myaccount.presstelegram.com Open in urlscan Pro
107.154.76.234 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://myaccount.presstelegram.com/
Submission: On November 20 via manual (November 20th 2023, 4:17:52 pm UTC) from US — Scanned from DE

Summary HTTP 101 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 26 IPs in 3 countries across 19 domains to perform 101 HTTP transactions. The main IP is 107.154.76.234, located in United States and belongs to INCAPSULA, US. The main domain is myaccount.presstelegram.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 22nd 2023. Valid for: a year.

This is the only time myaccount.presstelegram.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	107.154.76.234 107.154.76.234	19551 (INCAPSULA) (INCAPSULA)
9	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:d400:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:440... 2606:4700:4400::6812:2b5a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.121 18.66.97.121	16509 (AMAZON-02) (AMAZON-02)
2	18.66.130.11 18.66.130.11	16509 (AMAZON-02) (AMAZON-02)
1 3	13.32.99.105 13.32.99.105	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	172.64.146.207 172.64.146.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.27.115 13.32.27.115	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	13.32.99.89 13.32.99.89	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:d8f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	52.217.124.56 52.217.124.56	16509 (AMAZON-02) (AMAZON-02)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
3	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
7	34.120.154.120 34.120.154.120	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	208.89.15.170 208.89.15.170	11054 (LIVEPERSON) (LIVEPERSON)
2	208.89.12.87 208.89.12.87	() ()
101	26

27 107.154.76.234 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.76.234.ip.incapdns.net

myaccount.presstelegram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:d400:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2b5a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-121.fra56.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.130.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-130-11.fra60.r.cloudfront.net

cdn.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.105 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.146.207 (United States)

ASN13335 (CLOUDFLARENET, US)

s1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-115.fra56.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-89.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:d8f1 (United States)

ASN13335 (CLOUDFLARENET, US)

mng-prod.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.217.124.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.120.154.120 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 120.154.120.34.bc.googleusercontent.com

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.89.15.170 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.idp.liveperson.net

va.idp.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.89.12.87 (None, )

ASN- ()

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	presstelegram.com myaccount.presstelegram.com	2 MB
10	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 3761 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 4157	353 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	7 KB
8	amazonaws.com s3.amazonaws.com	4 MB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	22 KB
6	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3805 va.idp.liveperson.net — Cisco Umbrella Rank: 10084 va.v.liveperson.net	137 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	831 B
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3046 launchpad.privacymanager.io — Cisco Umbrella Rank: 2789 geo.privacymanager.io — Cisco Umbrella Rank: 1825	32 KB
4	gstatic.com fonts.gstatic.com	63 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6862	622 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	483 B
3	listrakbi.com cdn.listrakbi.com — Cisco Umbrella Rank: 10286 s1.listrakbi.com — Cisco Umbrella Rank: 10582	41 KB
3	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 172 Failed	867 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	230 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1481	126 KB
1	auth0.com mng-prod.auth0.com — Cisco Umbrella Rank: 282948	1 KB
1	liadm.com b-code.liadm.com — Cisco Umbrella Rank: 3063	15 KB
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1245 Failed	9 KB
0	Failed function sub() { [native code] }. Failed
101	19

	Domain	Requested by
27	myaccount.presstelegram.com	myaccount.presstelegram.com
9	fonts.googleapis.com	myaccount.presstelegram.com
8	s3.amazonaws.com
7	lpcdn.lpsnmedia.net	lptag.liveperson.net
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com myaccount.presstelegram.com
4	fonts.gstatic.com	fonts.googleapis.com
3	accdn.lpsnmedia.net	lptag.liveperson.net lpcdn.lpsnmedia.net
3	www.google.de
3	stats.g.doubleclick.net	www.googletagmanager.com myaccount.presstelegram.com
3	sb.scorecardresearch.com	www.googletagmanager.com
3	www.googletagmanager.com	myaccount.presstelegram.com www.googletagmanager.com
2	va.v.liveperson.net	lptag.liveperson.net
2	va.idp.liveperson.net	lptag.liveperson.net va.idp.liveperson.net
2	lptag.liveperson.net	myaccount.presstelegram.com
2	geo.privacymanager.io	myaccount.presstelegram.com
2	www.google.com
2	region1.analytics.google.com	www.googletagmanager.com
2	cdn.listrakbi.com	myaccount.presstelegram.com cdn.listrakbi.com
2	cdn.confiant-integrations.net	www.googletagmanager.com cdn.confiant-integrations.net
1	mng-prod.auth0.com	myaccount.presstelegram.com
1	launchpad.privacymanager.io	launchpad-wrapper.privacymanager.io
1	s1.listrakbi.com	cdn.listrakbi.com
1	launchpad-wrapper.privacymanager.io	www.googletagmanager.com
1	b-code.liadm.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
0	Failed	www.googletagmanager.com
101	26

This site contains links to these domains. Also see Links.

Domain
www.presstelegram.com
www.scngcustomcontent.com

Subject Issuer	Validity	Valid
*.mercurynews.com Go Daddy Secure Certificate Authority - G2	`2023-06-22` - `2024-07-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
confiant-integrations.net GTS CA 1P5	`2023-11-19` - `2024-02-17`	3 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
*.listrakbi.com Amazon RSA 2048 M01	`2023-02-28` - `2024-01-21`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
listrakbi.com Cloudflare Inc ECC CA-3	`2023-06-27` - `2024-06-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.webtask.auth0.com E1	`2023-09-30` - `2023-12-29`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-10`	9 months	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2023-01-09` - `2024-01-09`	a year	crt.sh
*.idp.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-03-30` - `2024-03-29`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-01-10` - `2024-01-10`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://myaccount.presstelegram.com/
Frame ID: 2CA293CABAA766845C04CB93180FA8F5
Requests: 94 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-TLFP4R
Frame ID: CE2E0F426E4B8D86576395C5BE1FFF27
Requests: 3 HTTP requests in this frame

Frame: https://mng-prod.auth0.com/authorize?client_id=kvI7O7QjfyQF92AdOl0an0LLznFau00s&redirect_uri=https%3A%2F%2Fmyaccount.presstelegram.com&scope=openid%20profile%20email&response_type=code&response_mode=web_message&state=TF9Dd0UyaG5mdVRqaXE2VkEzdEJmeE9kVjllYkFUUDV5dHZkZX5TTWhzNw%3D%3D&nonce=YUlIZWcudDFkT0dBT1VPNmJLMDVoMWk3WmtEVTdFMUI4RE1ZZllFWGpJUg%3D%3D&code_challenge=hkDt_-mZ8grQs6vQ_Sc-OJRukbpclZlLtunLscqDGvI&code_challenge_method=S256&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuOC4wIn0%3D
Frame ID: D0C9BFA8BA3484177700756A7D23F37C
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.24.0.0-release_5105/storage.secure.min.html?loc=https%3A%2F%2Fmyaccount.presstelegram.com&site=43776991&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Frame ID: CD2082230611195F6FE7DCDA6E709F6D
Requests: 2 HTTP requests in this frame

Frame: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1700497070991&loc=https%3A%2F%2Fmyaccount.presstelegram.com
Frame ID: 60301915357E9D282E65632B38551C02
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Access your account

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

101
Requests

96 %
HTTPS

48 %
IPv6

19
Domains

26
Subdomains

26
IPs

3
Countries

7268 kB
Transfer

10647 kB
Size

18
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.presstelegram.com/

Search URL Search Domain Scan URL

URL: https://www.scngcustomcontent.com/lbptmyaccount
Title: Click Here

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://sb.scorecardresearch.com/c2/6035443/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

101 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
myaccount.presstelegram.com/ 2 KB
2 KB 569ms
412ms Document
text/html 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f8b3ebad97e2d766ff11fcf313b1c0984fe1a9189abe1b24103e5a7a77e85276

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-type: text/html
date: Mon, 20 Nov 2023 16:17:45 GMT
etag: "0c717f4cbc6d91:0"
last-modified: Fri, 04 Aug 2023 12:05:26 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
x-host-name: AWSPRDWEB13
x-iinfo: 14-79083391-79083402 NNNN CT(92 197 0) RT(1700497064296 12) q(0 0 3 20) r(4 4) U24
x-powered-by: ASP.NET

GET
H2 200 styles.a266235a408475931588.css
myaccount.presstelegram.com/ 345 KB
346 KB 230ms
228ms Stylesheet
text/css 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/styles.a266235a408475931588.css
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a50d658d96c12418aa345d5ae3bbbe84af30f286db3f0e431758ca436ff0f4cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:45 GMT
last-modified: Fri, 04 Aug 2023 12:05:28 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "0f448f5cbc6d91:0"
x-powered-by: ASP.NET
content-type: text/css
x-iinfo: 14-79083391-79083402 PNNN RT(1700497064296 432) q(0 0 0 -1) r(1 2) U24
x-host-name: AWSPRDWEB13
accept-ranges: bytes
content-length: 353410

GET
H2 200 runtime-es2015.bd7f940febebf2e5014a.js Show response
myaccount.presstelegram.com/ 6 KB
7 KB 350ms
348ms Script
application/javascript 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/runtime-es2015.bd7f940febebf2e5014a.js
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 56030e57821f8337984a513b2ae9de889b10247a8b2f220f089957cc28ae05f2

Request headers

Referer: https://myaccount.presstelegram.com/
Origin: https://myaccount.presstelegram.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:45 GMT
last-modified: Fri, 04 Aug 2023 12:05:28 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "0f448f5cbc6d91:0"
x-powered-by: ASP.NET
content-type: application/javascript
x-iinfo: 14-79083391-79083462 NNNN CT(112 101 0) RT(1700497064296 436) q(0 0 2 -1) r(3 3) U24
x-incap-sess-cookie-hdr: D3+0GpsyCG1ZsX9iSbWbA6mGW2UAAAAAXmgrjBhCErVTWhYhOktjOw==
x-host-name: AWSPRDWEB13
accept-ranges: bytes
content-length: 6540

GET
H2 200 polyfills-es2015.f860137831055eae683a.js Show response
myaccount.presstelegram.com/ 139 KB
140 KB 415ms
413ms Script
application/javascript 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/polyfills-es2015.f860137831055eae683a.js
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a2b57109a58d9f80f23958f91793d41087b7cdf3178d94891b5f447960723288

Request headers

Referer: https://myaccount.presstelegram.com/
Origin: https://myaccount.presstelegram.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:45 GMT
last-modified: Fri, 04 Aug 2023 12:05:28 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "0f448f5cbc6d91:0"
x-powered-by: ASP.NET
content-type: application/javascript
x-iinfo: 14-79083391-79083464 NNNN CT(110 99 0) RT(1700497064296 441) q(0 0 2 -1) r(3 4) U24
x-incap-sess-cookie-hdr: CLCDIlFVgDtZsX9iSbWbA6mGW2UAAAAAe5S7DXRSPYyNS7XPwxZapw==
x-host-name: AWSPRDWEB13
accept-ranges: bytes
content-length: 142474

GET
H2 200 scripts.aa57fdb31785784b564a.js Show response
myaccount.presstelegram.com/ 162 KB
51 KB 351ms
350ms Script
application/javascript 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/scripts.aa57fdb31785784b564a.js
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4af7746ed402fe791c6d5d890b422a19ade5bd4e78786567f561b68db8cc8e28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:45 GMT
content-encoding: gzip
last-modified: Fri, 04 Aug 2023 12:05:28 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "0f448f5cbc6d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 14-79083391-79083471 NNNN CT(107 93 0) RT(1700497064296 459) q(0 0 2 -1) r(3 3) U24
x-host-name: AWSPRDWEB13
accept-ranges: bytes
content-length: 51689

GET
H2 200 vendor-es2015.d39b18ab774529180e69.js Show response
myaccount.presstelegram.com/ 1 MB
1 MB 351ms
349ms Script
application/javascript 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/vendor-es2015.d39b18ab774529180e69.js
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0e6759cf551ce1d2658665f94de7ea80f7c7410c1ac58f4941c4c3193a84ac1b

Request headers

Referer: https://myaccount.presstelegram.com/
Origin: https://myaccount.presstelegram.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:45 GMT
last-modified: Fri, 04 Aug 2023 12:05:28 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "0f448f5cbc6d91:0"
x-powered-by: ASP.NET
content-type: application/javascript
x-iinfo: 14-79083391-79083467 NNNN CT(106 100 0) RT(1700497064296 447) q(0 0 2 -1) r(3 3) U24
x-incap-sess-cookie-hdr: sBsLR25uEA5ZsX9iSbWbA6mGW2UAAAAAuElZeu8Mxk+MGfA5WpHZXQ==
x-host-name: AWSPRDWEB13
accept-ranges: bytes
content-length: 1345497

GET
H2 200 main-es2015.b6561788305c75814310.js Show response
myaccount.presstelegram.com/ 369 KB
68 KB 417ms
416ms Script
application/javascript 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/main-es2015.b6561788305c75814310.js
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cd1105822f33ecf96cff973514ea994bc01f59ffd0a6bf0532bdf2d7ab65f9bd

Request headers

Referer: https://myaccount.presstelegram.com/
Origin: https://myaccount.presstelegram.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:45 GMT
content-encoding: gzip
last-modified: Fri, 04 Aug 2023 12:05:26 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "0c717f4cbc6d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 14-79083391-79083469 NNNN CT(100 98 0) RT(1700497064296 455) q(0 0 2 -1) r(3 4) U24
x-incap-sess-cookie-hdr: SHH+Sbhp4kFZsX9iSbWbA6mGW2UAAAAA+Ys8UNUhPQMm8p9THwsvQw==
x-host-name: AWSPRDWEB13
accept-ranges: bytes
content-length: 68771

GET
H2 200 _Incapsula_Resource Show response
myaccount.presstelegram.com/ 153 KB
22 KB 48ms
47ms Script
application/javascript 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1413246817
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: /
Resource Hash: e642ef04d764d1f3a13ecd0a22817455757094a50ca044892ad5b651a1a27c96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 22031
content-type: application/javascript

GET
H2 200 _Incapsula_Resource
myaccount.presstelegram.com/ 1 B
35 B 19ms
19ms Image
text/plain 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myaccount.presstelegram.com/_Incapsula_Resource?SWKMTFSR=1&e=0.26875710344849946
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 488ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Requested by

Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/styles.a266235a408475931588.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Nov 2023 16:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 14:35:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Nov 2023 16:17:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
894 B 489ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700

Requested by

Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/styles.a266235a408475931588.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

64712f9665d4d4a47625a65edb9d01650f9bdb8fbcb90f1e632cc68e939e03cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Nov 2023 16:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 15:48:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Nov 2023 16:17:46 GMT

GET
H2 200 Application Show response
myaccount.presstelegram.com/api/ 15 KB
15 KB 167ms
167ms XHR
application/json 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/api/Application
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/polyfills-es2015.f860137831055eae683a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Kestrel / ASP.NET
Resource Hash: 21909e20a233ed5b4316af05e76a19e0f53e3fc46aa9488035cac2f09bb9cb30

Request headers

Pragma: no-cache
X-MediaGroupCode: MNG
X-PaperCode: lbpt
X-Version: 3.16.2
X-ClientCode: LBPT
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json
Access-Control-Allow-Origin: *
Accept: application/json, text/plain, */*
Referer: https://myaccount.presstelegram.com/

Response headers

x-iinfo: 14-79083391-79083464 PNNN RT(1700497064296 1699) q(0 0 0 -1) r(2 2) U24
date: Mon, 20 Nov 2023 16:17:46 GMT
server: Kestrel
x-host-name: AWSPRDWEB13
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8

GET
H2 200 themeb.0871b9.css
myaccount.presstelegram.com/ 94 KB
95 KB 109ms
108ms Stylesheet
text/css 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/themeb.0871b9.css
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/main-es2015.b6561788305c75814310.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8daccabf5b7c9722992275629fef99873b58c9a9999fdf52aaf1f917932bc69a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:46 GMT
last-modified: Fri, 04 Aug 2023 12:05:28 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "0f448f5cbc6d91:0"
x-powered-by: ASP.NET
content-type: text/css
x-iinfo: 14-79083391-79083464 PNNN RT(1700497064296 1877) q(0 0 0 -1) r(1 1) U24
x-host-name: AWSPRDWEB13
accept-ranges: bytes
content-length: 96443

GET
H2 200 css
fonts.googleapis.com/ 4 KB
581 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900&display=swap

Requested by

Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/themeb.0871b9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a781901393bd19811bef7ec44fe3715212110370a565ce384ff8a902de5eaf3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Nov 2023 16:17:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 16:17:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Nov 2023 16:17:47 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
693 B 21ms
18ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=EB+Garamond:wght@400;500&display=swap

Requested by

Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/themeb.0871b9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

afca62e28a5f2940b66823b7700cd3f0af957b52320ba188bb4295c4d10a7abd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Nov 2023 16:17:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 16:17:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Nov 2023 16:17:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
724 B 20ms
18ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900&display=swap

Requested by

Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/themeb.0871b9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

490da689a39d9f676bc795eba9c986c8ffce3a81f0580932415b38cb0ea12927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Nov 2023 16:17:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 16:17:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Nov 2023 16:17:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
835 B 19ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:100,300,400,700,900&display=swap

Requested by

Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/themeb.0871b9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0cb2602f766e34b3a1cfe4aec0ace43d8d8197abb402fbb325a2c7820f99c5d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Nov 2023 16:17:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 16:17:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Nov 2023 16:17:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
699 B 25ms
23ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:300,400,500,700

Requested by

Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/themeb.0871b9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ab5f4a3b0a88c731e3564e0431a9047c34949762c7c5ef596fdc60b3659a044

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Nov 2023 16:17:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 16:11:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Nov 2023 16:17:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
938 B 22ms
20ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Requested by

Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/themeb.0871b9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Nov 2023 16:17:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 15:59:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Nov 2023 16:17:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
894 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700

Requested by

Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/themeb.0871b9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

64712f9665d4d4a47625a65edb9d01650f9bdb8fbcb90f1e632cc68e939e03cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Nov 2023 16:17:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 14:31:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Nov 2023 16:17:47 GMT

GET
H2 200 googleTag.js Show response
myaccount.presstelegram.com/assets/scripts/tag-manager/ 1 KB
1 KB 110ms
109ms Script
application/javascript 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/assets/scripts/tag-manager/googleTag.js
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/main-es2015.b6561788305c75814310.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f12b54a028194f667cefd1dc255cc566fb57e15086d8b6a6c95a574f1bf6e2ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:47 GMT
last-modified: Fri, 04 Aug 2023 12:05:26 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "0c717f4cbc6d91:0"
x-powered-by: ASP.NET
content-type: application/javascript
x-iinfo: 14-79083391-79083464 PNNN RT(1700497064296 2021) q(0 0 0 -1) r(1 1) U24
x-host-name: AWSPRDWEB13
accept-ranges: bytes
content-length: 1053

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 212ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://myaccount.presstelegram.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 182438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 13:37:09 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 594 KB
138 KB 48ms
16ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Requested by

Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2de07fe96902d5a2aef105c0a5c45c7b4449bc478df7acca2fd5ee48dcc07a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141273
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Nov 2023 16:17:47 GMT

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame CE2E 498 B
402 B 55ms
29ms Document
text/html 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-TLFP4R

Requested by

Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/assets/scripts/tag-manager/googleTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6598392bf4c8040b4a361b8180dd2c273ac1a5974a22cc74c8a140d0b55e322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://myaccount.presstelegram.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 216
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 16:17:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2 200 Internationalization Show response
myaccount.presstelegram.com/api/Application/Configuration/ 8 KB
9 KB 143ms
142ms XHR
application/json 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/api/Application/Configuration/Internationalization
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/polyfills-es2015.f860137831055eae683a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Kestrel / ASP.NET
Resource Hash: b5f77388ccc44500760f931d7bd5640158cfe0e492b98f10e8212ad8dd5c776f

Request headers

Pragma: no-cache
X-MediaGroupCode: MNG
X-PaperCode: lbpt
X-Version: 3.16.2
X-ClientCode: LBPT
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json
Access-Control-Allow-Origin: *
Accept: application/json, text/plain, */*
Referer: https://myaccount.presstelegram.com/

Response headers

x-iinfo: 14-79083391-79083464 PNNN RT(1700497064296 2245) q(0 0 0 -1) r(1 1) U24
date: Mon, 20 Nov 2023 16:17:47 GMT
server: Kestrel
x-host-name: AWSPRDWEB13
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8

GET undefined.gif
secure.quantserve.com/pixel/ Frame CE2E 0
0

GET p
sb.scorecardresearch.com/ Frame CE2E 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2N0VXCDHTW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6154ba5d1f81523aa17e0e480bfc263b683ed8242d29db812bfe884370938391

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92881
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 20 Nov 2023 16:17:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 67ms
11ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 20 Nov 2023 15:19:54 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3473
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 20 Nov 2023 17:19:54 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 21 KB
9 KB 9ms
8ms Script
application/javascript 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:47 GMT
content-encoding: gzip
etag: "e23JaXq4HVtlOmThpFhluQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 27 Nov 2023 16:17:47 GMT

GET https://xn--m869-376a.xn--presstelegram-1k6g.com/script.js
https://xn--m869-376a.xn--presstelegram-1k6g.com/script.js 0
0

GET
H2 200 0.min.js Show response
b-code.liadm.com/ 47 KB
15 KB 86ms
7ms Script
application/javascript 2600:9000:225e:d400:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/0.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:d400:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b0512ff1ecca4eeaa79eabd6f059915e9cec84022c2f78519acf20d942b628e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 19:21:56 GMT
content-encoding: gzip
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 75351
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: bjgUZWVTCmVdN3oOjR5q-CIW9tSOYL4Yr8_A-exvhVu87FEy9uYdqA==

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/3IyQ81Wnn-d6bieQLuWeDuN4PWM/gpt_and_prebid/ 228 KB
43 KB 50ms
22ms Script
text/javascript 2606:4700:4400::6812:2b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/3IyQ81Wnn-d6bieQLuWeDuN4PWM/gpt_and_prebid/config.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4483683c68e29e2b5f1f6ab08cb64d11bde1b00b41cc531b982b4e8793302d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Nov 2023 12:01:06 GMT
server: cloudflare
x-amz-request-id: GV6SY3BMHPFKN86J
age: 395
etag: W/"7f40abdc6777b8d5e7186867aefe7068"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 8292014fed06036e-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 6OcsIzK8nTg/w7D9/pvhExmaAJVpPB/aBFZ7VJ/gNdk8OG45bRel4nIIeMvNdY3uZlUh96MZS59mcCPmQPfkoGD+X7RjSMPUaeXRVfPXlRk=

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/70bb23e5-a2a7-414e-b709-7066b1333c83/ 17 KB
3 KB 51ms
9ms Script
text/javascript 18.66.97.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/70bb23e5-a2a7-414e-b709-7066b1333c83/launchpad-liveramp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-121.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f35a7a3eb28e1da39e87276b8f75d6203b808e26b63218ffb0be3fd62e0de605

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 0wgTlvozKv_yHsVhsA.bHuhm0r2Cnphv
content-encoding: gzip
via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
date: Mon, 20 Nov 2023 05:58:37 GMT
x-amz-cf-pop: FRA56-P2
age: 37151
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Sun, 27 Aug 2023 22:55:22 GMT
server: AmazonS3
etag: W/"e1e9408aa4a994afbbb535269e3387fb"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: KCX_O8wjdM2EPxN-2u55YwDovPO1tcnpjDiUUJxoOqILL2sLJX-Xbw==

GET
H/1.1 200
OK script.js Show response
cdn.listrakbi.com/scripts/ 242 KB
39 KB 33ms
9ms Script
text/javascript 18.66.130.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/scripts/script.js?m=AUjk900vfCG0&v=1
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.130.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-130-11.fra60.r.cloudfront.net
Software: cloudflare / ASP.NET
Resource Hash: 6b8de31d386e037508a5e26325013a25ae66a90078d6a07027ef003ff5b48dcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 20 Nov 2023 16:15:46 GMT
Content-Encoding: gzip
Via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
CF-Cache-Status: DYNAMIC
X-AspNet-Version: 4.0.30319
X-ltk: 11/20/2023 9:34:02 AM
X-Amz-Cf-Pop: FRA60-P2
X-Powered-By: ASP.NET
Age: 121
X-Cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection: keep-alive
Content-Length: 38969
Last-Modified: Mon, 20 Nov 2023 11:09:12 GMT
Server: cloudflare
ETag: "3bSWUIrwfFqlujS/s4lZIQ=="
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, max-age=3600, s-maxage=600
Accept-Ranges: bytes
CF-RAY: 82916a596f274d68-FRA
X-Amz-Cf-Id: cdt3tRIxQiY8BJ4tF9P__Ld5xvLskdqFOgJKjtfcjTu3sFfC-6Fn1w==
Expires: Mon, 20 Nov 2023 17:15:46 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
224 B 9ms
8ms Image
text/plain 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1700497067469&ns_c=UTF-8&c8=&c7=https%3A%2F%2Fmyaccount.presstelegram.com%2F&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:47 GMT
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: roxL7lUab3eKxEWY04ArAmlrPsok9esNWCkjMzQtK8_MlWGifeheDg==
x-cache: Miss from cloudfront

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035443/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
383 B

11ms
10ms

Script
application/javascript

13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:01:05 GMT
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:48:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 26204
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 0
x-amz-cf-id: RGAAeHLw-zseYfIJbf3JKs7DiKD3VkFXc9AjbxkfFBHSIsdQko_Cdg==

Redirect headers

date: Mon, 20 Nov 2023 16:17:47 GMT
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
location: /internal-c2/default/cs.js
content-length: 0
x-amz-cf-id: MauxP647_SCReiHBWpHltDXM-_D8PQIjUVHiHsaPw1eRqGiCcdGjcA==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
262 B 56ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2N0VXCDHTW&gtm=45je3b81v9119563602z871194413&_p=1700497067307&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1951849027.1700497068&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700497067&sct=1&seg=0&dl=https%3A%2F%2Fmyaccount.presstelegram.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&ep.ReturnURL=Not%20Set&ep.Slug_Referral=Not%20Set&ep.MG2_Checkout_Referrer=&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&ep.pw_CampaignID=Not%20Set&ep.NoBlocker=true&ep.Keywords=&tfd=2630
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2N0VXCDHTW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 16:17:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://myaccount.presstelegram.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
262 B 80ms
22ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2N0VXCDHTW&cid=1951849027.1700497068&gtm=45je3b81v9119563602z871194413&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2N0VXCDHTW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 16:17:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://myaccount.presstelegram.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 88ms
47ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2N0VXCDHTW&cid=1951849027.1700497068&gtm=45je3b81v9119563602z871194413&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=347582983

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 16:17:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 common-es2015.60f4717cd915efe264ff.js Show response
myaccount.presstelegram.com/ 82 KB
18 KB 132ms
131ms Script
application/javascript 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/common-es2015.60f4717cd915efe264ff.js
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/runtime-es2015.bd7f940febebf2e5014a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c537c405703a24dd85bc8c882cc2feeae2a8a4b60aad86b1149e4793f5ce6bdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:47 GMT
content-encoding: gzip
last-modified: Fri, 04 Aug 2023 12:05:26 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "0c717f4cbc6d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 14-79083391-79083467 PNNN RT(1700497064296 2526) q(0 0 0 -1) r(1 1) U24
x-host-name: AWSPRDWEB13
accept-ranges: bytes
content-length: 17820

GET
H2 200 90-es2015.ef01d02e415710400ef6.js Show response
myaccount.presstelegram.com/ 88 KB
28 KB 139ms
138ms Script
application/javascript 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/90-es2015.ef01d02e415710400ef6.js
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/runtime-es2015.bd7f940febebf2e5014a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8db2bc789169baddffdc9bb0c7ec64cfdc763125b0b307f7b069be21c8be6619

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:47 GMT
content-encoding: gzip
last-modified: Fri, 04 Aug 2023 12:05:26 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "0c717f4cbc6d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 14-79083391-79083464 PNNN RT(1700497064296 2537) q(0 0 0 -1) r(1 1) U24
x-host-name: AWSPRDWEB13
accept-ranges: bytes
content-length: 27891

GET
H2 200 getIds Show response
s1.listrakbi.com/AUjk900vfCG0/session/ 175 B
1021 B 149ms
124ms Script
application/x-javascript 172.64.146.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.listrakbi.com/AUjk900vfCG0/session/getIds?callback=ltkCallback4232&gsid=&_sid=&_tid=&ps=null&dps=true
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=AUjk900vfCG0&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 85177f35eeec980d8c3a2e4c110eade595093e05aabb4c68c90caa9688832e4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 16:17:47 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type: application/x-javascript; charset=utf-8
cache-control: no-cache
cf-ray: 829201509cb03638-FRA
expires: -1

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 15:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1495
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 20 Nov 2023 16:52:52 GMT

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 264 KB
84 KB 21ms
20ms Script
application/javascript 2606:4700:4400::6812:2b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/3IyQ81Wnn-d6bieQLuWeDuN4PWM/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Oct 2023 16:04:16 GMT
server: cloudflare
x-amz-request-id: 799J46HMR8DD5A13
age: 1773786
etag: W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 829201508dbd036e-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: L30FBUoK3+qa9TaVHV8UbthO93NUx1Q04YkeosmwBd6K2/gH7I81ik1fmNd4GmCx3Y6boBrXByA=

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/latest/ 128 KB
28 KB 112ms
8ms Script
application/x-javascript 13.32.27.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by: Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/70bb23e5-a2a7-414e-b709-7066b1333c83/launchpad-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53fcbdb394dab3494945cd64fbd897b641057715860ee624ec0d3c5e701edac2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: PnaJdxHydHN9eEuWHl7A1SeLMo27G9Y2
content-encoding: gzip
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
date: Mon, 20 Nov 2023 16:04:47 GMT
last-modified: Fri, 27 Oct 2023 11:56:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 781
x-amz-server-side-encryption: AES256
etag: W/"8f65165dbe6028fe7739c568043840fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: jhYW0jik8cdT7YeIzqJgdu1S2TfpuqC77nDPw2q-WoTEZBaRP6FCJg==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 16ms
15ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2095203219&t=pageview&_s=1&dl=https%3A%2F%2Fmyaccount.presstelegram.com%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEAjBAAAACgFK~&jid=1957993377&gjid=1792603277&cid=1951849027.1700497068&tid=UA-61435456-15&_gid=353539577.1700497068&_r=1&_slc=1&gtm=45He3b81n71TLFP4Rv71194413&cd2=presstelegram.com&cd3=presstelegram.com&cd14=subscription&cd34=true&cd35=&cd42=Not%20Set&cd50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&cd51=&cd61=Not%20Set&cd63=Not%20Set&cd67=None&cd68=None&cd69=None&cd70=None&cd71=None&cd72=none&cd73=none&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd53=1951849027.1700497068&z=541047321

Requested by

Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/polyfills-es2015.f860137831055eae683a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.presstelegram.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 16:17:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://myaccount.presstelegram.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 15ms
15ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2095203219&t=event&ni=1&_s=1&dl=https%3A%2F%2Fmyaccount.presstelegram.com%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=25%25&el=%2F&_u=aCDACEAjBAAAACgFKAC~&jid=149839915&gjid=18536064&cid=1951849027.1700497068&tid=UA-61435456-39&_gid=353539577.1700497068&_r=1&_slc=1&gtm=45He3b81n71TLFP4Rv71194413&cd34=true&cd35=&cd42=Not%20Set&cd50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&cd51=&cd61=Not%20Set&cd63=Not%20Set&cd67=None&cd68=None&cd69=None&cd70=None&cd71=None&cd72=none&cd73=none&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd53=1951849027.1700497068&z=342619530

Requested by

Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/polyfills-es2015.f860137831055eae683a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.presstelegram.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 16:17:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://myaccount.presstelegram.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2095203219&t=event&ni=1&_s=1&dl=https%3A%2F%2Fmyaccount.presstelegram.com%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=50%25&el=%2F&_u=aCDACEAjBAAAACgFKAC~&jid=&gjid=&cid=1951849027.1700497068&tid=UA-61435456-39&_gid=353539577.1700497068&gtm=45He3b81n71TLFP4Rv71194413&cd34=true&cd35=&cd42=Not%20Set&cd50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&cd51=&cd61=Not%20Set&cd63=Not%20Set&cd67=None&cd68=None&cd69=None&cd70=None&cd71=None&cd72=none&cd73=none&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd53=1951849027.1700497068&z=176297522

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 23:32:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 60301
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2095203219&t=event&ni=1&_s=1&dl=https%3A%2F%2Fmyaccount.presstelegram.com%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=75%25&el=%2F&_u=aCDACEAjBAAAACgFKAC~&jid=&gjid=&cid=1951849027.1700497068&tid=UA-61435456-39&_gid=353539577.1700497068&gtm=45He3b81n71TLFP4Rv71194413&cd34=true&cd35=&cd42=Not%20Set&cd50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&cd51=&cd61=Not%20Set&cd63=Not%20Set&cd67=None&cd68=None&cd69=None&cd70=None&cd71=None&cd72=none&cd73=none&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd53=1951849027.1700497068&z=239157140

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 23:32:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 60301
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2095203219&t=event&ni=1&_s=1&dl=https%3A%2F%2Fmyaccount.presstelegram.com%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=100%25&el=%2F&_u=aCDACEAjBAAAACgFKAC~&jid=&gjid=&cid=1951849027.1700497068&tid=UA-61435456-39&_gid=353539577.1700497068&gtm=45He3b81n71TLFP4Rv71194413&cd34=true&cd35=&cd42=Not%20Set&cd50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&cd51=&cd61=Not%20Set&cd63=Not%20Set&cd67=None&cd68=None&cd69=None&cd70=None&cd71=None&cd72=none&cd73=none&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd53=1951849027.1700497068&z=1377833828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 23:32:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 60301
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 24ms
19ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-61435456-15&cid=1951849027.1700497068&jid=1957993377&gjid=1792603277&_gid=353539577.1700497068&_u=aCDACEAiBAAAACgFK~&z=1414999444

Requested by

Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/polyfills-es2015.f860137831055eae683a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.presstelegram.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 20 Nov 2023 16:17:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://myaccount.presstelegram.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 24ms
20ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-61435456-39&cid=1951849027.1700497068&jid=149839915&gjid=18536064&_gid=353539577.1700497068&_u=aCDACEAjBAAAACgFKAC~&z=1969818104

Requested by

Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/polyfills-es2015.f860137831055eae683a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.presstelegram.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 20 Nov 2023 16:17:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://myaccount.presstelegram.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 70ms
46ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-61435456-15&cid=1951849027.1700497068&jid=1957993377&_u=aCDACEAiBAAAACgFK~&z=1240280814

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 16:17:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 45ms
45ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-61435456-15&cid=1951849027.1700497068&jid=1957993377&_u=aCDACEAiBAAAACgFK~&z=1240280814

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 16:17:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 69ms
46ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-61435456-39&cid=1951849027.1700497068&jid=149839915&_u=aCDACEAjBAAAACgFKAC~&z=1176219748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 16:17:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 45ms
45ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-61435456-39&cid=1951849027.1700497068&jid=149839915&_u=aCDACEAjBAAAACgFKAC~&z=1176219748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 16:17:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK animate.min.css
cdn.listrakbi.com/css/ 5 KB
1 KB 7ms
7ms Stylesheet
text/css 18.66.130.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/css/animate.min.css
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=AUjk900vfCG0&v=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.130.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-130-11.fra60.r.cloudfront.net
Software: cloudflare / ASP.NET
Resource Hash: bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 20 Nov 2023 06:20:32 GMT
Content-Encoding: gzip
Via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
CF-Cache-Status: DYNAMIC
X-Amz-Cf-Pop: FRA60-P2
Age: 35918
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 14 Oct 2022 18:03:08 GMT
Server: cloudflare
ETag: W/"2ff9137f7dfd81:0"
Vary: Accept-Encoding
Content-Type: text/css
CF-RAY: 825b32fecccd4dac-FRA
X-Amz-Cf-Id: 4-94qLcDHNX-VBI-1UbtI8SJTsoWMhFMcD3knk6eV6mgYSTpGTRmTw==

GET
H2 200 Configuration Show response
myaccount.presstelegram.com/api/Auth0/ 230 B
637 B 122ms
120ms XHR
application/json 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/api/Auth0/Configuration
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/polyfills-es2015.f860137831055eae683a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Kestrel / ASP.NET
Resource Hash: 3f31a47538da87ba904705dbec91421a61a3d2eca0fc275798cd644659525b1b

Request headers

Pragma: no-cache
X-MediaGroupCode: MNG
X-PaperCode: lbpt
X-Version: 3.16.2
X-ClientCode: LBPT
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json
Access-Control-Allow-Origin: *
Accept: application/json, text/plain, */*
Referer: https://myaccount.presstelegram.com/

Response headers

x-iinfo: 14-79083391-79083464 PNNN RT(1700497064296 2697) q(0 0 0 -1) r(1 1) U24
date: Mon, 20 Nov 2023 16:17:47 GMT
server: Kestrel
x-host-name: AWSPRDWEB13
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
610 B 10ms
9ms Fetch
application/json 13.32.99.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/polyfills-es2015.f860137831055eae683a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-89.fra60.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept: application/json
Referer: https://myaccount.presstelegram.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Nov 2023 01:55:25 GMT
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront), 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 51742
x-amzn-requestid: 6515a3c5-7722-4950-90eb-18334e48d775
x-amzn-trace-id: Root=1-655abc8d-5aab3fdf7cee53032eaf81b9;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: OrJmFFEqjoEEjVg=
content-length: 30
x-amz-cf-id: 3qi2kJEE0BH-8kv-MwaMX-QdyZty6cv_gzNoMO07Ed_vxHp_UqpiBg==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 114ms
84ms Preflight
application/json 13.32.99.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-89.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://myaccount.presstelegram.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Mon, 20 Nov 2023 16:17:47 GMT
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront), 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
x-amz-apigw-id: OtH65E3QjoEETXg=
x-amz-cf-id: iFQfOAtehoUOgw-f0eViuZsxmW3N75UwBP00b0couw7TOBOJWVo-Mw==
x-amz-cf-pop: FRA56-P3 FRA60-P3
x-amzn-requestid: 5df821f5-7483-49c7-878e-b26b67b0b764
x-cache: Miss from cloudfront

GET
H2 200 authorize Show response
mng-prod.auth0.com/ Frame D0C9 1 KB
1 KB 605ms
575ms Document
text/html 2606:4700::6810:d8f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mng-prod.auth0.com/authorize?client_id=kvI7O7QjfyQF92AdOl0an0LLznFau00s&redirect_uri=https%3A%2F%2Fmyaccount.presstelegram.com&scope=openid%20profile%20email&response_type=code&response_mode=web_message&state=TF9Dd0UyaG5mdVRqaXE2VkEzdEJmeE9kVjllYkFUUDV5dHZkZX5TTWhzNw%3D%3D&nonce=YUlIZWcudDFkT0dBT1VPNmJLMDVoMWk3WmtEVTdFMUI4RE1ZZllFWGpJUg%3D%3D&code_challenge=hkDt_-mZ8grQs6vQ_Sc-OJRukbpclZlLtunLscqDGvI&code_challenge_method=S256&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuOC4wIn0%3D

Requested by

Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/90-es2015.ef01d02e415710400ef6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:d8f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

252a474463afcb5cc0ea0db3e9520fd8e0b90ccd20292fa8058deb0d875572bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.presstelegram.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 829201539cf61da2-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Mon, 20 Nov 2023 16:17:48 GMT
ot-baggage-auth0-request-id: 829201539cf61da2
ot-tracer-sampled: true
ot-tracer-spanid: 06fb85d178f4ae14
ot-tracer-traceid: 6a8710777453df36
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
traceparent: 00-00000000000000006a8710777453df36-06fb85d178f4ae14-01
tracestate: auth0-request-id=829201539cf61da2,auth0=true
vary: Accept-Encoding
x-auth0-requestid: 0c60f228d4d7ac8f4f2b
x-content-type-options: nosniff
x-ratelimit-limit: 300
x-ratelimit-remaining: 299
x-ratelimit-reset: 1700497069

GET
H2 200 manifest.json Show response
myaccount.presstelegram.com/ 2 KB
2 KB 132ms
128ms XHR
application/json 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/manifest.json
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/polyfills-es2015.f860137831055eae683a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8cd19f16c1b03dd7fdd38f89dce369b3a6209228f5cea2b1972b7b7a52242199

Request headers

Pragma: no-cache
X-MediaGroupCode: MNG
X-PaperCode: lbpt
X-Version: 3.16.2
X-ClientCode: LBPT
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json
Access-Control-Allow-Origin: *
Accept: application/json, text/plain, */*
Referer: https://myaccount.presstelegram.com/

Response headers

date: Mon, 20 Nov 2023 16:17:48 GMT
last-modified: Fri, 04 Aug 2023 12:05:26 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "0c717f4cbc6d91:0"
x-powered-by: ASP.NET
content-type: application/json
x-iinfo: 14-79083391-79083464 PNNN RT(1700497064296 3635) q(0 0 0 -1) r(1 1) U24
x-host-name: AWSPRDWEB13
accept-ranges: bytes
content-length: 1648

GET
H2 200 45-es2015.11e2061d4db7cf587a69.js Show response
myaccount.presstelegram.com/ 7 KB
3 KB 128ms
127ms Script
application/javascript 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/45-es2015.11e2061d4db7cf587a69.js
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/runtime-es2015.bd7f940febebf2e5014a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 49aedf4c41704ec44b54b22f700b5bda2b5ad93a954aab6e604b28319be51eba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:48 GMT
content-encoding: gzip
last-modified: Fri, 04 Aug 2023 12:05:24 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "09ae6f2cbc6d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 14-79083391-79083467 PNNN RT(1700497064296 3653) q(0 0 0 -1) r(1 1) U24
x-host-name: AWSPRDWEB13
accept-ranges: bytes
content-length: 2574

GET
H2 200 Home Show response
myaccount.presstelegram.com/api/Application/Configuration/ 8 KB
8 KB 150ms
149ms XHR
application/json 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/api/Application/Configuration/Home?includeBenefits=true
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/polyfills-es2015.f860137831055eae683a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Kestrel / ASP.NET
Resource Hash: 0317e82870408f4786bb1351c02ee73a4debe4afece264c32ff740d31318d433

Request headers

Pragma: no-cache
X-MediaGroupCode: MNG
X-PaperCode: lbpt
X-Version: 3.16.2
X-ClientCode: LBPT
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json
Access-Control-Allow-Origin: *
Accept: application/json, text/plain, */*
Referer: https://myaccount.presstelegram.com/

Response headers

x-iinfo: 14-79083391-79083467 PNNN RT(1700497064296 3783) q(0 0 0 -1) r(2 2) U24
date: Mon, 20 Nov 2023 16:17:48 GMT
server: Kestrel
x-host-name: AWSPRDWEB13
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8

GET
H2 200 Layout Show response
myaccount.presstelegram.com/api/Application/Configuration/ 58 KB
59 KB 171ms
170ms XHR
application/json 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/api/Application/Configuration/Layout
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/polyfills-es2015.f860137831055eae683a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Kestrel / ASP.NET
Resource Hash: 9a801ff43a8b5b13b319c559b692615f641c9b7541fb576e40ffe9fe36cbf802

Request headers

Pragma: no-cache
X-MediaGroupCode: MNG
X-PaperCode: lbpt
X-Version: 3.16.2
X-ClientCode: LBPT
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json
Access-Control-Allow-Origin: *
Accept: application/json, text/plain, */*
Referer: https://myaccount.presstelegram.com/lbpt/home

Response headers

x-iinfo: 14-79083391-79083467 PNNN RT(1700497064296 4003) q(0 1 1 -1) r(2 2) U24
date: Mon, 20 Nov 2023 16:17:49 GMT
server: Kestrel
x-host-name: AWSPRDWEB13
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8

GET
H2 200 96-es2015.90b14e85e21f3eca4b44.js Show response
myaccount.presstelegram.com/ 7 KB
3 KB 126ms
125ms Script
application/javascript 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/96-es2015.90b14e85e21f3eca4b44.js
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/runtime-es2015.bd7f940febebf2e5014a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3fa075c4dbd8bf6e052ca8af5d6ceaf413c3ce08df28c3f65a4c7ee9246e7f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/lbpt/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:49 GMT
content-encoding: gzip
last-modified: Fri, 04 Aug 2023 12:05:26 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "0c717f4cbc6d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 14-79083391-79083464 PNNN RT(1700497064296 4014) q(0 0 0 -1) r(1 1) U24
x-host-name: AWSPRDWEB13
accept-ranges: bytes
content-length: 2539

GET
H2 200 manifest.json Show response
myaccount.presstelegram.com/ 2 KB
2 KB 125ms
125ms XHR
application/json 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/manifest.json
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/polyfills-es2015.f860137831055eae683a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8cd19f16c1b03dd7fdd38f89dce369b3a6209228f5cea2b1972b7b7a52242199

Request headers

Pragma: no-cache
X-MediaGroupCode: MNG
X-PaperCode: lbpt
X-Version: 3.16.2
X-ClientCode: LBPT
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json
Access-Control-Allow-Origin: *
Accept: application/json, text/plain, */*
Referer: https://myaccount.presstelegram.com/lbpt/home

Response headers

date: Mon, 20 Nov 2023 16:17:49 GMT
last-modified: Fri, 04 Aug 2023 12:05:26 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "0c717f4cbc6d91:0"
x-powered-by: ASP.NET
content-type: application/json
x-iinfo: 14-79083391-79083402 PNNN RT(1700497064296 4019) q(0 0 0 -1) r(1 1) U24
x-host-name: AWSPRDWEB13
accept-ranges: bytes
content-length: 1648

GET
H2 200 112-es2015.0ad86911eb36d6252b21.js Show response
myaccount.presstelegram.com/ 539 B
958 B 133ms
132ms Script
application/javascript 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/112-es2015.0ad86911eb36d6252b21.js
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/runtime-es2015.bd7f940febebf2e5014a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 67ccf5266ef65ca1b4b542615deaeacddacd1f8060c72911495719249e335eba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/lbpt/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:49 GMT
last-modified: Fri, 04 Aug 2023 12:05:24 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "09ae6f2cbc6d91:0"
x-powered-by: ASP.NET
content-type: application/javascript
x-iinfo: 14-79083391-79083469 PNNN RT(1700497064296 4022) q(0 0 0 -1) r(1 1) U24
x-host-name: AWSPRDWEB13
accept-ranges: bytes
content-length: 539

GET
H2 200 108-es2015.5a0e353fa60d384c408a.js Show response
myaccount.presstelegram.com/ 7 KB
2 KB 137ms
137ms Script
application/javascript 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/108-es2015.5a0e353fa60d384c408a.js
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/runtime-es2015.bd7f940febebf2e5014a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ee08a4cd3bc27fdb552e35c65098fd6139e17dcd30c65a53028072e41c28129c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/lbpt/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:49 GMT
content-encoding: gzip
last-modified: Fri, 04 Aug 2023 12:05:24 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "09ae6f2cbc6d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 14-79083391-79083471 PNNN RT(1700497064296 4027) q(0 0 0 -1) r(1 1) U24
x-host-name: AWSPRDWEB13
accept-ranges: bytes
content-length: 1848

GET
H2 200 97-es2015.463f9d213029e88a46e4.js Show response
myaccount.presstelegram.com/ 715 B
1 KB 139ms
139ms Script
application/javascript 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/97-es2015.463f9d213029e88a46e4.js
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/runtime-es2015.bd7f940febebf2e5014a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e2c7b603236d4c570f08af92b8fe033883de2999c13c8f9ffbefa590b2c1b689

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/lbpt/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:49 GMT
last-modified: Fri, 04 Aug 2023 12:05:26 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "0c717f4cbc6d91:0"
x-powered-by: ASP.NET
content-type: application/javascript
x-iinfo: 14-79083391-79083462 PNNN RT(1700497064296 4034) q(0 0 0 -1) r(1 1) U24
x-host-name: AWSPRDWEB13
accept-ranges: bytes
content-length: 715

GET
H2 200 Messaging Show response
myaccount.presstelegram.com/api/ 69 B
472 B 158ms
158ms XHR
application/json 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/api/Messaging?locationCode=home
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/polyfills-es2015.f860137831055eae683a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Kestrel / ASP.NET
Resource Hash: 3ed8a428dec1fcca37826ed19ca6f8a82d490606ff64684c77de64bd43b56efb

Request headers

Pragma: no-cache
X-MediaGroupCode: MNG
X-PaperCode: lbpt
X-Version: 3.16.2
X-ClientCode: LBPT
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json
Access-Control-Allow-Origin: *
Accept: application/json, text/plain, */*
Referer: https://myaccount.presstelegram.com/lbpt/home

Response headers

x-iinfo: 14-79083391-79083469 PNNN RT(1700497064296 4119) q(0 0 0 -1) r(1 1) U24
date: Mon, 20 Nov 2023 16:17:49 GMT
server: Kestrel
x-host-name: AWSPRDWEB13
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK E-edition_anchor_image_1623x1080.jpg
s3.amazonaws.com/cms.mngcep/ 521 KB
521 KB 337ms
128ms Image
image/jpeg 52.217.124.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cms.mngcep/E-edition_anchor_image_1623x1080.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f650292931d9814688bc5c0f97574563290995b4670154bdf30d605394de2534

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 20 Nov 2023 16:17:50 GMT
x-amz-meta-imageid: 123
Last-Modified: Tue, 27 Oct 2020 23:16:13 GMT
Server: AmazonS3
x-amz-request-id: 14138Y70R9731AAP
ETag: "6170c5cd9799966ec06ddad7e0702851"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 533161
x-amz-id-2: BfnEHY8bjNzToqyQVqAWqMRNfFYMTBePrHyN1Xo3io/tYC0+6oaz/1iOw6B/Sxr/+VIC15da5Uw=

GET
H/1.1 200
OK reader_rewards_anchor_image_1623x1080.jpg
s3.amazonaws.com/cms.mngcep/ 647 KB
647 KB 347ms
123ms Image
image/jpeg 52.217.124.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cms.mngcep/reader_rewards_anchor_image_1623x1080.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 963e13e863dc0545ea108a42a746f291aa144e2eb7ae03aed3afdb8cb7e70f37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 20 Nov 2023 16:17:50 GMT
x-amz-meta-imageid: 123
Last-Modified: Tue, 27 Oct 2020 23:43:39 GMT
Server: AmazonS3
x-amz-request-id: 141192EMREV98XX2
ETag: "99e0066360254de3e501fed58ba48db2"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 662350
x-amz-id-2: uiyNPZb4LL2WM0WCw80f7UL7oSyqIVAZLVzuqg1gf/T1ZaHz+qvm7vRxDDlp2W914s7KsNXM43A=

GET
H/1.1 200
OK subscriber_website_benefits_image_games-1_1623x1080.jpg
s3.amazonaws.com/cms.mngcep/ 386 KB
386 KB 369ms
144ms Image
image/jpeg 52.217.124.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cms.mngcep/subscriber_website_benefits_image_games-1_1623x1080.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bf41dbfbba35a05ddf8101e562706e90e16d064ff2d137969d428597f4e9752a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 20 Nov 2023 16:17:50 GMT
x-amz-meta-imageid: 123
Last-Modified: Fri, 15 Jan 2021 00:19:04 GMT
Server: AmazonS3
x-amz-request-id: 14168257DE1MTNSQ
ETag: "051f3036ab3a5bd1c0d4390f98194969"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 395321
x-amz-id-2: nt5UQhAzlPKzYMFzRezt5RYeht3ntLDu5zoM7rWQ4nvhYiRNO3gTqFRJR8utljyyAYO1pWHZPTs=

GET
H2 200 107-es2015.36f88dbf86a4af418e0d.js Show response
myaccount.presstelegram.com/ 2 KB
3 KB 124ms
123ms Script
application/javascript 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.presstelegram.com/107-es2015.36f88dbf86a4af418e0d.js
Requested by: Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/runtime-es2015.bd7f940febebf2e5014a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7b6786a543599c89350f98c49b8fde45516454ffcd5596952864836ec7ac36cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/lbpt/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:49 GMT
last-modified: Fri, 04 Aug 2023 12:05:24 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "09ae6f2cbc6d91:0"
x-powered-by: ASP.NET
content-type: application/javascript
x-iinfo: 14-79083391-79083467 PNNN RT(1700497064296 4172) q(0 0 0 -1) r(1 1) U24
x-host-name: AWSPRDWEB13
accept-ranges: bytes
content-length: 2459

GET
H/1.1 200
OK SCNG_property_logos_620x76_LBPT.png
s3.amazonaws.com/cms.mngcep/ 12 KB
13 KB 322ms
119ms Image
image/png 52.217.124.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cms.mngcep/SCNG_property_logos_620x76_LBPT.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c64042017a82d8b0541d76495f92d7292a670c929ed3462bb658bc3e4ddfe8b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 20 Nov 2023 16:17:50 GMT
x-amz-meta-imageid: 123
Last-Modified: Tue, 06 Oct 2020 22:35:07 GMT
Server: AmazonS3
x-amz-request-id: 1410G3EMY2EA7RPE
ETag: "4f00011e107f821ff6134a382feac47e"
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 12611
x-amz-id-2: LM+asEB/tjL3qfzAnyy/fdoE1dS4siamHrz+yXHT4dELV+lXqMAiYjQBMNUqGUVl44++LSboXJ8=

GET
H/1.1 200
OK subscriber_website_slideshow_no-button_1623x1080-1.jpg
s3.amazonaws.com/cms.mngcep/ 537 KB
537 KB 426ms
112ms Image
image/jpeg 52.217.124.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cms.mngcep/subscriber_website_slideshow_no-button_1623x1080-1.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8af52606daaf9164881e1d83ff4ca9ccf0e08db4eedfa766d0d9ff7c5014c015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 20 Nov 2023 16:17:50 GMT
x-amz-meta-imageid: 123
Last-Modified: Thu, 10 Dec 2020 18:08:05 GMT
Server: AmazonS3
x-amz-request-id: 1416AX6VYF5M2AHS
ETag: "53bf8d704c22e21b38988f381f4d07fb"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 549400
x-amz-id-2: X5NvSJK7t9H00S4GeWJ8LVH8pSq2GdFfGEK1KLQY1wSTuW9PhXJ/PhkOkquEy+4JBMmGhFObyI4=

GET
H/1.1 200
OK subscriber_website_slideshow_no-button_1623x1080-2.jpg
s3.amazonaws.com/cms.mngcep/ 873 KB
873 KB 814ms
111ms Image
image/jpeg 52.217.124.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cms.mngcep/subscriber_website_slideshow_no-button_1623x1080-2.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 29243df21c54501f89cebea96592a3e10bb428a53d84f877c340c754a9527f7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 20 Nov 2023 16:17:51 GMT
x-amz-meta-imageid: 123
Last-Modified: Thu, 10 Dec 2020 18:08:05 GMT
Server: AmazonS3
x-amz-request-id: 61XENQ0864HCT4K3
ETag: "26df140025ddcce000d9885c2e5f46e0"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 893756
x-amz-id-2: S31jPf8Hm6Vahn4EX5vw5/mytAz8u9vdsgAcqWJi7BcWJ8MeEKFN0kcNAaku8enaWV4V2D4yCJc=

GET
H/1.1 200
OK subscriber_website_slideshow_no-button_1623x1080-3.jpg
s3.amazonaws.com/cms.mngcep/ 671 KB
671 KB 281ms
124ms Image
image/jpeg 52.217.124.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cms.mngcep/subscriber_website_slideshow_no-button_1623x1080-3.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a7537ae95af1ebe561dd611d0caa8f1ca3cfceeadcd931a446e571255ec1a44f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 20 Nov 2023 16:17:50 GMT
x-amz-meta-imageid: 123
Last-Modified: Thu, 10 Dec 2020 18:08:07 GMT
Server: AmazonS3
x-amz-request-id: 1416XHCJ9ZPDE48D
ETag: "5252ff554409dce3e33ba47eb7892ccf"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 687188
x-amz-id-2: UIX60Nw5MTvZHFvi/RB6kW3FtDjz576coi4wCSWAbAsmkrszhzyjaKHEJltoD/qELSdQSOGYjlM=

GET
H/1.1 200
OK F-reader_rewards_slideshow_image_1623x1080.jpg
s3.amazonaws.com/cms.mngcep/ 377 KB
378 KB 292ms
130ms Image
image/jpeg 52.217.124.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cms.mngcep/F-reader_rewards_slideshow_image_1623x1080.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 39e0ffc9a4ed8d364f787dcfe9e6779ac8bd6a0dc99ad59ef97777bea85b337c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 20 Nov 2023 16:17:50 GMT
x-amz-meta-imageid: 123
Last-Modified: Fri, 04 Dec 2020 22:55:22 GMT
Server: AmazonS3
x-amz-request-id: 1418TX3TMWBVM8EF
ETag: "0dff8083bedb2170f1bf12d24bba71b3"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 386430
x-amz-id-2: z05wuzj0J6P5ndkPSzA8CZnaSkTQDgtc8sTvRW7yF18B6LZ18tnJy3KVeRb9jCqNiFPsO8QN0sA=

GET
DATA 200
OK truncated
/ 137 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 137 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://myaccount.presstelegram.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 08:19:37 GMT
x-content-type-options: nosniff
age: 201492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 08:19:37 GMT

GET
H2 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://myaccount.presstelegram.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 11:02:09 GMT
x-content-type-options: nosniff
age: 191740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15764
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 11:02:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://myaccount.presstelegram.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 257908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 16:39:21 GMT

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 26 KB
10 KB 207ms
103ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=43776991

Requested by

Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/107-es2015.36f88dbf86a4af418e0d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

9bc49e2d077ff3ee73f6c2ea5275a53bd78c3815f98f67ff06a1e48b43f28d9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 26 Sep 2023 18:59:22 GMT
server: ws
etag: "65132a0a-2494"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 9364

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/43776991/configuration/applications/taglets/ 336 KB
118 KB 47ms
46ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/43776991/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Requested by

Host: myaccount.presstelegram.com
URL: https://myaccount.presstelegram.com/107-es2015.36f88dbf86a4af418e0d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

0acfb72187c02183ee055a0ee625b01f257f455615455085a53d6d02183e2386

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: HIT
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/43776991/configuration/setting/accountproperties/ 7 KB
3 KB 163ms
41ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/43776991/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/43776991/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

e993792999076dbdec72a33c6e816a85a6c8a4daafd344f44da4fcd1a935b8b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:49 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Mon, 20 Nov 2023 16:18:49 GMT

GET
H2 200 ui-framework.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.32.1.0-release_5645/ 40 KB
13 KB 32ms
9ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.32.1.0-release_5645/ui-framework.js?version=10.32.1.0-release_5645
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/43776991/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:01:40 GMT
content-encoding: br
age: 1019769
x-guploader-uploadid: ABPtcPrsCcnMRbpbfB--fxDMBJE4SApNnPb6rxGGDTrWvzEZF1f_zLdl3QlsvikBjCjt_TkgHvcUMxE7hhsJ24v8F3l_Bw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12476
last-modified: Tue, 07 Nov 2023 01:55:01 GMT
server: UploadServer
etag: W/"0dfc7fa7d2051d776d5937b7a3a7c4dd"
vary: Accept-Encoding
x-goog-generation: 1699322101586518
x-goog-hash: crc32c=wefPQw==, md5=Dfx/p9IFHXdtWTe3o6fE3Q==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 40455
accept-ranges: none
content-type: application/javascript

GET
H2 200 UMSClientAPI.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.32.1.0-release_5645/ 92 KB
25 KB 34ms
11ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.32.1.0-release_5645/UMSClientAPI.min.js?version=10.32.1.0-release_5645
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/43776991/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0147f47c377f527213ad86617cd97003a1652f09a8297b40c71909a047773f3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:30:11 GMT
content-encoding: br
age: 726458
x-guploader-uploadid: ABPtcPqubiiBwiBtW9Y8ZeSdOc8HcXbOoDJW070ZI13-eWNM-dkGNU8GQQ_d9NaD2MyaYr0n1q5rC_C-XX5HwhVwftjyqQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25676
last-modified: Tue, 07 Nov 2023 01:55:01 GMT
server: UploadServer
etag: W/"7fb4974247d2a2e8ce75a3aefb112fa9"
vary: Accept-Encoding
x-goog-generation: 1699322100978566
x-goog-hash: crc32c=4R09mA==, md5=f7SXQkfSoujOdaOu+xEvqQ==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 93785
accept-ranges: none
content-type: application/javascript

GET
H2 200 lpChatV3.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.32.1.0-release_5645/ 92 KB
26 KB 39ms
16ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.32.1.0-release_5645/lpChatV3.min.js?version=10.32.1.0-release_5645
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/43776991/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b151e0b00168160cb1ab2d58d07a13b36fdb791298c803f150be651ba6dc9e6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 03:55:35 GMT
content-encoding: br
age: 649334
x-guploader-uploadid: ABPtcPpInVl1NR1Y1liWXCcSzGw2digJrUXcWx50R1G8YhU1uMyhkbe3kU-UCEgCvXg9-MDCtcOst4oZRb4HNnvK6RanxQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26341
last-modified: Tue, 07 Nov 2023 01:55:01 GMT
server: UploadServer
etag: W/"2f7386d51b65bcdb473a083b0135def5"
vary: Accept-Encoding
x-goog-generation: 1699322101113797
x-goog-hash: crc32c=FYDoIQ==, md5=L3OG1RtlvNtHOgg7ATXe9Q==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 94128
accept-ranges: none
content-type: application/javascript

GET
H2 200 surveylogicinstance.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.32.1.0-release_5645/ 8 KB
3 KB 33ms
10ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.32.1.0-release_5645/surveylogicinstance.min.js?version=10.32.1.0-release_5645
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/43776991/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 02:00:08 GMT
content-encoding: br
age: 1174661
x-guploader-uploadid: ABPtcPrQR0GN5VJA3YP60eN7otUgveJ2NvCoJmqek4SukreucGBtwjtfnsQ-LFCwdehYZCvaZ9Wr9CaLX3NVr1YP3iUJEDrpcucd
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2377
last-modified: Tue, 07 Nov 2023 01:55:01 GMT
server: UploadServer
etag: W/"d53092c1d6e0a7a3d1bb802c67a6e1e9"
vary: Accept-Encoding
x-goog-generation: 1699322101546912
x-goog-hash: crc32c=GIGCsg==, md5=1TCSwdbgp6PRu4AsZ6bh6Q==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 7866
accept-ranges: none
content-type: application/javascript

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/43776991/configuration/le-campaigns/ 2 KB
1 KB 138ms
23ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/43776991/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/43776991/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

751050cbcc7282bade759aed04987f26659baca9792e066447875cc67ea388eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:49 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Mon, 20 Nov 2023 16:18:49 GMT

GET
H2 200 desktopEmbedded.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.32.1.0-release_5645/ 1 MB
252 KB 9ms
8ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.32.1.0-release_5645/desktopEmbedded.js?version=10.32.1.0-release_5645
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/43776991/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a598f2acfc8bb234bed22a701d461190170bc572fa4466e71609695dad82a1f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:53 GMT
content-encoding: br
age: 647156
x-guploader-uploadid: ABPtcPqavzuIp66liF54aAkPxV2opVMv2QqLyEmOUTn9TszkOE97TFzGLMeiyEuYsNTVqPuS5ExmLk6R6kVsYCOKOroMDpMg4bhG
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257927
last-modified: Tue, 07 Nov 2023 01:55:01 GMT
server: UploadServer
etag: W/"9c7dce3f4ce5e44e26c7d7e30abb8b8b"
vary: Accept-Encoding
x-goog-generation: 1699322101746658
x-goog-hash: crc32c=cCZ7mQ==, md5=nH3OP0zl5E4mx9fjCruLiw==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1065080
accept-ranges: none
content-type: application/javascript

GET
H3 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.24.0.0-release_5105/ Frame CD20 46 KB
15 KB 8ms
8ms Document
text/html 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.24.0.0-release_5105/storage.secure.min.html?loc=https%3A%2F%2Fmyaccount.presstelegram.com&site=43776991&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/43776991/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9f837a298161cf85d750b8a60b01d21ad05cd27d819e559c3c195cdc1bfcea4d

Request headers

Referer: https://myaccount.presstelegram.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
age: 258313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 15774
content-type: text/html
date: Fri, 17 Nov 2023 16:32:36 GMT
etag: W/"a1f408f9efc51a8fc3f1f8c99821b3a5"
last-modified: Fri, 03 Nov 2023 01:15:32 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1698974132099518
x-goog-hash: crc32c=C/e1/Q== md5=ofQI+e/FGo/D8fjJmCGzpQ==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 46689
x-guploader-uploadid: ABPtcPo8uZzUZEIQi2gNJsJgoBi48y8OXqb7k4H89DFIGeJcBfVJlqDSlw4cSXjpgYBEjHudmA

GET
H3 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.24.0.0-release_5105/ 42 KB
14 KB 8ms
7ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.24.0.0-release_5105/storage.secure.min.js?loc=https%3A%2F%2Fmyaccount.presstelegram.com&site=43776991&force=1&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/43776991/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: efb839bd16a9762619cdbc70de6bc578182a08364712c884052a6f76b1098ebe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 01:53:28 GMT
content-encoding: br
age: 1520661
x-guploader-uploadid: ABPtcPp6EdrgfE9qTy1Jb2S5Dj-6DBXHtNfsu7BrshN-g33XsNlIWaSSVnMfpcJAQPk94ML7puz4i6kHD55LraNsVsUS5g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14596
last-modified: Fri, 03 Nov 2023 01:15:32 GMT
server: UploadServer
etag: W/"9f99927e29038fcd79032e9d2d784ff0"
vary: Accept-Encoding
x-goog-generation: 1698974132108054
x-goog-hash: crc32c=jcXG8w==, md5=n5mSfikDj815Ay6dLXhP8A==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 42929
accept-ranges: none
content-type: application/javascript

GET
H2 200 refererrestrictions Show response
accdn.lpsnmedia.net/api/account/43776991/configuration/domainprotection/ Frame CD20 113 B
1 KB 117ms
117ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/43776991/configuration/domainprotection/refererrestrictions?cb=lpCb79789x82709

Requested by

Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.24.0.0-release_5105/storage.secure.min.html?loc=https%3A%2F%2Fmyaccount.presstelegram.com&site=43776991&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

650551b694fe15f203a1e64c7fd2b2bb32b49c1c1fb33082b71d70f1a8ad5cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lpcdn.lpsnmedia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:50 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: MISS
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
x-envoy-upstream-service-time: 95
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 postmessage.min.html Show response
va.idp.liveperson.net/postmessage/ Frame 6030 11 KB
5 KB 393ms
93ms Document
text/html 208.89.15.170
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1700497070991&loc=https%3A%2F%2Fmyaccount.presstelegram.com

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/43776991/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.15.170 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.idp.liveperson.net

Software

ws /

Resource Hash

c8cd0b0d514cecdaf4e7214325a70bba9bae301e156265bd0d880f9065d1d183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://myaccount.presstelegram.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
content-encoding: gzip
content-type: text/html
date: Mon, 20 Nov 2023 16:17:51 GMT
etag: W/"5f2ff440-2a51"
last-modified: Sun, 09 Aug 2020 13:04:00 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 authorize Show response
va.idp.liveperson.net/api/account/43776991/anonymous/ Frame 6030 678 B
2 KB 192ms
189ms XHR
application/json 208.89.15.170
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.idp.liveperson.net/api/account/43776991/anonymous/authorize?__d=19073

Requested by

Host: va.idp.liveperson.net
URL: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1700497070991&loc=https%3A%2F%2Fmyaccount.presstelegram.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.15.170 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.idp.liveperson.net

Software

ws /

Resource Hash

61dded6bb22e7d5f93222bdea6687953c7806712b27ee2ace2545c0e0c68bce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

LP-DOMAIN-REFERER: https://myaccount.presstelegram.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json; charset=UTF-8
Accept: */*
Referer: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1700497070991&loc=https%3A%2F%2Fmyaccount.presstelegram.com
X-Requested-With: XMLHttpRequest
LP-URL: https://myaccount.presstelegram.com/lbpt/home

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 16:17:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/json
access-control-allow-origin: https://va.idp.liveperson.net
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
content-length: 678

GET
H2 200 43776991 Show response
va.v.liveperson.net/api/js/ 242 B
1 KB 941ms
609ms Script
application/javascript 208.89.12.87

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/43776991?&cb=lpCb55046x53079&t=sp&ts=1700497070980&pid=440714903&tid=1556531552&pt=Access%20your%20account&u=https%3A%2F%2Fmyaccount.presstelegram.com%2Flbpt%2Fhome&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%22bfc6cf85-78aa-4f9a-86cf-8578aa4f9af5%22%2C%22account%22%3A%2243776991%22%7D%5D

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/43776991/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

34cc491e3c6f31ffd7c442a0113385dcbcf4dafcf7c5255439eaae9a1ceae6b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2N0VXCDHTW&gtm=45je3b81v9119563602&_p=1700497067307&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1951849027.1700497068&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&sid=1700497067&sct=1&seg=0&dl=https%3A%2F%2Fmyaccount.presstelegram.com%2F&dt=&_s=2&tfd=7645
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2N0VXCDHTW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.presstelegram.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 16:17:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://myaccount.presstelegram.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 43776991 Show response
va.v.liveperson.net/api/js/ 111 B
900 B 97ms
97ms Script
application/javascript 208.89.12.87

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/43776991?sid=00uXspN4Td2VufXuAQt48A&cb=lpCb24688x38241&t=pl&ts=1700497071717&pid=440714903&tid=1556531552&vid=hkNGYxMjRiYmQ4NWM2NGY0

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/43776991/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

1a8b4be5c67c300333e6250bb055ebfca96b6ffd71537ccd9397c8a8dbe36d99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.presstelegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:17:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: secure.quantserve.com
URL: https://secure.quantserve.com/pixel/undefined.gif

Domain: sb.scorecardresearch.com
URL: https://sb.scorecardresearch.com/p?c1=2&c2=undefined

Domain
URL: https://xn--m869-376a.xn--presstelegram-1k6g.com/script.js

Verdicts & Comments Add Verdict or Comment

251 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.listrakbi.com/AUjk900vfCG0	1970-01-21 01:57:37	Name: gsid Value: IQvDYgd4QrMaQrrcce2LGoAMhXcO0dSYovJVkIxkZSwXm50BwY7ZyC7bArRU6WP3aphCqZTEItg%3d
.presstelegram.com/	1970-01-21 01:06:15	Name: visid_incap_2811187 Value: kCP4VEkgQWCytvgz+lV6QaiGW2UAAAAAQUIPAAAAAAA7n0fNxuh0SE0YbhCaxXPC
.presstelegram.com/	1969-12-31 23:59:59	Name: nlbi_2811187 Value: bQyCGRegHCYyEpu3Be4R/gAAAACGJzHIwVOfisFc96YvEfxB
.presstelegram.com/	1969-12-31 23:59:59	Name: incap_ses_260_2811187 Value: mKNZHXaAvUVZsX9iSbWbA6iGW2UAAAAAIjcc9HPIEGhhboFMOzqREg==
.presstelegram.com/	1970-01-20 18:31:13	Name: _gcl_au Value: 1.1.1248585797.1700497067
.quantserve.com/	1970-01-21 01:51:51	Name: mc Value: 655b86ab-6963c-c5882-66976
.presstelegram.com/	1970-01-21 01:57:37	Name: _ga Value: GA1.2.1951849027.1700497068
.presstelegram.com/	1970-01-20 16:23:03	Name: _gid Value: GA1.2.353539577.1700497068
.presstelegram.com/	1970-01-20 16:21:37	Name: _gat_UA-61435456-15 Value: 1
.presstelegram.com/	1970-01-20 16:21:37	Name: _gat_UA-61435456-39 Value: 1
s1.listrakbi.com/	1970-01-20 16:31:41	Name: AWSALBCORS Value: wrqW+C/wLrRNeXrmGGsgjKgRcbLjA2KfK2SWtBcPvDUlxa0j/I1CUDxaJuHdmUdgPRP6qg49wjVeGhyOKGTjcsP3RQtYtLo6toRNbydOIwQqN7tNxY/zDeAEnIxN
.listrakbi.com/	1970-01-20 18:31:13	Name: usid Value: 5ba2004210654d06b94b718fbd263253
.presstelegram.com/	1969-12-31 23:59:59	Name: ltkpopup-session-depth Value: 1-2
.presstelegram.com/	1970-01-21 01:57:37	Name: GSIDAUjk900vfCG0 Value: b7c91d87-86fe-4ae1-8ed8-f068cb81d7d7
mng-prod.auth0.com/	1970-01-21 01:07:34	Name: did Value: s%3Av0%3A589f9cb0-87c0-11ee-9e2c-2186ff176775.Q4HjWy13qfD6C70lfmfBTnpXYv5gkUcNKTlwlH8kw2I
myaccount.presstelegram.com/	1970-01-20 16:31:41	Name: AWSALB Value: A39xbsC76nfxCvErcnDF6PVxvYRqtgmsc7+Jl9/uAUPK5H0ojO2t4BGzSnOFiIeLsSoWfaFQ5CLmLgToxo9ZuuhK9cHvQnPAks0LIX4ziBoXZ1g926chMvAb6jyN
myaccount.presstelegram.com/	1970-01-20 16:31:41	Name: AWSALBCORS Value: A39xbsC76nfxCvErcnDF6PVxvYRqtgmsc7+Jl9/uAUPK5H0ojO2t4BGzSnOFiIeLsSoWfaFQ5CLmLgToxo9ZuuhK9cHvQnPAks0LIX4ziBoXZ1g926chMvAb6jyN
.presstelegram.com/	1970-01-21 01:57:37	Name: _ga_2N0VXCDHTW Value: GS1.1.1700497067.1.1.1700497070.57.0.0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R(Line 680) Message: The resource at https://m869‌.presstelegram‌.com/script.js contains IDNA Deviation Characters. The hostname for this URL (m869‌.presstelegram‌.com) might point to a different IP address after https://chromestatus.com/feature/5105856067141632. Make sure you are using the correct host name.
network	error	URL: https://sb.scorecardresearch.com/p?c1=2&c2=undefined Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://secure.quantserve.com/pixel/undefined.gif Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://xn--m869-376a.xn--presstelegram-1k6g.com/script.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
b-code.liadm.com
cdn.confiant-integrations.net
cdn.listrakbi.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lpcdn.lpsnmedia.net
lptag.liveperson.net
mng-prod.auth0.com
myaccount.presstelegram.com
region1.analytics.google.com
s1.listrakbi.com
s3.amazonaws.com
sb.scorecardresearch.com
secure.quantserve.com
stats.g.doubleclick.net
va.idp.liveperson.net
va.v.liveperson.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com

sb.scorecardresearch.com
secure.quantserve.com

107.154.76.234
13.32.27.115
13.32.99.105
13.32.99.89
172.64.146.207
178.249.97.23
178.249.97.99
18.66.130.11
18.66.97.121
2001:4860:4802:32::36
208.89.12.87
208.89.15.170
2600:9000:225e:d400:8:8845:1500:93a1
2606:4700:4400::6812:2b5a
2606:4700::6810:d8f1
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:811::200e
2a00:1450:4001:813::200a
2a00:1450:4001:827::2004
2a00:1450:4001:82b::2003
2a00:1450:400c:c06::9b
34.120.154.120
52.217.124.56
0147f47c377f527213ad86617cd97003a1652f09a8297b40c71909a047773f3a
0317e82870408f4786bb1351c02ee73a4debe4afece264c32ff740d31318d433
0acfb72187c02183ee055a0ee625b01f257f455615455085a53d6d02183e2386
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
0cb2602f766e34b3a1cfe4aec0ace43d8d8197abb402fbb325a2c7820f99c5d2
0e6759cf551ce1d2658665f94de7ea80f7c7410c1ac58f4941c4c3193a84ac1b
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
1a8b4be5c67c300333e6250bb055ebfca96b6ffd71537ccd9397c8a8dbe36d99
21909e20a233ed5b4316af05e76a19e0f53e3fc46aa9488035cac2f09bb9cb30
252a474463afcb5cc0ea0db3e9520fd8e0b90ccd20292fa8058deb0d875572bb
29243df21c54501f89cebea96592a3e10bb428a53d84f877c340c754a9527f7b
2ab5f4a3b0a88c731e3564e0431a9047c34949762c7c5ef596fdc60b3659a044
2de07fe96902d5a2aef105c0a5c45c7b4449bc478df7acca2fd5ee48dcc07a46
34cc491e3c6f31ffd7c442a0113385dcbcf4dafcf7c5255439eaae9a1ceae6b1
39e0ffc9a4ed8d364f787dcfe9e6779ac8bd6a0dc99ad59ef97777bea85b337c
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
3ed8a428dec1fcca37826ed19ca6f8a82d490606ff64684c77de64bd43b56efb
3f31a47538da87ba904705dbec91421a61a3d2eca0fc275798cd644659525b1b
3fa075c4dbd8bf6e052ca8af5d6ceaf413c3ce08df28c3f65a4c7ee9246e7f4a
490da689a39d9f676bc795eba9c986c8ffce3a81f0580932415b38cb0ea12927
49aedf4c41704ec44b54b22f700b5bda2b5ad93a954aab6e604b28319be51eba
4af7746ed402fe791c6d5d890b422a19ade5bd4e78786567f561b68db8cc8e28
53fcbdb394dab3494945cd64fbd897b641057715860ee624ec0d3c5e701edac2
56030e57821f8337984a513b2ae9de889b10247a8b2f220f089957cc28ae05f2
6154ba5d1f81523aa17e0e480bfc263b683ed8242d29db812bfe884370938391
61dded6bb22e7d5f93222bdea6687953c7806712b27ee2ace2545c0e0c68bce9
64712f9665d4d4a47625a65edb9d01650f9bdb8fbcb90f1e632cc68e939e03cd
650551b694fe15f203a1e64c7fd2b2bb32b49c1c1fb33082b71d70f1a8ad5cf7
67ccf5266ef65ca1b4b542615deaeacddacd1f8060c72911495719249e335eba
6b8de31d386e037508a5e26325013a25ae66a90078d6a07027ef003ff5b48dcb
751050cbcc7282bade759aed04987f26659baca9792e066447875cc67ea388eb
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
7b6786a543599c89350f98c49b8fde45516454ffcd5596952864836ec7ac36cc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85177f35eeec980d8c3a2e4c110eade595093e05aabb4c68c90caa9688832e4b
8af52606daaf9164881e1d83ff4ca9ccf0e08db4eedfa766d0d9ff7c5014c015
8cd19f16c1b03dd7fdd38f89dce369b3a6209228f5cea2b1972b7b7a52242199
8daccabf5b7c9722992275629fef99873b58c9a9999fdf52aaf1f917932bc69a
8db2bc789169baddffdc9bb0c7ec64cfdc763125b0b307f7b069be21c8be6619
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
963e13e863dc0545ea108a42a746f291aa144e2eb7ae03aed3afdb8cb7e70f37
9a801ff43a8b5b13b319c559b692615f641c9b7541fb576e40ffe9fe36cbf802
9bc49e2d077ff3ee73f6c2ea5275a53bd78c3815f98f67ff06a1e48b43f28d9a
9f837a298161cf85d750b8a60b01d21ad05cd27d819e559c3c195cdc1bfcea4d
a2b57109a58d9f80f23958f91793d41087b7cdf3178d94891b5f447960723288
a50d658d96c12418aa345d5ae3bbbe84af30f286db3f0e431758ca436ff0f4cf
a598f2acfc8bb234bed22a701d461190170bc572fa4466e71609695dad82a1f4
a7537ae95af1ebe561dd611d0caa8f1ca3cfceeadcd931a446e571255ec1a44f
a781901393bd19811bef7ec44fe3715212110370a565ce384ff8a902de5eaf3e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afca62e28a5f2940b66823b7700cd3f0af957b52320ba188bb4295c4d10a7abd
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0512ff1ecca4eeaa79eabd6f059915e9cec84022c2f78519acf20d942b628e0
b151e0b00168160cb1ab2d58d07a13b36fdb791298c803f150be651ba6dc9e6d
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381
b5f77388ccc44500760f931d7bd5640158cfe0e492b98f10e8212ad8dd5c776f
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e
bf41dbfbba35a05ddf8101e562706e90e16d064ff2d137969d428597f4e9752a
c537c405703a24dd85bc8c882cc2feeae2a8a4b60aad86b1149e4793f5ce6bdf
c64042017a82d8b0541d76495f92d7292a670c929ed3462bb658bc3e4ddfe8b7
c8cd0b0d514cecdaf4e7214325a70bba9bae301e156265bd0d880f9065d1d183
cd1105822f33ecf96cff973514ea994bc01f59ffd0a6bf0532bdf2d7ab65f9bd
d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e2c7b603236d4c570f08af92b8fe033883de2999c13c8f9ffbefa590b2c1b689
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e642ef04d764d1f3a13ecd0a22817455757094a50ca044892ad5b651a1a27c96
e993792999076dbdec72a33c6e816a85a6c8a4daafd344f44da4fcd1a935b8b8
ee08a4cd3bc27fdb552e35c65098fd6139e17dcd30c65a53028072e41c28129c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb839bd16a9762619cdbc70de6bc578182a08364712c884052a6f76b1098ebe
f12b54a028194f667cefd1dc255cc566fb57e15086d8b6a6c95a574f1bf6e2ed
f35a7a3eb28e1da39e87276b8f75d6203b808e26b63218ffb0be3fd62e0de605
f4483683c68e29e2b5f1f6ab08cb64d11bde1b00b41cc531b982b4e8793302d8
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f650292931d9814688bc5c0f97574563290995b4670154bdf30d605394de2534
f6598392bf4c8040b4a361b8180dd2c273ac1a5974a22cc74c8a140d0b55e322
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8b3ebad97e2d766ff11fcf313b1c0984fe1a9189abe1b24103e5a7a77e85276

myaccount.presstelegram.com Open in urlscan Pro 107.154.76.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

101 Requests

96 %HTTPS

48 %IPv6

19 Domains

26 Subdomains

26 IPs

3 Countries

7268 kBTransfer

10647 kBSize

18 Cookies

2 Outgoing links

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

myaccount.presstelegram.com Open in urlscan Pro
107.154.76.234 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

96 %
HTTPS

48 %
IPv6

19
Domains

26
Subdomains

26
IPs

3
Countries

7268 kB
Transfer

10647 kB
Size

18
Cookies

101 HTTP transactions
2 data transactions