AkHyJEaVn-igEoNrZ55eOVZzIt-4luw==

GET
H2 200 htlbid.js Show response
htlbid.com/v3/presstelegram.com/ 611 KB
154 KB 2416ms
2416ms Script
application/javascript 13.32.27.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/presstelegram.com/htlbid.js?ver=6.5.5
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-92.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ce59c90fe90c46670e4cd7029b383a633861c274a42f0cbe72b74c74f7341dd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: br
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
last-modified: Wed, 26 Jun 2024 12:01:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: W/"82e5cd3fb83c32227154237c9eae8309"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: bFSWLorq9qNDG9ttL1AyuNRaGklownyijll22WMVEVvxHlf6wXC6IA==

GET
H2 200 sso-tools.min.js Show response
www.presstelegram.com/wp-content/client-mu-plugins/src/SSO/assets/js/ 10 KB
2 KB 44ms
40ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-content/client-mu-plugins/src/SSO/assets/js/sso-tools.min.js?m=1719422422g

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5000f0e689a7c0c1670c8e994cfba91b190d0f125e895696cccddcf4cf3d04ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Wed, 26 Jun 2024 17:20:22 GMT
server: nginx
x-rq: lhr3 111 254 443
etag: W/"667c4dd6-2990"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 243ms
58ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 22:19:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 22:19:06 GMT

GET
H2 200 loader.min.js Show response
www.presstelegram.com/wp-content/plugins/loader-wp/static/ 40 KB
12 KB 43ms
40ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.6.1

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c37392e76245ae7a40fccced49d896542d759decd42d5929b3f6d0c0976f2afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Wed, 06 Mar 2024 19:06:12 GMT
server: nginx
x-rq: lhr3 111 254 443
etag: W/"65e8bea4-a0c9"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 engageLibrary.min.js Show response
www.presstelegram.com/wp-content/plugins/loader-wp/static/ 44 KB
11 KB 43ms
40ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-content/plugins/loader-wp/static/engageLibrary.min.js?m=1719343358g

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8684da074cb346b8363ea2680fd40a49058a359d2be65de0324af390d0732f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Tue, 25 Jun 2024 19:22:38 GMT
server: nginx
x-rq: lhr3 111 254 443
etag: W/"667b18fe-af7a"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 auth0-spa-js.production.js Show response
cdn.auth0.com/js/auth0-spa-js/1.13/ 105 KB
38 KB 283ms
59ms Script
application/javascript 2600:9000:2359:6a00:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/js/auth0-spa-js/1.13/auth0-spa-js.production.js?ver=6.5.5

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:6a00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

01d6389de5581a2a3eb0cd4d6a05cb136bf07d221306f89173a080c73a38e392

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 6AzkYKZDwDnSxmQe5SqIWFlWTPBMtbyI
content-encoding: gzip
via: 1.1 3de687dde9ccf524586562826ee53358.cloudfront.net (CloudFront)
date: Thu, 27 Jun 2024 12:27:06 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 8342
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
last-modified: Thu, 07 Jan 2021 14:32:49 GMT
server: AmazonS3
etag: W/"8bea9e0d733d097381a1b5eb8c40983d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800,public
x-robots-tag: noindex
x-amz-cf-id: 4Nnpv7-XT-EJkgzJbZ4PMYvV_zAtjaw-2Uo-a8Yejx3A9ntOgixjXA==

GET
H2 200 client Show response
accounts.google.com/gsi/ 219 KB
83 KB 241ms
61ms Script
application/javascript 2a00:1450:4013:c16::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client?ver=6.5.5

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c16::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

78fe543f9f5d1c63f95e71099401011bb3c831dcd25239a50d1f71d78da852f1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-UclXXZmcwTscIX-zfJvPdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:07 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-UclXXZmcwTscIX-zfJvPdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 27 Jun 2024 14:46:07 GMT

GET
H2 200 / Show response
www.presstelegram.com/_static/ 361 KB
50 KB 43ms
40ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/_static/??-eJylzEEKgDAMBMAP2YaKIB7Eq9+otpRIG8Wk6POtJ/GqEFgIuwPHpuaVxJPAFnNAYkgUlMOAnCcGFis4v346WSQ9ZXLR64Ur+GKUAflT/jKljBJ9Ksl/rYyjvYH9gYbUm9Z0TV2XWy6/SXES

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c28b9509eb28f1e46ee4878a4ad3d3d5bd963bbf66e8f4043a03b2614ef11650

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Wed, 26 Jun 2024 17:20:22 GMT
server: nginx
x-rq: lhr3 111 253 443
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 script.js Show response
m869.presstelegram.com/ 150 KB
44 KB 539ms
54ms Script
text/javascript 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/script.js

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

cff2239297f7d548cda993a6bb819c9b00280d5736b07a2263d08582b0273c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
age: 45
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 44896
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Jun 2024 14:44:07 GMT
server: -
etag: a1a98bd5e08e8bf8446801a1e619916b
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: _p02knPmKQhShizy09MFed3oJL4rDi34j6obhR4N2ofhqJf5DydqBA==
expires: Thu, 27 Jun 2024 14:55:22 GMT

GET
H2 200 / Show response
www.presstelegram.com/_static/ 126 KB
31 KB 42ms
40ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/_static/??-eJyljDEOwjAMAD+EY7VCQgyIR/CCNDGJQ+xWdVK+TyfUgQ3pppPu8L1AmLWRNlxqT6yG8SngI8gcDa35xgGLYc5WIWQKLyesrtgJf7SiCSIntj5946Nzft1VpUf2K7mpa6z098tvh9VdbsNluJ7Hcad8AP9RUtY=

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

62fea2e1c684d85399c625083f28f58fff6bc835496acc98d0f97617b270138e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Wed, 26 Jun 2024 17:20:22 GMT
server: nginx
x-rq: lhr3 111 254 443
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 long_beach_press-telegram_black-392x40.svg
www.presstelegram.com/wp-content/uploads/2017/09/ 9 KB
9 KB 69ms
67ms Image
image/svg+xml 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.presstelegram.com/wp-content/uploads/2017/09/long_beach_press-telegram_black-392x40.svg

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

34554cca1d68d1c952b6d12bc418b6a8cb251850675186c1d408fb63ae201110

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:07 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: lhr3 109 30 443
last-modified: Fri, 22 Sep 2017 17:24:53 GMT
server: nginx
etag: "0214146f1bfe8417"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 8924

GET
H2 200 index.js Show response
tags.remixd.com/player/v5/ 34 KB
10 KB 240ms
68ms Script
text/javascript 18.66.122.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.remixd.com/player/v5/index.js?cb=%%CACHEBUSTER%%
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:45:57 GMT
content-encoding: gzip
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 17
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 10041
last-modified: Tue, 31 Oct 2023 15:34:26 GMT
server: AmazonS3
etag: "57b6f8ad4125903b7e06bb427c232d10"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=1800
accept-ranges: bytes
x-amz-cf-id: 8iMUd-I67bFwQG5Wr86lPhlCmBKGiqycJLRJ7W0Fnx3nPvUvk9bWRQ==

GET
H2 200 Trust-Logo-Horizontal.svg
www.presstelegram.com/wp-content/plugins/dfm-trust-indicators/static/images/ 7 KB
3 KB 91ms
90ms Image
image/svg+xml 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.presstelegram.com/wp-content/plugins/dfm-trust-indicators/static/images/Trust-Logo-Horizontal.svg

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d3110f199d22d9d122a62c288cca3b3c80edccdb2979c02bcbfa0602a7b88039

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Mon, 05 Dec 2022 18:38:41 GMT
server: nginx
x-rq: lhr3 111 254 443
etag: W/"638e3ab1-1ab8"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=300, must-revalidate
accept-ranges: bytes

GET
H2 200 socal-logo-sm.png
www.presstelegram.com/wp-content/themes/wp-mason/static/images/site-logo/ 8 KB
8 KB 35ms
32ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.presstelegram.com/wp-content/themes/wp-mason/static/images/site-logo/socal-logo-sm.png

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

881179ed8d76a220dc210c45af07c46373896683c0d394f1595cd7213cb4d7ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: lhr3 111 254 443
last-modified: Mon, 05 Dec 2022 18:38:42 GMT
server: nginx
etag: "638e3ab2-1fcf"
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 8143

GET
H2 200 dfm-logo-sm.png
www.presstelegram.com/wp-content/themes/wp-mason/static/images/site-logo/ 13 KB
13 KB 35ms
32ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.presstelegram.com/wp-content/themes/wp-mason/static/images/site-logo/dfm-logo-sm.png

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3214c1d02f0794737b58d56814b31c639c67f85c6eb6816c39804cf5d4041dea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: lhr3 111 254 443
last-modified: Mon, 05 Dec 2022 18:38:42 GMT
server: nginx
etag: "638e3ab2-3443"
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13379

GET
H2 200 / Show response
www.presstelegram.com/_static/ 18 KB
8 KB 51ms
51ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/_static/??-eJyVzUEKg0AMQNELdQwylbYL8SzipBrJJIOJLXp6ceGum24/PD58SxhUHMWh8DqSGGQZw+QMvRm6QSLzq4WsyapMUs12gx+2TOoqb2KGD0rSBQoNvi54pv8g9/tmtOP163JbP+pXvMfYPOcDkCFFEg==

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2c75ce09d476b37c7d1a4861fa8a33e5006123d8b4344c60dcde3d00e5bf20b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Tue, 25 Jun 2024 19:22:38 GMT
server: nginx
x-rq: lhr3 111 253 443
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 ads.js Show response
www.presstelegram.com/wp-content/themes/wp-mason/static/js/ 87 B
325 B 50ms
50ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-content/themes/wp-mason/static/js/ads.js?ver=1.0

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:07 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: lhr3 111 253 443
last-modified: Mon, 05 Dec 2022 18:38:42 GMT
server: nginx
etag: "638e3ab2-57"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 87

GET
H2 200 / Show response
www.presstelegram.com/_static/ 112 KB
30 KB 31ms
31ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/_static/??-eJydztEKwjAMheEXsgsbgnghPktts62zScqSTXx7C3qhIKLCufrhgwOX4oKwIRvYiIQKXhVNQc1bCjApBCESbsK48LmhxM2kG/jCFcnXPuWsvyBCr8uMcU2n2bN9oLWQV+EnnGUQl2hw3mx+R0tehsQKsSfnoyOJ+sJruz/6HWvHa4oof8giVl8/4JEO7a7db7uubroB1XCaHw==

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

73181c7a34ddc13439dbd2f62404fd22414a68b8690f9936902c56508f60faa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Wed, 26 Jun 2024 17:20:22 GMT
server: nginx
x-rq: lhr3 111 253 443
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 e-202426.js Show response
stats.wp.com/ 7 KB
3 KB 166ms
34ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202426.js
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-minify-cache: hit
x-nc: HIT lhr
date: Thu, 27 Jun 2024 14:46:07 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14421-1717166113627.1218
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Tue, 17 Jun 2025 13:58:06 GMT

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 274 KB
57 KB 249ms
53ms Script
application/javascript 18.66.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=eVG4zdTtv5ogBcGVQlE2BFCc8f4Hc1wJFW3k&ver=6.5.5
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-4.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd439944b1b12e121a2e22224e686260aaeba47870b2f102a1f696bc329c9af0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: gzip
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Sat, 22 Jun 2024 18:15:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 41
x-amz-server-side-encryption: AES256
etag: W/"f2bff3987a0ec4d0021b33ccb0920448"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: lyV7DXzsdoswjatQS9wn78_CwXR8nIIBweGa5zb0LfOiElwm0oXNFw==

GET
H2 200 sharing.min.js Show response
www.presstelegram.com/wp-content/mu-plugins/jetpack-13.5/_inc/build/sharedaddy/ 9 KB
3 KB 32ms
32ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-content/mu-plugins/jetpack-13.5/_inc/build/sharedaddy/sharing.min.js?ver=13.5

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9e1dae23d3ad3212f67d09ca79a50003c32953c36bab976f634c9b38d8a8c6dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Wed, 26 Jun 2024 00:03:53 GMT
server: nginx
x-rq: lhr3 111 253 443
etag: W/"667b5ae9-2259"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 measuredvibrant.css
www.presstelegram.com/wp-content/themes/assets/static/css/ 772 KB
148 KB 32ms
31ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-content/themes/assets/static/css/measuredvibrant.css?ver=1719422422

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

eaebf02a05b3ecb6b3638829c74fd1fa96502f5fd350b664207bf036e3fc49f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Wed, 26 Jun 2024 17:20:22 GMT
server: nginx
x-rq: lhr3 111 253 443
etag: W/"667c4dd6-c1145"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes

GET
BLOB 200
OK b89e15b1-47d3-44fe-8055-103a62e3de98
https://www.presstelegram.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.presstelegram.com/b89e15b1-47d3-44fe-8055-103a62e3de98
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H3 200 connatix.playspace.js Show response
cd.connatix.com/ Frame 755F 2 KB
1014 B 176ms
43ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cd.connatix.com/connatix.playspace.js
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f23b2bcd1543f64be4cb97535bbff27d8ffb1bfb5bd393f26dc96dc9d1cd837

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 89a63992df16777a-LHR
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET polyfill.min.js
polyfill.io/v3/ 0
0

GET
H2 200 session Show response
session.presstelegram.com/api/ 112 B
278 B 838ms
349ms XHR
application/json 35.162.0.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://session.presstelegram.com/api/session
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/_static/??-eJylzEEKgDAMBMAP2YaKIB7Eq9+otpRIG8Wk6POtJ/GqEFgIuwPHpuaVxJPAFnNAYkgUlMOAnCcGFis4v346WSQ9ZXLR64Ur+GKUAflT/jKljBJ9Ksl/rYyjvYH9gYbUm9Z0TV2XWy6/SXES
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.162.0.228 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-162-0-228.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 3dddc9ec1713ed777eb9873d6911e812e11344360a7945ed6206ab09e1948b40

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.presstelegram.com
date: Thu, 27 Jun 2024 14:46:09 GMT
access-control-allow-credentials: true
content-length: 112
vary: Origin
content-type: application/json; charset=utf-8

GET
H2 200 cs Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/ 16 B
704 B 606ms
306ms Script
text/javascript 18.235.100.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/cs?&callback=bc_json879

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.235.100.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-235-100-15.compute-1.amazonaws.com

Software

- /

Resource Hash

c6ea19906deac9d94b9b5bc730792f12df06565015884ba19416c1365beba2fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/ 16 B
701 B 487ms
188ms Script
text/javascript 18.235.100.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/cs?&callback=bc_json880

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.235.100.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-235-100-15.compute-1.amazonaws.com

Software

- /

Resource Hash

67338a97ef590e72680a386bdfdb475af4587ba3cfb5f6cad1e1f29dbd52e42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/medianewsgroup-network/ 908 KB
219 KB 184ms
32ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/medianewsgroup-network/loader.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3838401fa2e3ee00028b6119c2c1201129a656a6822b27078e51e0d3f7056cac

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: dDelDDANF1OKk1vhph4jS7dn4fqBH2dT
content-encoding: gzip
via: 1.1 varnish
date: Thu, 27 Jun 2024 14:46:09 GMT
x-amz-request-id: X167GQAMA6XGHHBF
age: 92
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 224073
x-amz-id-2: xC6c1G4ATZl27XV/iWsz2/31S42srl2nkqxTPBYN3bWhsyKAf8evikAMgVht4GmUQp/M6QvRPJE=
x-served-by: cache-lhr-egll1980049-LHR
last-modified: Wed, 26 Jun 2024 09:11:20 GMT
server: AmazonS3
x-timer: S1719499569.254533,VS0,VE1
etag: "7349ef1c234f99dc90cada93fd1993fc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 67
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 658 KB
157 KB 314ms
136ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b346de40aa3580f2f547467c7e492417fd7227e7a1e8a137cf818a98824c611f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 160301
x-xss-protection: 0
last-modified: Thu, 27 Jun 2024 12:15:36 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jun 2024 14:46:09 GMT

GET
BLOB 200
OK 1c30eb90-d542-4a7a-8a21-ae729e0c6460
https://www.presstelegram.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.presstelegram.com/1c30eb90-d542-4a7a-8a21-ae729e0c6460
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 219ms
72ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i&ver=6.5.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.presstelegram.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 01:29:01 GMT
x-content-type-options: nosniff
age: 47828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 01:29:01 GMT

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v35/ 37 KB
37 KB 237ms
91ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v35/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i&ver=6.5.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16a2619b4d831694734838f42d825eb871ee5160d241900b780ad523404b1c50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.presstelegram.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 22:17:29 GMT
x-content-type-options: nosniff
age: 145720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37764
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:11:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 22:17:29 GMT

GET
H2 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/ 88 KB
89 KB 1475ms
31ms Font
font/woff2 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0
Origin: https://www.presstelegram.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 27 Jun 2024 14:46:10 GMT
x-content-type-options: nosniff
age: 3238765
x-jsd-version: 1.5.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 90528
x-served-by: cache-fra-eddf8230031-FRA, cache-lon420120-LON
x-jsd-version-type: version
etag: W/"161a0-RkmHeGigBozlCxBdDSojXoAQyY8"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 200ms
54ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i&ver=6.5.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.presstelegram.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:56:54 GMT
x-content-type-options: nosniff
age: 172155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 14:56:54 GMT

GET
H2 200 common.chunk.min.js Show response
www.presstelegram.com/wp-content/themes/assets/static/js/ 42 KB
11 KB 30ms
30ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-content/themes/assets/static/js/common.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cbccc935557398179deeef044a5ab2353e97ca4961f313793c8ba03964c43e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Wed, 26 Jun 2024 17:20:22 GMT
server: nginx
x-rq: lhr3 111 253 443
etag: W/"667c4dd6-a619"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 common-async.chunk.min.js Show response
www.presstelegram.com/wp-content/themes/assets/static/js/ 60 KB
8 KB 34ms
34ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-content/themes/assets/static/js/common-async.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fdf47058216a097eff037ab2fc360420ea4ac953f516ea21bf9d0ab1238e4bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Wed, 26 Jun 2024 17:20:22 GMT
server: nginx
x-rq: lhr3 111 254 443
etag: W/"667c4dd6-f163"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 measuredvibrant-async.chunk.min.js Show response
www.presstelegram.com/wp-content/themes/assets/static/js/ 3 KB
2 KB 32ms
32ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-content/themes/assets/static/js/measuredvibrant-async.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b9b255031ea3667a75c31a52b4608aae035fbb22b72e257a29a4fb1f84db1a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Tue, 25 Jun 2024 19:22:38 GMT
server: nginx
x-rq: lhr3 111 253 443
etag: W/"667b18fe-c79"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 29 KB
29 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2ad103f45a8d1684a0be752a18c156ec4555b9cbd0893cfffddc800c3753eac

Request headers

Referer
Origin: https://www.presstelegram.com
Accept-Language: en-GB,en;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: font/truetype

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 24 KB
24 KB 157ms
76ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i&ver=6.5.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.presstelegram.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:42:01 GMT
x-content-type-options: nosniff
age: 173048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:14:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 14:42:01 GMT

GET
H2 200 BIZ-IMPERSONATION-SCAMS-DMT.jpg
www.presstelegram.com/wp-content/uploads/2024/06/ 31 KB
32 KB 160ms
160ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.presstelegram.com/wp-content/uploads/2024/06/BIZ-IMPERSONATION-SCAMS-DMT.jpg?w=862

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

07632089e1e368b9fab0bc4d343f57110e4fb1efac6323b7e5f5b314ba9f1439

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: lhr3 109 150 443
last-modified: Thu, 27 Jun 2024 14:46:09 GMT
server: nginx
etag: "86f82652f6a87f73"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 32118

GET
H2 200 g.gif
pixel.wp.com/ 50 B
178 B 36ms
30ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=136073681&post=4716807&tz=-7&srv=www.presstelegram.com&hp=vip&j=1%3A13.5&host=www.presstelegram.com&ref=https%3A%2F%2Ft.co%2F&fcp=2690&rand=0.003794974638516857
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 27 Jun 2024 14:46:09 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 202ms
34ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lhc/794B) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 921
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (lhc/794B)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 37f91aaa-a01e-00de-729e-c8af84000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Thu, 27 Jun 2024 15:16:09 GMT

GET
H2 200 loader-config.json Show response
loader-config.presstelegram.com/prod/dfm/ 21 KB
3 KB 240ms
31ms Fetch
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://loader-config.presstelegram.com/prod/dfm/loader-config.json
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.6.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lhc/7913) /
Resource Hash: 05708eefbd8ed203ccd6b7bd60b96384a1c1100365e1ad6de9b2df4d8e490bed

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: gzip
content-md5: WphyGitINlfDwtGbIr9d+g==
age: 507565
x-cache: HIT
content-length: 3000
x-ms-lease-status: unlocked
last-modified: Fri, 10 May 2024 06:24:40 GMT
server: ECAcc (lhc/7913)
etag: 0x8DC70B9DFC85076
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: cf2571d3-f01e-001a-2a02-c49661000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 /
cmp.osano.com/ Frame 887F 0
0 242ms
64ms Document
text/html 2600:9000:266e:d000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:d000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://www.presstelegram.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 20065
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Thu, 27 Jun 2024 09:11:45 GMT
etag: W/"48a0e738f84f45eb10ccd17ff6e09429"
last-modified: Tue, 06 Feb 2024 18:00:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 7b85fc567b776c0d31c5ac07cc6c2ae6.cloudfront.net (CloudFront)
x-amz-cf-id: Oh3Xm4ZFkoYBw5itOFWPmCAs3DNVNwKsMSdCwb3uu8A9bCdNWqIvBg==
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256
x-amz-version-id: POJv8cLnvurN8PIkBGZX7_kfH6.eePMP
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H3 200 en-gb.json
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/ Frame 0
0 271ms
142ms Preflight 2600:9000:266e:d000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/en-gb.json

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:266e:d000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.presstelegram.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 27 Jun 2024 14:46:10 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 64c8688da1fd73389eb91af90ae83792.cloudfront.net (CloudFront)
x-amz-cf-id: HLpaSXfHR_UB3VrLWXQg7aX7_GPAPVcVJ4yA-ulDzTTeLjvesA4gOQ==
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 osano-ui.js Show response
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/ 98 KB
24 KB 50ms
49ms Script
application/javascript 2600:9000:266e:d000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano-ui.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:d000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fb3b596685ae179a3a752c421700d56a50b1c7cb8489e6a62c39505211c8f3b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 16:36:40 GMT
x-amz-version-id: BuVFYv6WApok.tuxAIuD0zFxb1Oxg_iY
content-encoding: br
x-content-type-options: nosniff
via: 1.1 383422f03bfc9d77974d0ac637421c22.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P8
age: 79770
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 26 Jun 2024 16:36:10 GMT
server: AmazonS3
etag: W/"9b7c04df278ffa9c9487fc3b2807308c"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=86400, no-transform, public
x-amz-cf-id: xmEYr3GddfFkp_bEnzFVbOfDCeq3pS7f8UZhO3fqJitOk0gAVfxwiw==

GET
H3 200 en-gb.json Show response
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/ 26 KB
8 KB 50ms
50ms XHR
application/json 2600:9000:266e:d000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/en-gb.json

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:266e:d000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

18260c016ea9a17d34c685c8063b0952c3ec14387d9aea1b88e7edce81e65303

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.presstelegram.com/
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Wed, 26 Jun 2024 16:36:57 GMT
x-content-type-options: nosniff
x-amz-version-id: 0rNQXZbIunoiSblxozl6NhTtAw2FH3fN
content-encoding: br
via: 1.1 64c8688da1fd73389eb91af90ae83792.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256
age: 79753
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 26 Jun 2024 16:36:10 GMT
server: AmazonS3
etag: W/"35a8a00bd5c8ddea48295d38347361a2"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, no-transform, public
vary: Accept-Encoding
x-amz-cf-id: d5Fl3rXzbbSSY7_LSPkxeXT9Kp3SU85iUz3Yd9BHBaFOKeruwTkKbA==

GET
H2 200 wp-emoji-release.min.js Show response
www.presstelegram.com/wp-includes/js/ 18 KB
5 KB 40ms
40ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.presstelegram.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.5

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Mon, 24 Jun 2024 17:36:03 GMT
server: nginx
x-rq: lhr3 111 254 443
etag: W/"6679ae83-4926"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 274 KB
0 30ms
30ms Script
application/javascript 18.66.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=eVG4zdTtv5ogBcGVQlE2BFCc8f4Hc1wJFW3k&ver=6.5.5
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-4.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd439944b1b12e121a2e22224e686260aaeba47870b2f102a1f696bc329c9af0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: gzip
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Sat, 22 Jun 2024 18:15:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 41
x-amz-server-side-encryption: AES256
etag: W/"f2bff3987a0ec4d0021b33ccb0920448"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: lyV7DXzsdoswjatQS9wn78_CwXR8nIIBweGa5zb0LfOiElwm0oXNFw==

GET
H3 200 psLoader.js Show response
cds.connatix.com/p/504414/ Frame 755F 7 KB
3 KB 68ms
48ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/504414/psLoader.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64961cb57023f3d278891fa8b6d81372a624bdce85484e8ba70e6a7479258a4f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: br
x-amz-version-id: e_R8iytZL0EVAegBS3oxpkBP5q3NfiUY
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 2315
last-modified: Thu, 27 Jun 2024 13:22:13 GMT
server: cloudflare
etag: "f37f2ea891f8625e23f91886e38016cf"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 89a639946908777a-LHR
access-control-allow-headers: range
expires: Fri, 27 Jun 2025 14:46:09 GMT

GET
H2 200 presstelegram.com Show response
pubcast-files.remixd.com/player-configs/ 8 KB
9 KB 186ms
37ms Fetch
application/json 35.190.38.143
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pubcast-files.remixd.com/player-configs/presstelegram.com
Requested by: Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js?cb=%%CACHEBUSTER%%
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.38.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1257ce154e0e3e861f0bb0368d985ee3cb017d0a184ebf7e913a8ffe8ef0945c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:27:15 GMT
age: 1134
x-guploader-uploadid: ACJd0NqrOfAMSMKiEmO_67jChp3siP6OiLZ_atoQ9jilTgFnBz5x94ZbkN3DtxUBTz-BkKZykUF9zG-gAg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8352
last-modified: Thu, 15 Jun 2023 11:20:35 GMT
server: UploadServer
etag: "9abc18eaf97de764eeda2161f568d0ba"
x-goog-generation: 1686828035525185
x-goog-hash: crc32c=w+/4AA==, md5=mrwY6vl952Tu2iFh9WjQug==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-meta-cache-control: public, no-cache, must-revalidate
x-goog-stored-content-length: 8352
accept-ranges: bytes
content-type: application/json
expires: Thu, 27 Jun 2024 15:27:15 GMT

GET
H2 200 1f3e0.svg
s.w.org/images/core/emoji/15.0.3/svg/ 935 B
747 B 185ms
55ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/15.0.3/svg/1f3e0.svg

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

914fdd0d0eecc2c3c9a1c960a44201845256498e236e1dfadb109b14e6cf0097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nc: HIT lhr 1
date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Jan 2024 01:15:16 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame 7039 0
0 180ms
58ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://www.presstelegram.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

abp: 64
accept-ranges: bytes
access-control-allow-origin: *
age: 41900
cache-control: private,max-age=31536000
content-encoding: gzip
content-length: 340
content-type: text/html
date: Thu, 27 Jun 2024 14:46:09 GMT
etag: "8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified: Tue, 13 Feb 2024 13:15:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: KKD96ovHdbnMPpJ7lljYuFAJadE8B0en26zQDdt1sdnU2xmWwFMoZitkNNn+U4ICR0J0AdDm46U=
x-amz-replication-status: COMPLETED
x-amz-request-id: 110KER0X0AY9SRZN
x-amz-server-side-encryption: AES256
x-amz-version-id: 4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache: HIT
x-cache-hits: 139900
x-served-by: cache-lhr-egll1980075-LHR
x-timer: S1719499570.545524,VS0,VE0

GET
H3 200 connatix.playspace.dc.js Show response
cds.connatix.com/p/504414/ Frame 755F 447 KB
105 KB 48ms
47ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/504414/connatix.playspace.dc.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/504414/psLoader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae4bd4ee615384b8db93de8e47a88381e0412d23c8b69b5e2235e82823e87f37

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: br
x-amz-version-id: B.1sWmM7rJBJfYJQ6_OWcNJuukY4gP01
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 107085
last-modified: Thu, 27 Jun 2024 13:22:12 GMT
server: cloudflare
etag: "cb5849e68b14e297267189389ff2616f"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 89a639959b05777a-LHR
access-control-allow-headers: range
expires: Fri, 27 Jun 2025 14:46:09 GMT

GET
H2 200 standard-player.html Show response
tags.remixd.com/player/v5/players/ 130 KB
30 KB 242ms
89ms Fetch
text/html 18.66.122.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.remixd.com/player/v5/players/standard-player.html
Requested by: Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js?cb=%%CACHEBUSTER%%
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 818b515528e75d20a6c1714a3b808a2877a724d51c984a0bd9e8c244ce9ce3d8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: gzip
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 14
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29827
last-modified: Tue, 31 Oct 2023 15:34:26 GMT
server: AmazonS3
etag: "1a9dd5e9554676ab1900727441a87258"
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
content-type: text/html
access-control-allow-origin: *
cache-control: public,max-age=1800
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 5-ko7RxoubyoKrTURg48RLqcdMbPsMFXAavsdGGFBnSMl-bKmLHmpw==

GET
H2 200 fp.min.js Show response
fp.theoaklandpress.com/prod/dfm/ 66 KB
23 KB 219ms
33ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.theoaklandpress.com/prod/dfm/fp.min.js?2024527
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lhc/7956) /
Resource Hash: eab6233096b857ecda13c7f64b1cee3378457faa09df4db474f765029f2fe921

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Origin: https://www.presstelegram.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: gzip
content-md5: uNbNlIeYZ9WdMaBieS7wbw==
age: 20156
x-cache: HIT
content-length: 23529
x-ms-lease-status: unlocked
last-modified: Mon, 04 Dec 2023 04:53:57 GMT
server: ECAcc (lhc/7956)
etag: 0x8DBF4850646CDD0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 83da8114-301e-0058-0d71-c82fe1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 g2i.min.js Show response
g2i.theoaklandpress.com/prod/dfm/ 220 KB
48 KB 217ms
33ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://g2i.theoaklandpress.com/prod/dfm/g2i.min.js?2024527
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lhc/7947) /
Resource Hash: 89ca862aa5275d09c035a7888cdee5ee1d029263ec02227bc8e50b9b70e841cc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Origin: https://www.presstelegram.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: gzip
content-md5: qlr3V07fWAqLVbYksQmbhg==
age: 20156
x-cache: HIT
content-length: 49043
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 04:37:16 GMT
server: ECAcc (lhc/7947)
etag: 0x8DC4960964E6EDF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 45a107af-a01e-004a-3071-c85431000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 t8y9347t.min.js Show response
engage.theoaklandpress.com/prod/dfm/ 1 MB
398 KB 235ms
47ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://engage.theoaklandpress.com/prod/dfm/t8y9347t.min.js?2024527
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lhc/7971) /
Resource Hash: b9acb00bedf781f8628be0b9e065a92fd43909a214adab5ab7876d8aaef80a72

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Origin: https://www.presstelegram.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: gzip
content-md5: XPov4tAYL8IYCJL16HlCFg==
age: 20173
x-cache: HIT
content-length: 406913
x-ms-lease-status: unlocked
last-modified: Wed, 26 Jun 2024 05:37:38 GMT
server: ECAcc (lhc/7971)
etag: 0x8DC95A2172E47E3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b38054fe-801e-0086-0971-c83b07000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 t8y9347t.min.css
engage.theoaklandpress.com/prod/dfm/ 398 KB
55 KB 233ms
47ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://engage.theoaklandpress.com/prod/dfm/t8y9347t.min.css?2024527
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lhc/795A) /
Resource Hash: 7a471672f3f91ad82285192cae07b7e06f4b2baddec73d8e6898a1a445f5d0ea

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: gzip
content-md5: 9Bq5JG2fC2IMqhgJQ9d//Q==
age: 18599
x-cache: HIT
content-length: 56164
x-ms-lease-status: unlocked
last-modified: Wed, 26 Jun 2024 05:37:38 GMT
server: ECAcc (lhc/795A)
etag: 0x8DC95A2172C9A75
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 50bb65a0-a01e-00ae-4b75-c85aaf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H/1.1 200
OK script.js Show response
cdn.listrakbi.com/scripts/ 242 KB
39 KB 252ms
66ms Script
text/javascript 18.66.130.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/scripts/script.js?m=AUjk900vfCG0&v=1
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.130.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-130-11.fra60.r.cloudfront.net
Software: cloudflare / ASP.NET
Resource Hash: ad00579e776e64e80dbebb1f29cfc68179f8be411b84d24ca12ece9b3221216e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 14:44:46 GMT
Content-Encoding: gzip
Via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
CF-Cache-Status: DYNAMIC
x-aspnet-version: 4.0.30319
x-ltk: 6/27/2024 6:32:39 AM
X-Amz-Cf-Pop: FRA60-P2
x-powered-by: ASP.NET
Age: 186
X-Cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection: keep-alive
Content-Length: 39345
Last-Modified: Thu, 27 Jun 2024 10:01:48 GMT
Server: cloudflare
ETag: "bsVpdDHplIEZU/Q+jSC19A=="
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, max-age=3600, s-maxage=600
Accept-Ranges: bytes
CF-RAY: 89a4c63df96ba058-FRA
X-Amz-Cf-Id: ELidU5QZRrqKQAsGft9bN4_oQcVGNt8D4BX2HEenWgH5scR_bWbYWQ==
Expires: Thu, 27 Jun 2024 15:43:03 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
227 B 301ms
108ms Image
text/plain 18.244.18.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1719499569645&ns_c=UTF-8&c8=I%20was%20scammed%20by%20a%20sham%20customer%20service%20rep.%20Here%E2%80%99s%20how%20you%20can%20avoid%20what%20I%20went%20through%20%E2%80%93%20Press%20Telegram&c7=https%3A%2F%2Fwww.presstelegram.com%2F2024%2F06%2F26%2Fi-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through%2F&c9=https%3A%2F%2Ft.co%2F
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-122.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
via: 1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11
x-amz-cf-id: ujNNECAa6kFsScl1ZCe7bBLm-O6QzrgZqo9h29VbjOqJpgB3ky59nA==
x-cache: Miss from cloudfront

GET
BLOB 200
OK 93a989b9-f637-4560-a1d9-7f30cf6b9e8e
https://www.presstelegram.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.presstelegram.com/93a989b9-f637-4560-a1d9-7f30cf6b9e8e
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 3d363ec7-6251-4ad0-b8a0-7e641ad1859a
https://www.presstelegram.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.presstelegram.com/3d363ec7-6251-4ad0-b8a0-7e641ad1859a
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 329190c6-4ebb-4390-b34d-206999c2b452
https://www.presstelegram.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.presstelegram.com/329190c6-4ebb-4390-b34d-206999c2b452
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 484b278a-6278-4383-8d98-ec5668dfe5ae
https://www.presstelegram.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.presstelegram.com/484b278a-6278-4383-8d98-ec5668dfe5ae
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

POST
H2 200 878 Show response
m869.presstelegram.com/DG/DEFAULT/rest/rpc/ 114 B
1 KB 437ms
436ms XHR
application/json 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/DG/DEFAULT/rest/rpc/878?referer=https%3A%2F%2Fwww.presstelegram.com%2F2024%2F06%2F26%2Fi-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2024-06-27T15%3A46%3A09%2B01%3A00&ts=1719499569727

Requested by

Host: m869.presstelegram.com
URL: https://m869.presstelegram.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

d2f30a82cd7cffd3d9059318fae190e1f32cde124eeb455391bb1ccdbdffac32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 125
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.presstelegram.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: EVYArD5gBbZ4vROZErgdPTdk2uVEmWlN8cC7x78ZKu-2-3MTyQ9qjw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 playspace.renderer.js Show response
cds.connatix.com/p/504414/ Frame 755F 275 KB
63 KB 95ms
95ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/504414/playspace.renderer.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/504414/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdf6bbb1dd4ef6c35e648732a52ee3983c6582e4cb00387bbbb7e529ab347a4c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: br
x-amz-version-id: vczrG0mqxTw9cp_AocJoWVfNzpsjqTQK
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 63678
last-modified: Thu, 27 Jun 2024 13:22:13 GMT
server: cloudflare
etag: "a533c48447fda38f088f4dd2c93aede6"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 89a639970ca2777a-LHR
access-control-allow-headers: range
expires: Fri, 27 Jun 2025 14:46:09 GMT

GET
H3 200 playspace.hls.js Show response
cds.connatix.com/p/504414/ Frame 755F 289 KB
75 KB 56ms
56ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/504414/playspace.hls.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/504414/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dca59a7344d2ef98a0c5a2e54cd42f4fb3890d530853a2500f847d640278e5a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: br
x-amz-version-id: H8Fk885F2XpRLRS.AvQDEM2E_eT6_idw
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 76424
last-modified: Thu, 27 Jun 2024 13:22:13 GMT
server: cloudflare
etag: "b9bc08d0a5274dee0fbdcfce098fab9b"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 89a639970ca5777a-LHR
access-control-allow-headers: range
expires: Fri, 27 Jun 2025 14:46:09 GMT

GET
H3 200 cSyncRemoteEntry.js Show response
cds.connatix.com/p/504414/ Frame 755F 3 KB
2 KB 96ms
96ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/504414/cSyncRemoteEntry.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/504414/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 635db7ec24fdb4c0ec8880a0417f4d75ba62a37f2a339e9973c4383c7ef41919

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: br
x-amz-version-id: GinRY6M0gY7IBQRNwL0zqiZhpT5J9kss
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 1387
last-modified: Thu, 27 Jun 2024 13:22:12 GMT
server: cloudflare
etag: "73e3228d380c0d279c9435b8091c4f72"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 89a639970ca8777a-LHR
access-control-allow-headers: range
expires: Fri, 27 Jun 2025 14:46:09 GMT

GET
H3 200 connatix.playspace.css
cds.connatix.com/p/504414/ 117 KB
14 KB 47ms
46ms Stylesheet
text/css 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/504414/connatix.playspace.css
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4aef8354ee5b81b1fab7d69f14bd265b2d8b62aa92b8b4807959835140acf1d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: br
x-amz-version-id: b2tjxHwDU962q7umEnYluPfg4SRZXFrB
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 14369
last-modified: Thu, 27 Jun 2024 13:22:12 GMT
server: cloudflare
etag: "48245a5aff3aecfadbea8d2eb241f8de"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 89a639970cab777a-LHR
access-control-allow-headers: range
expires: Fri, 27 Jun 2025 14:46:09 GMT

GET
H3 200 playspace.ads.js Show response
cds.connatix.com/p/504414/ Frame 755F 403 KB
89 KB 95ms
95ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/504414/playspace.ads.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/504414/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e36afbdaba720d58781a894f851bf1ec1dff909427f9d9b842d924f568f8e6a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: br
x-amz-version-id: H5R6oXHZudCkKxuLQVoDUeXCTC2f8xec
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 90619
last-modified: Thu, 27 Jun 2024 13:22:13 GMT
server: cloudflare
etag: "54831ec8d7b7d2b36ed720f10fcd8b66"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 89a639970cac777a-LHR
access-control-allow-headers: range
expires: Fri, 27 Jun 2025 14:46:09 GMT

POST
H2 200 878 Show response
m869.presstelegram.com/DG/DEFAULT/rest/rpc/ 126 KB
21 KB 456ms
455ms XHR
application/json 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: m869.presstelegram.com
URL: https://m869.presstelegram.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

405ede98142347459dac2cecad3b761928a343742477b47ee793c5bfc079f6e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Jun 2024 14:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 20010
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.presstelegram.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: xDPaV70PLuUMMJGY511HKG0AoyCPrGUrXaegnqbE3u65kZQmIDRwNg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 314 KB
103 KB 76ms
75ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2N0VXCDHTW&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90dd3e578be112cdc44821892ee8d680aa032a99ec5af3ca73dfcba320950401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105261
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 27 Jun 2024 14:46:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 201ms
43ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Jun 2024 14:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1022
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 27 Jun 2024 16:29:07 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/presstelegram.com/ 59 KB
22 KB 236ms
67ms Script
application/javascript 3.161.77.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/presstelegram.com/p.js?gtm_ver=3.1
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.77.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-77-50.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 94b3e00d6787ff2377f3b807951caf45dc935f81b926bf4ed3f9d6909f75d322

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Thu, 27 Jun 2024 03:01:35 GMT
content-encoding: gzip
via: 1.1 098a60d50e7e132c276fd27b94c6212c.cloudfront.net (CloudFront)
last-modified: Mon, 05 Feb 2024 16:58:32 GMT
server: nginx
x-amz-cf-pop: FRA56-P10
age: 42274
etag: W/"65c113b8-eb5c"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: xc2diAIEyRWDlMu_vgwCHL2Xmf9sfvzfWwd-BvS0rYvlxjzfrNhhgA==
expires: Fri, 28 Jun 2024 03:01:35 GMT

GET FUtg69tL.js
cdn.jwplayer.com/libraries/ Frame 69CC 0
0

GET
H2 200 session Show response
session.presstelegram.com/api/ 112 B
276 B 397ms
396ms XHR
application/json 35.162.0.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://session.presstelegram.com/api/session
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/_static/??-eJylzEEKgDAMBMAP2YaKIB7Eq9+otpRIG8Wk6POtJ/GqEFgIuwPHpuaVxJPAFnNAYkgUlMOAnCcGFis4v346WSQ9ZXLR64Ur+GKUAflT/jKljBJ9Ksl/rYyjvYH9gYbUm9Z0TV2XWy6/SXES
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.162.0.228 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-162-0-228.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 3dddc9ec1713ed777eb9873d6911e812e11344360a7945ed6206ab09e1948b40

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.presstelegram.com
date: Thu, 27 Jun 2024 14:46:10 GMT
access-control-allow-credentials: true
content-length: 112
vary: Origin
content-type: application/json; charset=utf-8

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 296ms
63ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2N0VXCDHTW&gtm=45je46q0v9119563602z871194413za200zb71194413&_p=1719499569084&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1220203997.1719499570&ecid=1953279546&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1719499569&sct=1&seg=0&dl=https%3A%2F%2Fwww.presstelegram.com%2F2024%2F06%2F26%2Fi-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through%2F&dr=https%3A%2F%2Ft.co%2F&dt=I%20was%20scammed%20by%20a%20sham%20customer%20service%20rep.%20Here%E2%80%99s%20how%20you%20can%20avoid%20what%20I%20went%20through%20%E2%80%93%20Press%20Telegram&tfd=3470&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2N0VXCDHTW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 14:46:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.presstelegram.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 297ms
63ms Ping
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2N0VXCDHTW&cid=1220203997.1719499570&gtm=45je46q0v9119563602z871194413za200zb71194413&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2N0VXCDHTW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 14:46:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.presstelegram.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 363ms
90ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2N0VXCDHTW&cid=1220203997.1719499570&gtm=45je46q0v9119563602z871194413za200zb71194413&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1721740724

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 14:46:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 295.js Show response
cds.connatix.com/p/504414/ Frame 755F 67 KB
18 KB 60ms
59ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/504414/295.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/504414/cSyncRemoteEntry.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23a93ecb152a096f465e7e0aa48a8736474af21c82be7839c73596069974c243

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:10 GMT
content-encoding: br
x-amz-version-id: vW7v1Upr74LyRyMxVft6_RSw8PrJthi8
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 17841
last-modified: Thu, 27 Jun 2024 13:22:12 GMT
server: cloudflare
etag: "41bd4cd2810b743ad861de5372b6787d"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 89a639987e0e777a-LHR
access-control-allow-headers: range
expires: Fri, 27 Jun 2025 14:46:10 GMT

GET
H3 200 229.js Show response
cds.connatix.com/p/504414/ Frame 755F 10 KB
3 KB 48ms
48ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/504414/229.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/504414/cSyncRemoteEntry.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b447ad640da1576bf7170be176d1ba96a178b4ea2721edde9002238db4486bc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:10 GMT
content-encoding: br
x-amz-version-id: QyBFK4y9iFH0MIEAshe4lJl7crys47cV
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 3149
last-modified: Thu, 27 Jun 2024 13:22:12 GMT
server: cloudflare
etag: "62bb5200b31a009438e121e62e1ed836"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 89a639987e13777a-LHR
access-control-allow-headers: range
expires: Fri, 27 Jun 2025 14:46:10 GMT

GET
H3 200 402.js Show response
cds.connatix.com/p/504414/ Frame 755F 3 KB
1 KB 45ms
45ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/504414/402.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/504414/cSyncRemoteEntry.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3afed84aa2d470c6b5e5b17b372a2bc46e2faff2bcc52ebdb31164ed5acd258

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:10 GMT
content-encoding: br
x-amz-version-id: 6otaSpyzuU7QcDkOTDc11QetmWI4RUvc
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 1152
last-modified: Thu, 27 Jun 2024 13:22:12 GMT
server: cloudflare
etag: "b9b96139871fcbf11ed05b8f022b10b4"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 89a639987e14777a-LHR
access-control-allow-headers: range
expires: Fri, 27 Jun 2025 14:46:10 GMT

GET
H2 200 self Show response
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 602 B
766 B 660ms
212ms XHR
application/json 172.67.75.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1719499570022
Requested by: Host: fp.theoaklandpress.com
URL: https://fp.theoaklandpress.com/prod/dfm/fp.min.js?2024527
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6971a20959d544d8b603d3d2502dc711c7c57c537fe3c551ac239098cdc33294

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:10 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 27 Jun 2024 14:46:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4koWVgqIjqTVNvZrmAdWdXSNUULjuZNYOKk6c6BvfBK9tmueq235orIcXVfxgtAwJlO9M1nPHW05fZ4MEQL8v0xG2mvjw9upDUdYA9On08KevFaITvq04Qf7ZHQbuW9zKWHv"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 89a6399b8aeb657c-LHR
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 325ms
46ms Image
image/gif 63.34.81.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1719499570111&plid=773d4bd3-b849-4d70-b48e-9d32063a8dec&idsite=presstelegram.com&url=https%3A%2F%2Fwww.presstelegram.com%2F2024%2F06%2F26%2Fi-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through%2F&urlref=https%3A%2F%2Ft.co%2F&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.presstelegram.com%2F2024%2F06%2F26%2Fi-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through%2F&sref=https%3A%2F%2Ft.co%2F&sts=1719499570111&slts=0&title=I+was+scammed+by+a+sham+customer+service+rep.+Here%E2%80%99s+how+you+can+avoid+what+I+went+through+%E2%80%93+Press+Telegram&date=Thu+Jun+27+2024+15%3A46%3A10+GMT%2B0100+(British+Summer+Time)&action=pageview&pvid=815f97c2-ef69-4a52-bece-7a7e0b3f6ea1&u=pid%3D5cbe40b4-2d66-4d02-959f-cc2fc04f2eef
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 14:46:10 GMT
Cache-Control: no-cache
Last-Modified: Thursday, 27-Jun-2024 14:46:10 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3

200

sync Show response
capi.connatix.com/core/ Frame 755F
Redirect Chain

https://capi.connatix.com/core/sync
https://capi.connatix.com/core/sync?tier=1&final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=9

7 KB
3 KB

100ms
100ms

XHR
application/json

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/sync?tier=1&final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=9
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cac06bef2444f7d5f70f55d280f5aa2faf9b76bbe4cfc8ae5870ccccdf234efc

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 14:46:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.presstelegram.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 89a6399a0fac777a-LHR
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 2750
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 27 Jun 2024 14:46:10 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
location: https://capi.connatix.com:443/core/sync?tier=1&final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=9
access-control-allow-origin: https://www.presstelegram.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 89a639998f21777a-LHR
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 27
alt-svc: h3=":443"; ma=86400

POST
H3 200 story Show response
capi.connatix.com/core/ Frame 755F 43 KB
19 KB 182ms
168ms XHR
application/x-protobuf 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=504414
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/504414/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f31b66e1bb73975308a24622572341eed41284f3be20e2009140b3e029ca084f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 27 Jun 2024 14:46:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.presstelegram.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 89a639998f1e777a-LHR
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET
H2 200 style
accounts.google.com/gsi/ 533 B
608 B 76ms
75ms Stylesheet
text/css 2a00:1450:4013:c16::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c16::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RVk__3YiRtfs0fs8zXONwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-RVk__3YiRtfs0fs8zXONwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 27 Jun 2024 14:46:10 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f111d54ab0c35a4589f457f5a639dd0da6e77cff190adb5a99f61f070133e823

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
BLOB 200
OK 21d7c994-58ab-4468-8aef-f0fdb7e66b7a
https://www.presstelegram.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.presstelegram.com/21d7c994-58ab-4468-8aef-f0fdb7e66b7a
Requested by: Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:28:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 27 Jun 2024 15:28:41 GMT

GET
H/1.1 200
OK animate.min.css
cdn.listrakbi.com/css/ 5 KB
1 KB 49ms
48ms Stylesheet
text/css 18.66.130.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/css/animate.min.css
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.130.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-130-11.fra60.r.cloudfront.net
Software: cloudflare / ASP.NET
Resource Hash: bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 26 Jun 2024 22:02:08 GMT
Content-Encoding: gzip
Via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
CF-Cache-Status: DYNAMIC
X-Amz-Cf-Pop: FRA60-P2
Age: 60242
x-powered-by: ASP.NET
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 14 Oct 2022 18:03:08 GMT
Server: cloudflare
ETag: W/"2ff9137f7dfd81:0"
Vary: Accept-Encoding
Content-Type: text/css
CF-RAY: 897810e87c388ebb-FRA
X-Amz-Cf-Id: DO7qaNpU7cuX_bHU7jMN_JPzxxpDYu8xNxiQhbmW9g3H5y0dm1zi2w==

GET
H2 200 5d3b4d8849e0d88fa3b5e56c51bcecbe Show response
m869.presstelegram.com/plugin/plugin/ 236 KB
56 KB 46ms
46ms Script
text/javascript 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/plugin/plugin/5d3b4d8849e0d88fa3b5e56c51bcecbe

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

dcf69612937eafa973d612d1cb6a0ecf64ce73be8f517973a40e2e3955f69a03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 07:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
age: 1323456
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 56298
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jun 2024 07:08:34 GMT
server: -
etag: 5d3b4d8849e0d88fa3b5e56c51bcecbe
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: J4HTRxLg1djARXMBSfKehW5cwkNcNFWM-1qhEJxS5Bp__Zn7p2W94Q==
expires: Thu, 12 Jun 2025 07:08:34 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
213 B 66ms
65ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=238589073&t=pageview&_s=1&dl=https%3A%2F%2Fwww.presstelegram.com%2F2024%2F06%2F26%2Fi-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through%2F&dr=https%3A%2F%2Ft.co%2F&dp=%2F2024%2F06%2F26%2Fi-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through%2F&ul=en-gb&de=UTF-8&dt=I%20was%20scammed%20by%20a%20sham%20customer%20service%20rep.%20Here%E2%80%99s%20how%20you%20can%20avoid%20what%20I%20went%20through%20%E2%80%93%20Press%20Telegram&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEAjBAAAACgFK~&jid=317110927&gjid=1569793435&cid=1220203997.1719499570&tid=UA-61435456-15&_gid=1294703951.1719499570&_r=1&_slc=1&gtm=45He46q0n71TLFP4Rv71194413za200&cd2=presstelegram.com&cd3=presstelegram.com&cd4=&cd5=2024-06-26T10%3A44%3A50-07%3A00&cd6=2024-06-26T10%3A44%3A50-07%3A00&cd7=2024-06-26T13%3A22%3A56-07%3A00&cd8=unknown&cd9=no&cd10=Business&cd11=6.5.5&cd12=&cd13=WP&cd14=Business&cd15=Business&cd16=&cd17=&cd18=&cd19=&cd20=&cd21=https%3A%2F%2Fwww.mercurynews.com%2F2024%2F06%2F26%2Fi-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through%2F&cd22=i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through&cd23=4716807&cd24=article&cd25=SCNG&cd26=Tribune%20News%20Service&cd27=I%20was%20scammed%20by%20a%20sham%20customer%20service%20rep.%20Here%E2%80%99s%20how%20you%20can%20avoid%20what%20I%20went%20through&cd28=https%3A%2F%2Fwww.presstelegram.com%2F2024%2F06%2F26%2Fi-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through%2F&cd29=I%20was%20scammed%20by%20a%20sham%20customer%20service%20rep.%20Here%E2%80%99s%20how%20you%20can%20avoid%20what%20I%20went%20through&cd30=&cd32=p-4ctCQwtnNBNs2&cd33=LANewsGroup&cd34=true&cd35=&cd36=7100&cd37=1202&cd38=Tribune%20News%20Service&cd42=Not%20Set&cd49=false&cd50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&cd51=https%3A%2F%2Ft.co%2F&cd54=no_email&cd55=Tribune%20News%20Service&cd61=Not%20Set&cd62=metered&cd63=Not%20Set&cd64=Business&cd65=Press%20Telegram&cd67=None&cd68=None&cd69=None&cd70=None&cd71=None&cd72=none&cd73=none&gcd=13l3l3l3l1&dma=0&tcfd=10000&tag_exp=0&cd53=1220203997.1719499570&z=748975421

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 14:46:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.presstelegram.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1ae12169d0d2f04eb8e087d2160168f8 Show response
m869.presstelegram.com/plugin/library/ 363 KB
111 KB 57ms
56ms Script
text/javascript 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/plugin/library/1ae12169d0d2f04eb8e087d2160168f8

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

cfe5a77dafbaa5d08ad27f3180f633ba4d46fdb894ad94b1d54deb4248f2b19d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 07:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
age: 1323455
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 112850
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jun 2024 07:08:35 GMT
server: -
etag: 1ae12169d0d2f04eb8e087d2160168f8
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: h2z-rt6IuTckaAexhPVVFTqL90qnR-7w4WiWwg1dFPcls_vRNV5ocw==
expires: Thu, 12 Jun 2025 07:08:35 GMT

POST
H2 200 LB-Zone-2 Show response
m869.presstelegram.com/DG/DEFAULT/rest/rpc/878/ 3 KB
2 KB 334ms
333ms XHR
application/json 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/DG/DEFAULT/rest/rpc/878/LB-Zone-2?referer=https%3A%2F%2Fwww.presstelegram.com%2F2024%2F06%2F26%2Fi-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2024-06-27T15%3A46%3A10%2B01%3A00&ts=1719499570285

Requested by

Host: m869.presstelegram.com
URL: https://m869.presstelegram.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

1c6d30681a03b6abeaf2e82bcc8d88273930bfe65656711b2431a8aaa2c53f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Jun 2024 14:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1138
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.presstelegram.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 4AnzetmbXBxQk7QCYP22V_r5ugVs5qTDmfDkbVd9xdpIjJaJNmVahA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
154 B 48ms
47ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-61435456-15&cid=1220203997.1719499570&jid=317110927&gjid=1569793435&_gid=1294703951.1719499570&_u=aCDACEAiBAAAACgFK~&z=1538008873

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 27 Jun 2024 14:46:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.presstelegram.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 insights.bin Show response
ins.connatix.com/bd5efc73-f7a3-4af5-9908-7494718e30de/d7379d7b-7909-4397-9c8a-b23b6673ffb5/ Frame 755F 864 B
795 B 192ms
59ms XHR
application/x-protobuf 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/bd5efc73-f7a3-4af5-9908-7494718e30de/d7379d7b-7909-4397-9c8a-b23b6673ffb5/insights.bin
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/504414/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 573be2c5a8e8afd50dae04316c4f044712d34697e3b95d99a97b3dd39cfed855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Jun 2024 13:19:05 GMT
server: cloudflare
etag: W/"20334532f250b32eeab639d5930baa85"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 89a6399b89339532-LHR
alt-svc: h3=":443"; ma=86400
expires: Fri, 27 Jun 2025 14:46:10 GMT

GET
H3 200 playspace.iframe.integration.destroy.js Show response
cds.connatix.com/p/504414/ Frame 755F 737 B
744 B 59ms
58ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/504414/playspace.iframe.integration.destroy.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/504414/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ed2d6930b5010994c63cd7908ab44a6cdded82008f41b82aa5f82278e8e89a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:10 GMT
content-encoding: br
x-amz-version-id: 5SdTF7tGP87aEl_b9HfaZQpxGOcBnuwY
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 375
last-modified: Thu, 27 Jun 2024 13:22:13 GMT
server: cloudflare
etag: "bf26437ee7e8af2159eb5bf33b50aef3"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 89a6399ab881777a-LHR
access-control-allow-headers: range
expires: Fri, 27 Jun 2025 14:46:10 GMT

GET
H3 200 blockedDomains_5.bin Show response
lit.connatix.com/08d7fb35-d571-4d24-887a-e9106ab7fdef/ Frame 755F 91 B
435 B 193ms
50ms XHR
application/x-protobuf 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lit.connatix.com/08d7fb35-d571-4d24-887a-e9106ab7fdef/blockedDomains_5.bin
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/504414/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0398c1311e13cdbf41553293888c2ef111ac9cdaf72301a08bbba94266a38a3d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:10 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Apr 2024 20:24:48 GMT
server: cloudflare
etag: W/"3162c38474f1b96e2882188a89fdbdba"
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 89a6399bad1652c2-LHR
alt-svc: h3=":443"; ma=86400
expires: Fri, 27 Jun 2025 14:46:10 GMT

GET
H3 200 insights.bin Show response
ins.connatix.com/3409da56c1d9524a7fdb5a6a618a10d4/ Frame 755F 576 B
620 B 287ms
171ms XHR
application/x-protobuf 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/3409da56c1d9524a7fdb5a6a618a10d4/insights.bin
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/504414/connatix.playspace.dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f1dee1f14264cef7fd508fe6baea482ea737874f1e3a7550814e7c7e959cf07

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jun 2024 17:50:40 GMT
server: cloudflare
etag: W/"8aacf982746c508573da3db663f82034"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 89a6399b89369532-LHR
alt-svc: h3=":443"; ma=86400
expires: Fri, 27 Jun 2025 14:46:10 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 278ms
77ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-61435456-15&cid=1220203997.1719499570&jid=317110927&_u=aCDACEAiBAAAACgFK~&z=1845374935

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 14:46:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 78ms
77ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-61435456-15&cid=1220203997.1719499570&jid=317110927&_u=aCDACEAiBAAAACgFK~&z=1845374935

Requested by

Host: www.presstelegram.com
URL: https://www.presstelegram.com/2024/06/26/i-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 14:46:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 LB-Zone-2 Show response
m869.presstelegram.com/DG/DEFAULT/rest/rpc/878/ 322 B
1 KB 322ms
321ms XHR
application/json 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/DG/DEFAULT/rest/rpc/878/LB-Zone-2?referer=https%3A%2F%2Fwww.presstelegram.com%2F2024%2F06%2F26%2Fi-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through%2F&bcsessionid=f4dde4a7-097c-4330-9f53-8b200a36f8cc&bctempid=&overruleReferrer=&time=2024-06-27T15%3A46%3A10%2B01%3A00&ts=1719499570622

Requested by

Host: m869.presstelegram.com
URL: https://m869.presstelegram.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

96b57ffaa189ccbcd3f98971956fa94ef470b8fcefeba279a9dbc18175edde79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Jun 2024 14:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 225
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.presstelegram.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: sd9rta6JSan5z5q0ab8FO2YRG-haHtVO3dqn_4SSLD4LCL191wjm_g==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 b8d19f4e81797f15217061f20c747b1c Show response
m869.presstelegram.com/templates/ 500 KB
75 KB 51ms
50ms Script
text/javascript 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/templates/b8d19f4e81797f15217061f20c747b1c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

8453a05ff35ac88b3f72b5eef7c7da92fe87bb5796642f273b2b903a9f022786

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 13:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
age: 868128
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 75740
x-xss-protection: 1; mode=block
last-modified: Sun, 16 Jun 2024 13:37:22 GMT
server: -
etag: b8d19f4e81797f15217061f20c747b1c
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: aSDKwpXOgSspq0k6XCmypTrgjl1TghL9Y-saRq4q7kgX6icauLeKhA==
expires: Tue, 17 Jun 2025 13:37:22 GMT

POST
H2 200 878 Show response
m869.presstelegram.com/DG/DEFAULT/rest/rpc/ 194 B
1 KB 344ms
343ms XHR
application/json 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/DG/DEFAULT/rest/rpc/878?referer=https%3A%2F%2Fwww.presstelegram.com%2F2024%2F06%2F26%2Fi-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through%2F&bcsessionid=f4dde4a7-097c-4330-9f53-8b200a36f8cc&bctempid=&overruleReferrer=&time=2024-06-27T15%3A46%3A10%2B01%3A00&ts=1719499570668

Requested by

Host: m869.presstelegram.com
URL: https://m869.presstelegram.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

73edf33c990476d9c124a19980b1d650810ed4e53cbf824b991b1fea03af5820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Jun 2024 14:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 154
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.presstelegram.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: XsgW1lmNlIsQwsXpfUEMHmJX1r10ydOwhVu7ayYUVT7Uk-v_wqtkmQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 stats Show response
m869.presstelegram.com/rest/v2/recommendations/ 57 B
896 B 414ms
413ms Script
text/javascript 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/rest/v2/recommendations/stats?storeId=9f108cb3-5303-4214-ae91-f16a713f4e9b&action=view&itemId=4716807&url=https%3A%2F%2Fwww.presstelegram.com%2F2024%2F06%2F26%2Fi-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through%2F&profileId=undefined&isEntrypage=true&hash=d607218b03f9bf33ca56e834593d7563&lastmodified=1719433376000&referer=https%3A%2F%2Fwww.presstelegram.com%2F2024%2F06%2F26%2Fi-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through%2F&&callback=bc_json881

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

fa18ce1f3e31a0f1b4ed52ae1f8272dc07b0b32ad73cbc540230b4ae31029bdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 77
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: text/javascript;charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
x-amz-cf-id: OqIOXSWn6b_LxzdAVu1rblmCSZ46GZztLFx3rN0Ts_pOyu91RvnaNg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 878 Show response
m869.presstelegram.com/DG/DEFAULT/rest/rpc/ 571 B
1 KB 335ms
335ms XHR
application/json 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/DG/DEFAULT/rest/rpc/878?referer=https%3A%2F%2Fwww.presstelegram.com%2F2024%2F06%2F26%2Fi-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through%2F&bcsessionid=f4dde4a7-097c-4330-9f53-8b200a36f8cc&bctempid=&overruleReferrer=&time=2024-06-27T15%3A46%3A10%2B01%3A00&ts=1719499570707

Requested by

Host: m869.presstelegram.com
URL: https://m869.presstelegram.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

956308a1555a6e6feed8e9230055ee3b028a7aa1882cb89c372172f43c042109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Jun 2024 14:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 182
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.presstelegram.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: kVm2RdJsJ_o4aAs1HNNkZjjq2Bh77vDefI3kdU2sAxwoNKIpNiEafg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 878 Show response
m869.presstelegram.com/DG/DEFAULT/rest/rpc/ 191 B
1 KB 548ms
547ms XHR
application/json 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/DG/DEFAULT/rest/rpc/878?referer=https%3A%2F%2Fwww.presstelegram.com%2F2024%2F06%2F26%2Fi-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through%2F&bcsessionid=f4dde4a7-097c-4330-9f53-8b200a36f8cc&bctempid=&overruleReferrer=&time=2024-06-27T15%3A46%3A10%2B01%3A00&ts=1719499570708

Requested by

Host: m869.presstelegram.com
URL: https://m869.presstelegram.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

6e2ac9199ad91f37086530f40f555fd704cdf95ba15644b3888852834cf9335a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Jun 2024 14:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 170
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.presstelegram.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: x1QeybZJPFez7OQ0U3tcmGD_Sh-BjRSqtlG3FFRSZqppBmnYiAyXvA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 878 Show response
m869.presstelegram.com/DG/DEFAULT/rest/rpc/ 381 B
1 KB 503ms
503ms XHR
application/json 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/DG/DEFAULT/rest/rpc/878?referer=https%3A%2F%2Fwww.presstelegram.com%2F2024%2F06%2F26%2Fi-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through%2F&bcsessionid=f4dde4a7-097c-4330-9f53-8b200a36f8cc&bctempid=&overruleReferrer=&time=2024-06-27T15%3A46%3A10%2B01%3A00&ts=1719499570710

Requested by

Host: m869.presstelegram.com
URL: https://m869.presstelegram.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

93a3943a0f9f7b624a9f11a1d08d961cc38c4f8e20fd99f307b8f1eb7f41762a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Jun 2024 14:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 179
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.presstelegram.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: d60Nzr6K5ox47C6KySS2NcpzGkB0B29ddHDRGdslpjUQeTECIzV40g==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 878 Show response
m869.presstelegram.com/DG/DEFAULT/rest/rpc/ 12 KB
4 KB 536ms
536ms XHR
application/json 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/DG/DEFAULT/rest/rpc/878?referer=https%3A%2F%2Fwww.presstelegram.com%2F2024%2F06%2F26%2Fi-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through%2F&bcsessionid=f4dde4a7-097c-4330-9f53-8b200a36f8cc&bctempid=&overruleReferrer=&time=2024-06-27T15%3A46%3A10%2B01%3A00&ts=1719499570710

Requested by

Host: m869.presstelegram.com
URL: https://m869.presstelegram.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

db1c9f02d981c586f43bbcf35853c00c19b484bb500cb01e8d64aa7775503396

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Jun 2024 14:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2847
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.presstelegram.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: jikqNe8xbHVNTlQYRpAD4az1n7Jre5zTucqdpBd1Gb7rh-23YfZGMw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 53ms
52ms Ping
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 14:46:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.presstelegram.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 878 Show response
m869.presstelegram.com/DG/DEFAULT/rest/rpc/ 191 B
1 KB 530ms
529ms XHR
application/json 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m869.presstelegram.com/DG/DEFAULT/rest/rpc/878?referer=https%3A%2F%2Fwww.presstelegram.com%2F2024%2F06%2F26%2Fi-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through%2F&bcsessionid=f4dde4a7-097c-4330-9f53-8b200a36f8cc&bctempid=&overruleReferrer=&time=2024-06-27T15%3A46%3A10%2B01%3A00&ts=1719499570729

Requested by

Host: m869.presstelegram.com
URL: https://m869.presstelegram.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

7fee562b2aded71ae2485f94556a2564f87f95027e16ca2712db8ac0d07ec6bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Jun 2024 14:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 170
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.presstelegram.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: E2LeiH_lHvTIdJ0OCbLb3vEeXa1a_xhC5vVFAFjEk9kpzyiCE0neSA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/ 66 B
863 B 115ms
115ms Script
text/javascript 18.235.100.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/cs?bcsessionid=f4dde4a7-097c-4330-9f53-8b200a36f8cc&&callback=bc_json882

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.235.100.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-235-100-15.compute-1.amazonaws.com

Software

- /

Resource Hash

a4a84ecff40d64914a941a765891af2fb1ca4ef816ee609d136f59cbc0de488e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 14:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 86
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET d7379d7b-7909-4397-9c8a-b23b6673ffb5.bin
vid.connatix.com/pid-830923d6-d7a1-49cc-8af3-93270366e22c/bd5efc73-f7a3-4af5-9908-7494718e30de/ Frame 755F 0
0

GET ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 755F 0
0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
32 KB 585ms
89ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a13716ab6a3daea190fbdede1589a030cc250c67e93d4483dc5d3cbfc6114b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.presstelegram.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:46:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31994
x-xss-protection: 0
server: cafe
etag: 947 / 19901 / m202406180101 / config-hash: 7475611417737498452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 Jun 2024 14:46:11 GMT

POST 878
m869.presstelegram.com/DG/DEFAULT/rest/rpc/ 0
0

POST
H2 204 debug
trc-events.taboola.com/medianewsgroup-presstelegram/log/2/ 0
133 B 470ms
319ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/medianewsgroup-presstelegram/log/2/debug?type=error&msg=Store%20appendOptionsSummary%20listener%20errorCannot%20read%20properties%20of%20undefined%20(reading%20%27insertAdjacentElement%27)&lt=trecs&tim=15%3A46%3A14.412&id=21194&cv=20240626-2-RELEASE&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/medianewsgroup-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.presstelegram.com
date: Thu, 27 Jun 2024 14:46:14 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 9080

POST
H2 204 debug
trc-events.taboola.com/medianewsgroup-presstelegram/log/2/ 0
132 B 468ms
320ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/medianewsgroup-presstelegram/log/2/debug?type=error&msg=Extension%20%22TaboolaChoice%22%20had%20error%20on%20action%20%22e6%22%3ACannot%20read%20properties%20of%20null%20(reading%20%27insertAdjacentElement%27)&lt=trecs&tim=15%3A46%3A14.416&id=65418&cv=20240626-2-RELEASE&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/medianewsgroup-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.presstelegram.com
date: Thu, 27 Jun 2024 14:46:14 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 9080

GET
BLOB 200
OK df74a56b-537f-4f9e-87ce-f3c8a2068416
https://www.presstelegram.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.presstelegram.com/df74a56b-537f-4f9e-87ce-f3c8a2068416
Requested by: Host: blank
URL: about:blank
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

POST 878
m869.presstelegram.com/DG/DEFAULT/rest/rpc/ 0
0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 38ms
38ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2N0VXCDHTW&gtm=45je46q0v9119563602z871194413za200zb71194413&_p=1719499569084&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1220203997.1719499570&ecid=1953279546&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1719499569&sct=1&seg=0&dl=https%3A%2F%2Fwww.presstelegram.com%2F2024%2F06%2F26%2Fi-was-scammed-by-a-sham-customer-service-rep-heres-how-you-can-avoid-what-i-went-through%2F&dr=https%3A%2F%2Ft.co%2F&dt=I%20was%20scammed%20by%20a%20sham%20customer%20service%20rep.%20Here%E2%80%99s%20how%20you%20can%20avoid%20what%20I%20went%20through%20%E2%80%93%20Press%20Telegram&tfd=8866&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2N0VXCDHTW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 14:46:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.presstelegram.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 event-stream Show response
k.p-n.io/ 0
127 B 273ms
91ms Fetch 18.157.142.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=eVG4zdTtv5ogBcGVQlE2BFCc8f4Hc1wJFW3k&ver=6.5.5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.142.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-142-191.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 27 Jun 2024 14:46:15 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

POST
H2 204 event-stream Show response
k.p-n.io/ 0
126 B 46ms
45ms Fetch 18.157.142.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=eVG4zdTtv5ogBcGVQlE2BFCc8f4Hc1wJFW3k&ver=6.5.5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.142.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-142-191.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 27 Jun 2024 14:46:16 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: polyfill.io
URL: https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2CString.prototype.endsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL

Domain: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/FUtg69tL.js

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-830923d6-d7a1-49cc-8af3-93270366e22c/bd5efc73-f7a3-4af5-9908-7494718e30de/d7379d7b-7909-4397-9c8a-b23b6673ffb5.bin

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Domain: m869.presstelegram.com
URL: https://m869.presstelegram.com/DG/DEFAULT/rest/rpc/878?referer=about%3Ablank&bcsessionid=f4dde4a7-097c-4330-9f53-8b200a36f8cc&bctempid=&overruleReferrer=&time=2024-06-27T15%3A46%3A10%2B01%3A00&ts=1719499570813

Domain: m869.presstelegram.com
URL: https://m869.presstelegram.com/DG/DEFAULT/rest/rpc/878?referer=about%3Ablank&bcsessionid=f4dde4a7-097c-4330-9f53-8b200a36f8cc&bctempid=&overruleReferrer=&time=2024-06-27T15%3A46%3A10%2B01%3A00&ts=1719499570816

Domain: m869.presstelegram.com
URL: https://m869.presstelegram.com/DG/DEFAULT/rest/rpc/878?referer=about%3Ablank&bcsessionid=f4dde4a7-097c-4330-9f53-8b200a36f8cc&bctempid=&overruleReferrer=&time=2024-06-27T15%3A46%3A14%2B01%3A00&ts=1719499574684

Verdicts & Comments Add Verdict or Comment

197 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
m869.presstelegram.com/DG/DEFAULT	1970-01-21 07:14:19	Name: BCSessionID Value: f4dde4a7-097c-4330-9f53-8b200a36f8cc
m869.presstelegram.com/DG/DEFAULT	1970-01-21 07:14:19	Name: BCSessionID Value: f4dde4a7-097c-4330-9f53-8b200a36f8cc
digitalfirstmedia.blueconic.net/DG/DEFAULT	1970-01-21 06:23:55	Name: BCSessionID Value: f4dde4a7-097c-4330-9f53-8b200a36f8cc
.t.co/	1970-01-21 07:08:33	Name: muc Value: afd19efa-73a7-4526-9d2e-091206ada32c
.presstelegram.com/	1970-01-21 06:23:55	Name: bc_tstgrp Value: 3
.presstelegram.com/	1970-01-21 01:57:31	Name: pushly.user_puuid Value: 4otpzRHtB9KEiSdlMn7R0wWdbMxQUyOr
.presstelegram.com/	1970-01-21 01:57:31	Name: _pnss Value: none
.presstelegram.com/	1970-01-21 07:14:19	Name: _ga Value: GA1.2.1220203997.1719499570
.presstelegram.com/	1970-01-20 21:38:19	Name: _gat_UA-61435456-15 Value: 1
.connatix.com/	1970-01-20 21:58:29	Name: cnx_userId Value: ecfbdd7f494d4ee596574a3007250d59
.presstelegram.com/	1970-01-21 07:14:19	Name: _ga_2N0VXCDHTW Value: GS1.1.1719499569.1.0.1719499570.59.0.1953279546
digitalfirstmedia.blueconic.net/	1970-01-20 21:48:24	Name: AWSALBCORS Value: ackNTblP+N5gbMBA/Y+cPGvWxIZO3GOkYTHPHJhTPr5rOO2YtTMtEUWauOk5cwuIiu6QKT+Ym7NbpAYt8NLf18g2PCqC0iUqbtninEwIWh+2BOBnwEVq8zadzgRD
m869.presstelegram.com/	1970-01-20 21:48:24	Name: AWSALB Value: 3aft5NWIwfaigrlPRmJ+YMB65mhi0oSKgl9mqk+savavoB/mdx0+YI/dM+AfRlBhgvLzLPOaAT9KUOyHiyBTJixHpym7S0u5KNcPYXsU+J7CbZn8/HGEskJxl4E+
m869.presstelegram.com/	1970-01-20 21:48:24	Name: AWSALBCORS Value: 3aft5NWIwfaigrlPRmJ+YMB65mhi0oSKgl9mqk+savavoB/mdx0+YI/dM+AfRlBhgvLzLPOaAT9KUOyHiyBTJixHpym7S0u5KNcPYXsU+J7CbZn8/HGEskJxl4E+

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2CString.prototype.endsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	error	URL: about:blank Message: Provider's accounts list is empty.
javascript	error	URL: about:blank Message: Access to XMLHttpRequest at 'https://m869.presstelegram.com/DG/DEFAULT/rest/rpc/878?referer=about%3Ablank&bcsessionid=f4dde4a7-097c-4330-9f53-8b200a36f8cc&bctempid=&overruleReferrer=&time=2024-06-27T15%3A46%3A10%2B01%3A00&ts=1719499570816' from origin 'https://www.presstelegram.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://m869.presstelegram.com/DG/DEFAULT/rest/rpc/878?referer=about%3Ablank&bcsessionid=f4dde4a7-097c-4330-9f53-8b200a36f8cc&bctempid=&overruleReferrer=&time=2024-06-27T15%3A46%3A10%2B01%3A00&ts=1719499570816 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: about:blank Message: Access to XMLHttpRequest at 'https://m869.presstelegram.com/DG/DEFAULT/rest/rpc/878?referer=about%3Ablank&bcsessionid=f4dde4a7-097c-4330-9f53-8b200a36f8cc&bctempid=&overruleReferrer=&time=2024-06-27T15%3A46%3A10%2B01%3A00&ts=1719499570813' from origin 'https://www.presstelegram.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://m869.presstelegram.com/DG/DEFAULT/rest/rpc/878?referer=about%3Ablank&bcsessionid=f4dde4a7-097c-4330-9f53-8b200a36f8cc&bctempid=&overruleReferrer=&time=2024-06-27T15%3A46%3A10%2B01%3A00&ts=1719499570813 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: about:blank Message: Access to XMLHttpRequest at 'https://m869.presstelegram.com/DG/DEFAULT/rest/rpc/878?referer=about%3Ablank&bcsessionid=f4dde4a7-097c-4330-9f53-8b200a36f8cc&bctempid=&overruleReferrer=&time=2024-06-27T15%3A46%3A14%2B01%3A00&ts=1719499574684' from origin 'https://www.presstelegram.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://m869.presstelegram.com/DG/DEFAULT/rest/rpc/878?referer=about%3Ablank&bcsessionid=f4dde4a7-097c-4330-9f53-8b200a36f8cc&bctempid=&overruleReferrer=&time=2024-06-27T15%3A46%3A14%2B01%3A00&ts=1719499574684 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ajax.googleapis.com
api-mg2.db-ip.com
az416426.vo.msecnd.net
capi.connatix.com
cd.connatix.com
cdn.auth0.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.listrakbi.com
cdn.p-n.io
cdn.parsely.com
cdn.taboola.com
cds.connatix.com
cmp.osano.com
digitalfirstmedia.blueconic.net
engage.theoaklandpress.com
fonts.googleapis.com
fonts.gstatic.com
fp.theoaklandpress.com
g2i.theoaklandpress.com
htlbid.com
ift.tt
imasdk.googleapis.com
ins.connatix.com
k.p-n.io
lit.connatix.com
loader-config.presstelegram.com
m869.presstelegram.com
p1.parsely.com
pixel.wp.com
polyfill.io
pubcast-files.remixd.com
region1.analytics.google.com
s.w.org
sb.scorecardresearch.com
securepubads.g.doubleclick.net
session.presstelegram.com
stats.g.doubleclick.net
stats.wp.com
t.co
tags.remixd.com
trc-events.taboola.com
vid.connatix.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.presstelegram.com
cdn.jwplayer.com
imasdk.googleapis.com
m869.presstelegram.com
polyfill.io
vid.connatix.com
104.18.41.104
13.32.27.92
141.226.228.48
151.101.1.44
151.101.129.44
172.64.146.152
172.67.75.166
18.157.142.191
18.235.100.15
18.244.18.122
18.66.112.4
18.66.122.52
18.66.130.11
18.66.147.86
192.0.66.2
192.0.76.3
192.0.77.48
2001:4860:4802:34::36
2600:9000:2359:6a00:10:474e:104a:2961
2600:9000:266e:d000:3:b7e:8940:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:801::200a
2a00:1450:4001:803::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2004
2a00:1450:4001:813::2008
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:400c:c09::9c
2a00:1450:4013:c16::54
2a04:4e42:400::485
3.161.77.50
35.162.0.228
35.190.38.143
63.34.81.234
93.184.221.165
99.86.4.62
01d6389de5581a2a3eb0cd4d6a05cb136bf07d221306f89173a080c73a38e392
0398c1311e13cdbf41553293888c2ef111ac9cdaf72301a08bbba94266a38a3d
05708eefbd8ed203ccd6b7bd60b96384a1c1100365e1ad6de9b2df4d8e490bed
07632089e1e368b9fab0bc4d343f57110e4fb1efac6323b7e5f5b314ba9f1439
0ce59c90fe90c46670e4cd7029b383a633861c274a42f0cbe72b74c74f7341dd
1257ce154e0e3e861f0bb0368d985ee3cb017d0a184ebf7e913a8ffe8ef0945c
16a2619b4d831694734838f42d825eb871ee5160d241900b780ad523404b1c50
18260c016ea9a17d34c685c8063b0952c3ec14387d9aea1b88e7edce81e65303
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1c6d30681a03b6abeaf2e82bcc8d88273930bfe65656711b2431a8aaa2c53f1e
1fc5d9e09d849e1b345b3998034947759f32ef5f25f2130067565a2a3537b962
23a93ecb152a096f465e7e0aa48a8736474af21c82be7839c73596069974c243
2a13716ab6a3daea190fbdede1589a030cc250c67e93d4483dc5d3cbfc6114b7
2c75ce09d476b37c7d1a4861fa8a33e5006123d8b4344c60dcde3d00e5bf20b5
3214c1d02f0794737b58d56814b31c639c67f85c6eb6816c39804cf5d4041dea
34554cca1d68d1c952b6d12bc418b6a8cb251850675186c1d408fb63ae201110
3838401fa2e3ee00028b6119c2c1201129a656a6822b27078e51e0d3f7056cac
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3dddc9ec1713ed777eb9873d6911e812e11344360a7945ed6206ab09e1948b40
405ede98142347459dac2cecad3b761928a343742477b47ee793c5bfc079f6e1
44d6f214e7cb063546a15bd93afd0b633ffd08d0255c6b3721fd01cc96d96183
4b447ad640da1576bf7170be176d1ba96a178b4ea2721edde9002238db4486bc
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5000f0e689a7c0c1670c8e994cfba91b190d0f125e895696cccddcf4cf3d04ef
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
573be2c5a8e8afd50dae04316c4f044712d34697e3b95d99a97b3dd39cfed855
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
5ce29d98387c8ec49420921b041564d30fb38382e73ee6d65450cc20553e9387
62fea2e1c684d85399c625083f28f58fff6bc835496acc98d0f97617b270138e
635db7ec24fdb4c0ec8880a0417f4d75ba62a37f2a339e9973c4383c7ef41919
64961cb57023f3d278891fa8b6d81372a624bdce85484e8ba70e6a7479258a4f
67338a97ef590e72680a386bdfdb475af4587ba3cfb5f6cad1e1f29dbd52e42c
6971a20959d544d8b603d3d2502dc711c7c57c537fe3c551ac239098cdc33294
6e2ac9199ad91f37086530f40f555fd704cdf95ba15644b3888852834cf9335a
6ef1aa2d1945fd9fb1bd4eb00c603d868f89477a33e9ec2ef7c7035c5a16df31
6ffdbde5525c0f91c0b7a999645cf1c30811576d7ce82699d7fdafaa06c1487f
73181c7a34ddc13439dbd2f62404fd22414a68b8690f9936902c56508f60faa7
73edf33c990476d9c124a19980b1d650810ed4e53cbf824b991b1fea03af5820
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
78fe543f9f5d1c63f95e71099401011bb3c831dcd25239a50d1f71d78da852f1
794d444f814675361a19cff0e4169285c1c2ef8d1a3125718e584ce05d8f584f
7a471672f3f91ad82285192cae07b7e06f4b2baddec73d8e6898a1a445f5d0ea
7f1dee1f14264cef7fd508fe6baea482ea737874f1e3a7550814e7c7e959cf07
7fee562b2aded71ae2485f94556a2564f87f95027e16ca2712db8ac0d07ec6bd
818b515528e75d20a6c1714a3b808a2877a724d51c984a0bd9e8c244ce9ce3d8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84126c860d5590d092cc1039b4da58ec9323b4fbfaebafdbd698aa85e9013ffc
8453a05ff35ac88b3f72b5eef7c7da92fe87bb5796642f273b2b903a9f022786
8684da074cb346b8363ea2680fd40a49058a359d2be65de0324af390d0732f3c
87ed2d6930b5010994c63cd7908ab44a6cdded82008f41b82aa5f82278e8e89a
881179ed8d76a220dc210c45af07c46373896683c0d394f1595cd7213cb4d7ba
89ca862aa5275d09c035a7888cdee5ee1d029263ec02227bc8e50b9b70e841cc
8e36afbdaba720d58781a894f851bf1ec1dff909427f9d9b842d924f568f8e6a
90dd3e578be112cdc44821892ee8d680aa032a99ec5af3ca73dfcba320950401
914fdd0d0eecc2c3c9a1c960a44201845256498e236e1dfadb109b14e6cf0097
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93a3943a0f9f7b624a9f11a1d08d961cc38c4f8e20fd99f307b8f1eb7f41762a
94b3e00d6787ff2377f3b807951caf45dc935f81b926bf4ed3f9d6909f75d322
956308a1555a6e6feed8e9230055ee3b028a7aa1882cb89c372172f43c042109
96b57ffaa189ccbcd3f98971956fa94ef470b8fcefeba279a9dbc18175edde79
9dca59a7344d2ef98a0c5a2e54cd42f4fb3890d530853a2500f847d640278e5a
9e1dae23d3ad3212f67d09ca79a50003c32953c36bab976f634c9b38d8a8c6dc
9f23b2bcd1543f64be4cb97535bbff27d8ffb1bfb5bd393f26dc96dc9d1cd837
a4a84ecff40d64914a941a765891af2fb1ca4ef816ee609d136f59cbc0de488e
ad00579e776e64e80dbebb1f29cfc68179f8be411b84d24ca12ece9b3221216e
ae4bd4ee615384b8db93de8e47a88381e0412d23c8b69b5e2235e82823e87f37
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b346de40aa3580f2f547467c7e492417fd7227e7a1e8a137cf818a98824c611f
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969
b9acb00bedf781f8628be0b9e065a92fd43909a214adab5ab7876d8aaef80a72
b9b255031ea3667a75c31a52b4608aae035fbb22b72e257a29a4fb1f84db1a10
bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
c28b9509eb28f1e46ee4878a4ad3d3d5bd963bbf66e8f4043a03b2614ef11650
c2ad103f45a8d1684a0be752a18c156ec4555b9cbd0893cfffddc800c3753eac
c37392e76245ae7a40fccced49d896542d759decd42d5929b3f6d0c0976f2afd
c3afed84aa2d470c6b5e5b17b372a2bc46e2faff2bcc52ebdb31164ed5acd258
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c540cdeba4eb897beea1c93c6452269a4de7b86a2e670b5b0ad37f9bbfc78c53
c6ea19906deac9d94b9b5bc730792f12df06565015884ba19416c1365beba2fd
cac06bef2444f7d5f70f55d280f5aa2faf9b76bbe4cfc8ae5870ccccdf234efc
cbccc935557398179deeef044a5ab2353e97ca4961f313793c8ba03964c43e93
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe5a77dafbaa5d08ad27f3180f633ba4d46fdb894ad94b1d54deb4248f2b19d
cff2239297f7d548cda993a6bb819c9b00280d5736b07a2263d08582b0273c3a
d2f30a82cd7cffd3d9059318fae190e1f32cde124eeb455391bb1ccdbdffac32
d3110f199d22d9d122a62c288cca3b3c80edccdb2979c02bcbfa0602a7b88039
db1c9f02d981c586f43bbcf35853c00c19b484bb500cb01e8d64aa7775503396
dcf69612937eafa973d612d1cb6a0ecf64ce73be8f517973a40e2e3955f69a03
dd439944b1b12e121a2e22224e686260aaeba47870b2f102a1f696bc329c9af0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de71eb66c755f04802db6d9c95ec1b72f6ffde96a270a414dae8c35112dc2edb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4aef8354ee5b81b1fab7d69f14bd265b2d8b62aa92b8b4807959835140acf1d
e6b879680c38e48bbf0ba91c2c9e104a7846fa2af3b2f0727c2837a8de24dbc9
eab6233096b857ecda13c7f64b1cee3378457faa09df4db474f765029f2fe921
eaebf02a05b3ecb6b3638829c74fd1fa96502f5fd350b664207bf036e3fc49f0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f111d54ab0c35a4589f457f5a639dd0da6e77cff190adb5a99f61f070133e823
f1be20933a0c951dd3888ee8a23b5f93aec5bca3bc8dfa6107bdcc6170c4163d
f229e6122ebd4c1106e73ab793141dc727ce4b34524553b49481b4d471fce78f
f31b66e1bb73975308a24622572341eed41284f3be20e2009140b3e029ca084f
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa18ce1f3e31a0f1b4ed52ae1f8272dc07b0b32ad73cbc540230b4ae31029bdd
fb3b596685ae179a3a752c421700d56a50b1c7cb8489e6a62c39505211c8f3b0
fdf47058216a097eff037ab2fc360420ea4ac953f516ea21bf9d0ab1238e4bfe
fdf6bbb1dd4ef6c35e648732a52ee3983c6582e4cb00387bbbb7e529ab347a4c

www.presstelegram.com Open in urlscan Pro 192.0.66.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

137 Requests

88 %HTTPS

39 %IPv6

29 Domains

49 Subdomains

38 IPs

7 Countries

3075 kBTransfer

12130 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.presstelegram.com Open in urlscan Pro
192.0.66.2 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

88 %
HTTPS

39 %
IPv6

29
Domains

49
Subdomains

38
IPs

7
Countries

3075 kB
Transfer

12130 kB
Size

14
Cookies

137 HTTP transactions
2 data transactions