Submitted URL: http://220youtube.ru/
Effective URL: https://presaver.com/1/download
Submission: On April 23 via api from US — Scanned from NL

Summary

This website contacted 37 IPs in 13 countries across 52 domains to perform 136 HTTP transactions. The main IP is 2606:4700:3034::ac43:b14b, located in United States and belongs to CLOUDFLARENET, US. The main domain is presaver.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 4th 2022. Valid for: a year.
This is the only time presaver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 9 2606:4700:303... 13335 (CLOUDFLAR...)
9 19 2a02:6b8:a::a 208722 (GLOBAL_DC)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 149.154.164.13 62041 (TELEGRAM)
2 3 88.212.202.52 39134 (UNITEDNET)
1 12 2a02:6b8::1:119 208722 (GLOBAL_DC)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
15 149.154.167.99 62041 (TELEGRAM)
8 11 95.161.64.99 62041 (TELEGRAM)
8 149.154.164.25 62041 (TELEGRAM)
10 2a02:6b8:20::215 208722 (GLOBAL_DC)
1 22 2a02:6b8::90 208722 (GLOBAL_DC)
1 2a02:6b8::184 208722 (GLOBAL_DC)
1 2a02:6b8::5:114 208722 (GLOBAL_DC)
1 1 35.177.4.157 16509 (AMAZON-02)
3 3 167.235.177.243 24940 (HETZNER-AS)
1 1 193.3.184.211 50214 (QWARTA)
3 4 203.195.121.142 7979 (SERVERS-COM)
1 2 54.167.225.48 14618 (AMAZON-AES)
3 5 18.203.73.89 16509 (AMAZON-02)
1 52.45.175.185 14618 (AMAZON-AES)
3 142.250.181.226 15169 (GOOGLE)
1 82.145.213.8 39832 (NO-OPERA)
1 85.111.6.50 9121 (TTNET)
1 1 2001:6d0:4001... 52016 (ADFACT)
2 37.18.16.16 205675 (HYBRID-AS)
1 2 185.15.175.130 43226 (SAFEDATA ...)
1 1 167.235.33.113 24940 (HETZNER-AS)
1 1 89.108.108.11 197695 (AS-REG)
4 4 217.66.147.37 29209 (SPBMTS-AS...)
2 2 213.87.44.187 13174 (MTSNET Mo...)
1 1 217.65.2.150 3175 (CITYTELEC...)
1 1 23.88.12.14 24940 (HETZNER-AS)
1 1 91.192.149.14 42481 (BEGUN-AS)
2 2 193.232.150.70 48061 (UMA-TECH-AS)
2 2 35.190.24.218 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 31.220.27.155 39572 (ADVANCEDH...)
3 4 95.217.109.66 24940 (HETZNER-AS)
2 81.222.128.214 20597 (ELTEL-AS)
1 87.242.89.90 208677 (SBERCLOUD-AS)
1 31.172.81.159 44066 (DE-FIRSTC...)
1 159.69.59.100 24940 (HETZNER-AS)
1 188.42.105.236 7979 (SERVERS-COM)
2 2 148.251.129.43 24940 (HETZNER-AS)
2 2 89.108.119.43 197695 (AS-REG)
1 1 188.72.107.156 208677 (SBERCLOUD-AS)
1 1 188.72.109.103 208677 (SBERCLOUD-AS)
2 3 142.250.185.130 15169 (GOOGLE)
2 6 2a00:1450:400... 15169 (GOOGLE)
2 6 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
136 37
Apex Domain
Subdomains
Transfer
54 yandex.ru
yandex.ru — Cisco Umbrella Rank: 1306
mc.yandex.ru — Cisco Umbrella Rank: 2437
an.yandex.ru — Cisco Umbrella Rank: 4140
ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 19834
258 KB
15 tg.dev
tg.dev — Cisco Umbrella Rank: 77110
oauth.tg.dev — Cisco Umbrella Rank: 77888
209 KB
11 tx.me
tx.me — Cisco Umbrella Rank: 973646
12 KB
10 yastatic.net
yastatic.net — Cisco Umbrella Rank: 4502
260 KB
9 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
8 KB
9 presaver.com
presaver.com
133 KB
8 telesco.pe
cdn4.telesco.pe — Cisco Umbrella Rank: 408449
253 KB
6 google.nl
www.google.nl — Cisco Umbrella Rank: 6376
995 B
6 google.com
www.google.com — Cisco Umbrella Rank: 16
1 KB
6 mts.ru
sm.rtb.mts.ru — Cisco Umbrella Rank: 28352
tech.rtb.mts.ru — Cisco Umbrella Rank: 34642
4 KB
5 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3225
euw-ice.360yield.com — Cisco Umbrella Rank: 11868
1 KB
4 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2547
3 KB
4 comments.app
comments.app — Cisco Umbrella Rank: 497572
49 KB
3 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 187
17 KB
3 acint.net
acint.net — Cisco Umbrella Rank: 18425
1 KB
3 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 7108
2 KB
2 rutarget.ru
yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 55987
yandex-sync.rutarget.ru — Cisco Umbrella Rank: 56009
837 B
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 13273
1 KB
2 upravel.com
sync.upravel.com — Cisco Umbrella Rank: 29910
1 KB
2 adriver.ru
ssp.adriver.ru — Cisco Umbrella Rank: 22271
402 B
2 semantiqo.com
sonar.semantiqo.com — Cisco Umbrella Rank: 54784
1 KB
2 weborama.fr
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 12112
594 B
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 13391
812 B
2 digitaltarget.ru
dmg.digitaltarget.ru — Cisco Umbrella Rank: 18301
1 KB
2 hybrid.ai
dm.hybrid.ai — Cisco Umbrella Rank: 26971
516 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 277
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
20 KB
2 gstatic.com
fonts.gstatic.com
27 KB
2 220youtube.ru
220youtube.ru
1 KB
1 gonet-ads.com
sync.gonet-ads.com — Cisco Umbrella Rank: 19737
15 B
1 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 16445
70 B
1 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 5978
390 B
1 1dmp.io
sync.1dmp.io — Cisco Umbrella Rank: 16477
155 B
1 magnitent.com
sync.magnitent.com — Cisco Umbrella Rank: 329795
676 B
1 caltat.com
cdn3.caltat.com — Cisco Umbrella Rank: 279437
334 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 11316
205 B
1 intent.ai
rtb-eu-warsaw.intent.ai — Cisco Umbrella Rank: 54073
844 B
1 rambler.ru
profile.ssp.rambler.ru — Cisco Umbrella Rank: 35617
244 B
1 bidderstack.com
nr.bidderstack.com — Cisco Umbrella Rank: 29079
404 B
1 new-programmatic.com
match.new-programmatic.com — Cisco Umbrella Rank: 29877
262 B
1 kimberlite.io
kimberlite.io — Cisco Umbrella Rank: 26430
657 B
1 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 15169
178 B
1 tns-counter.ru
cm.tns-counter.ru — Cisco Umbrella Rank: 54922
387 B
1 programattik.com
rtb.programattik.com — Cisco Umbrella Rank: 33877
152 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 3365
467 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 16963
241 B
1 sape.ru
ssp-rtb.sape.ru — Cisco Umbrella Rank: 21407
698 B
1 arcspire.io
px.arcspire.io — Cisco Umbrella Rank: 52474
317 B
1 yandex.net
avatars.mds.yandex.net — Cisco Umbrella Rank: 5547
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
44 KB
0 whiteboxdigital.ru Failed
mitdmp.whiteboxdigital.ru Failed
136 52
Domain Requested by
22 an.yandex.ru 1 redirects yandex.ru
19 yandex.ru 9 redirects presaver.com
yandex.ru
yastatic.net
14 tg.dev comments.app
tg.dev
12 mc.yandex.ru 1 redirects presaver.com
mc.yandex.ru
yastatic.net
11 tx.me 8 redirects comments.app
10 yastatic.net yandex.ru
yastatic.net
presaver.com
9 presaver.com 1 redirects presaver.com
8 cdn4.telesco.pe comments.app
6 www.google.nl
6 www.google.com 2 redirects
6 googleads.g.doubleclick.net 2 redirects www.googleadservices.com
4 sm.rtb.mts.ru 4 redirects
4 ads.betweendigital.com 3 redirects
4 comments.app presaver.com
comments.app
3 www.googleadservices.com 2 redirects yastatic.net
3 cm.g.doubleclick.net
3 match.360yield.com 1 redirects
3 acint.net 3 redirects
3 counter.yadro.ru 2 redirects presaver.com
2 x01.aidata.io 2 redirects
2 sync.upravel.com 2 redirects
2 ssp.adriver.ru
2 sonar.semantiqo.com 2 redirects
2 redirect.frontend.weborama.fr 2 redirects
2 px.adhigh.net 2 redirects
2 tech.rtb.mts.ru 2 redirects
2 euw-ice.360yield.com 2 redirects
2 dmg.digitaltarget.ru 1 redirects
2 dm.hybrid.ai
2 dpm.demdex.net 1 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 220youtube.ru 2 redirects
1 yandex-sync.rutarget.ru 1 redirects
1 yandex-dmp-sync.rutarget.ru 1 redirects
1 sync.gonet-ads.com
1 sync.dmp.otm-r.com
1 sync.bumlam.com
1 sync.1dmp.io
1 sync.magnitent.com
1 cdn3.caltat.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 rtb-eu-warsaw.intent.ai
1 profile.ssp.rambler.ru 1 redirects
1 nr.bidderstack.com 1 redirects
1 match.new-programmatic.com 1 redirects
1 kimberlite.io 1 redirects
1 exchange.buzzoola.com 1 redirects
1 cm.tns-counter.ru 1 redirects
1 rtb.programattik.com
1 t.adx.opera.com
1 im.bluevoox.com
1 ssp-rtb.sape.ru 1 redirects
1 px.arcspire.io 1 redirects
1 ysa-static.passport.yandex.ru
1 avatars.mds.yandex.net
1 oauth.tg.dev comments.app
1 fonts.googleapis.com presaver.com
1 www.googletagmanager.com presaver.com
0 mitdmp.whiteboxdigital.ru Failed
136 60

This site contains links to these domains. Also see Links.

Domain
220vk.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-04 -
2023-08-04
a year crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018
2023-02-01 -
2023-08-01
6 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.comments.app
Go Daddy Secure Certificate Authority - G2
2023-03-28 -
2024-04-28
a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2023-03-17 -
2023-08-27
5 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.tg.dev
Go Daddy Secure Certificate Authority - G2
2023-04-06 -
2024-05-07
a year crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018
2023-02-01 -
2023-08-01
6 months crt.sh
*.tx.me
Go Daddy Secure Certificate Authority - G2
2022-09-07 -
2023-10-09
a year crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018
2023-04-08 -
2023-10-07
6 months crt.sh
*.avatars.mds.yandex.net
GlobalSign RSA OV SSL CA 2018
2023-03-06 -
2023-10-06
7 months crt.sh
ysa-static.passport.yandex.net
GlobalSign ECC OV SSL CA 2018
2023-03-06 -
2023-10-06
7 months crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA
2022-09-26 -
2023-09-26
a year crt.sh
*.intent.ai
GTS CA 1P5
2023-04-10 -
2023-07-09
3 months crt.sh
*.adriver.ru
GlobalSign GCC R3 DV TLS CA 2020
2023-03-07 -
2024-04-07
a year crt.sh
sync.1dmp.io
R3
2023-01-31 -
2023-05-01
3 months crt.sh
*.bumlam.com
R3
2023-02-09 -
2023-05-10
3 months crt.sh
*.dmp.otm-r.com
AlphaSSL CA - SHA256 - G2
2022-05-27 -
2023-06-28
a year crt.sh
*.gonet-ads.com
Sectigo RSA Organization Validation Secure Server CA
2022-06-10 -
2023-06-10
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
www.google.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.google.nl
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh

This page contains 3 frames:

Primary Page: https://presaver.com/1/download
Frame ID: 0EC718EABC2C305398E4CA644EE5155C
Requests: 40 HTTP requests in this frame

Frame: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Frame ID: B86ACBC2FA5A2B0DEFF4FF6BB9D43EA1
Requests: 33 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: A970FEFF1CFCCB1CCC2FDA8B0505F77E
Requests: 65 HTTP requests in this frame

Screenshot

Page Title

220YouTube - Скачать видео с YouTube бесплатно на высокой скорости, без программ и регистрации

Page URL History Show full URLs

  1. http://220youtube.ru/ HTTP 301
    https://220youtube.ru/ HTTP 301
    https://presaver.com/ HTTP 302
    https://presaver.com/1/download Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

136
Requests

69 %
HTTPS

32 %
IPv6

52
Domains

60
Subdomains

37
IPs

13
Countries

1291 kB
Transfer

3498 kB
Size

65
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://220youtube.ru/ HTTP 301
    https://220youtube.ru/ HTTP 301
    https://presaver.com/ HTTP 302
    https://presaver.com/1/download Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//presaver.com/1/download;h220YouTube%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0432%u0438%u0434%u0435%u043E%20%u0441%20YouTube%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u043E%20%u043D%u0430%20%u0432%u044B%u0441%u043E%u043A%u043E%u0439%20%u0441%u043A%u043E%u0440%u043E%u0441%u0442%u0438%2C%20%u0431%u0435%u0437%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C%20%u0438%20%u0440%u0435%u0433%u0438%u0441%u0442%u0440%u0430%u0446%u0438%u0438;0.623851588281203 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//presaver.com/1/download;h220YouTube%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0432%u0438%u0434%u0435%u043E%20%u0441%20YouTube%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u043E%20%u043D%u0430%20%u0432%u044B%u0441%u043E%u043A%u043E%u0439%20%u0441%u043A%u043E%u0440%u043E%u0441%u0442%u0438%2C%20%u0431%u0435%u0437%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C%20%u0438%20%u0440%u0435%u0433%u0438%u0441%u0442%u0440%u0430%u0446%u0438%u0438;0.623851588281203
Request Chain 22
  • https://tx.me/i/userpic/320/dFRlRU_6U51wvy_7OruMfpqqJKIFqhfVRbBTrJHYh8Y.jpg HTTP 302
  • https://cdn4.telesco.pe/file/sPwQlwYd1hFI3MRnSTI84pZbQOwWDjXy8LR1jXUJPk2YkWQcLW1kBORBWb5_5z9BBR9bJGC7MetsZQiB_eQ0YXRneVdlQhibndGpCtbyagCXG56XREtNZ5jb6FjtprsmjZWhhiHseytK5RXyNJuBdu2VoLoartYD4PfDsZKgxmZxx-B-r9yWTI8XCupcyrqn8H3nMU1kOV_OOBToRwNbb7DwPjJ4jrBGz0Mabn5FMcDshgTs8ZGG9r-nwRZQFUUxNuynWmrHbeOfsm1P0kCSvHa9FAgX8-Tz0ErcS_Xx0aQie4yInvnMMgVlQkWgcf8Rv1okpWn2EGr8EZ6fGnkpVQ.jpg
Request Chain 23
  • https://tx.me/i/userpic/320/VX3WIprxtZTJZZxQK87ooyc-17Og6H_CIJiXTktrOAWM49SoLgLhXixofnQe8rme.jpg HTTP 302
  • https://cdn4.telesco.pe/file/VnTYunLO8K9YuU-5ibjooOnEnHyu6BjEVnJG5PG4LSA1WXn-VyYiYS8LE3NIhEOC2ILpIuaBYlybHSSMlleKXY1eAbeIXYKP2JxEeD8pIYmSbdd50g3f0JzEGzaGZS2J_pPS6Uko8BnWmwqiKet_KxnbTN62RWd52V74yODDA7jvATj7I7ZtU6JRb7PXsjzqa7s0DcHU_OVPRHXEgy596KqaIrS5I07k44E7GGCEAvZZIzmFMPhM3g6i04GKYUNrG8rVT1dDJhdx_-ASf6dLaB3-KxAgihcppumpFBPUVN3oT56LBQ-M6UV7ZgwEAQlL64akjihpZFHKBeAJFNUAlg.jpg
Request Chain 24
  • https://tx.me/i/userpic/320/XCoFeYbTAPr2NZRMadPmktx6B-ZA5vadz0jCq09-ki559lTUuDKAhK3-8xbXFIH9.jpg HTTP 302
  • https://cdn4.telesco.pe/file/Mrq7eOsP2NebopHQhYyfsSyZG_T3PPXeYabSKvbLtDxrlrW-evRSTDB-jMHfQJEMeJ2I9V4gCqbBVK1vTK6-5G3Nz0Kihj253w3UlpiQ3Y4NDETgDqo7fSvuvKGtGEOJofmgvCI_ZyVnfnrudiKcQsEiwfHoUq0OFRh1-xmXnR8_sfbAu0a6D_nS7ATy7W5dYiFoU4458eY4saRhgaL052J-AQUCrRZ1bGO2h1T9K3xrwkO8CFOVgNLNzLkOUwkFRawDyPAc87uazkHVVysIGjlaSSVx2aMMf35AZrAj-del2CQi-EYSIYIofpW4EvRgFgb7Yj5NiSwnY1eY1ei3RQ.jpg
Request Chain 25
  • https://tx.me/i/userpic/320/lAxrOyyJFM4P0b6fmrHHUALsdUX4RYxttvARCP55HUUTkKLRu0fJouqETJTJYbL6.jpg HTTP 302
  • https://cdn4.telesco.pe/file/B_QlnYiiHv9AJD9fpFtzT-vkTACjQ0n_JOEXpVsf1xnVBgAW36mm52moj7KjIeb3vuJZowipA51sqbu_d1x3OyQ3SPYsSxMaY88s-TaZ7lTQF6kceATu_hrbMWCCodaDBFuz8b2aeLRSVMajzn5QM9mz7KsLb4XSbulTpfvKgXdvcOUNgXFt6s6YY5QeUxY_AdCj_PE7N8LuZG3bZfjp1odyWr_C8mUC7LRb-yEdJEAyniXfKtkOz0KYwzQ_eDhxJQyYF-lYtiXeiO3CaDqReMsrEfbZBTeoFbc1thFPNE2X5HgB12C0YBszuNOdIe1TKEm5JZlJ_APBfTsX87xlSA.jpg
Request Chain 26
  • https://tx.me/i/userpic/320/L3B5JjYPMtgBSC9sTqsQH7NimK0iua25bEWT6REjcb8.jpg HTTP 302
  • https://cdn4.telesco.pe/file/e6WKRk3iTht8NqTGZ424F20FJGeM8sq94xtF6L7Igq5HDmP_YmmtaR0t7NmwYBGUgj-E9M0jz-d_G4MRiaM1q1iFweSnPJWcBVPgJvditwlaBk0oIUwmNXQa6kbPKkGd-e-3epa6Tmta2f1KxJwz2ZYqPvXhj3PRyt68zvZAfaHVAT1VwmCbtusd3uWcHdOrxXOVaBvry-og3TatrPL3yzINjHXVkVqOJMjJg42APqx8sdl48K4ilHK-hayKy2lXPUWLY8N3YrKE59eEevrqu0uTqUnbzc226HyVVHDwa5FDJyK-9seXMk9MIrAd106w0BLt1td8NfqmF_oHbj2V3A.jpg
Request Chain 27
  • https://tx.me/i/userpic/320/WQD1Dw4_FsV8k-sQqMc8j9iu2T0uMqAoBKK_vfnzgn2qvXr11fb3ZG73kKBk1Yjz.jpg HTTP 302
  • https://cdn4.telesco.pe/file/Q8Nb0d_AMvNrhQs78rvDO3hv80Ty4_1joxX0ytw9wlwQ_xXFk2ntmwtyxgQ5v5muP8FRgnDi35qA3bGsWOwOC-ZKlIBkJ41yl85cO5iYDtokG6CDHKubFiQzDRtTmEEsOl-y2Bw7m9i9HUYRSgg9kRO8NZt-CyywW-p_uLBHB3WLW6EjkoBhXHKdDvCWgPFeYQDLExVgVZCf3hdUYe24az0NhDgmxQ7ETlFOhcbQF0SxKJ8n3Vb8Cx25RMcjvA9atzM6vp-PwE_r4TUxtUFJrYuuEcc-_c8QCfNtLEcRkII_m7Btjxm07tUgjONZsoqkpcd-UUsJBkWkbgBn1Z99OA.jpg
Request Chain 28
  • https://tx.me/i/userpic/320/ZmDti9JplDRibOkHfoNMteVZ7Cd94AbFmfV50Z6HU6Q.jpg HTTP 302
  • https://cdn4.telesco.pe/file/iWFfff5QK5KIK37H-TNYa6vNW157bIte2ULaF33Em3tqmPDu_eJeK4SgEA5Ywg0IOn8wL7ceNwUdoNMhintDBAyNZmhxUVUKfnDdJaWsmLZDDUhnvgsuX24J6256BZa8z1eVukvNG1BtfTNkyiNG_oOupHuh-vM-SOMEnrCeYqVVbjdNmqz8Gs7g6knQpYkW7GyxwHzNlYCsD2HbIy1WeG9HmMnzr7ZRI526hqmoe86MiPB90IJ5PSzDu0x2oTrr3sua7-9__4DH1BoeAQyM0eegEwpm1bkLtxXaa3pUb4tOD7rIGv4THUv8_OCjSmBFdDTbWINETX32FGStO-g_tg.jpg
Request Chain 29
  • https://tx.me/i/userpic/320/whaitzrJANTGcxUUGzgkBso4ix5RTEMxy-5j6sqr2d8.jpg HTTP 302
  • https://cdn4.telesco.pe/file/bX6w4auPeVwZSfCW66QXhzoa1VVSNwHLu3JyfdRRj_QwRNGw4hEUs4vli0ETTXD2srktaVybEseSF93e4Wk2ah0lPMN9QZ5zOXjgH1bqkcnr5oKFnN0b0UeDsD38jOzL2hkBAImdNWX0OG0_nIzswYpNnmE8IVGdCOU_DNnqh487Ionszf9Ds91ey5HUnA5i71Wv2Isf9U5xqQPAMvGcSaZy7ecMtV4Sq5rCt2qo8cDThsrnWgqJrz788bDSdZmE7KrwZb8EioWZI5MPqMSeBNMOR77U79e5rUa7IVL25_sK052ym1nrJT0F24IQ-8r4jpCrfVE3RNloIQK1GKkm_Q.jpg
Request Chain 40
  • https://mc.yandex.ru/watch/49162435?wmode=7&page-url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flogxj2lsv%3Afp%3A1040%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A1029729085882%3Ahid%3A55369251%3Az%3A0%3Ai%3A20230423160418%3Aet%3A1682265858%3Ac%3A1%3Arn%3A244017119%3Arqn%3A1%3Au%3A1682265858711142255%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C101%2C1%2C716%2C0%2C%2C227%2C0%2C%2C%2C%2C1046%3Aco%3A0%3Acpf%3A1%3Ans%3A1682265857021%3Arqnl%3A1%3Ast%3A1682265858%3At%3A220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/49162435/1?wmode=7&page-url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flogxj2lsv%3Afp%3A1040%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A1029729085882%3Ahid%3A55369251%3Az%3A0%3Ai%3A20230423160418%3Aet%3A1682265858%3Ac%3A1%3Arn%3A244017119%3Arqn%3A1%3Au%3A1682265858711142255%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C101%2C1%2C716%2C0%2C%2C227%2C0%2C%2C%2C%2C1046%3Aco%3A0%3Acpf%3A1%3Ans%3A1682265857021%3Arqnl%3A1%3Ast%3A1682265858%3At%3A220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 71
  • https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389 HTTP 307
  • https://an.yandex.ru/mapuid/arcspireis/5e24d0ca9f05fe1eb285a9
Request Chain 72
  • https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D HTTP 302
  • https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1 HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=4003420A03574564C1007B8202FF612F&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D HTTP 302
  • https://an.yandex.ru/mapuid/sapeis/0100007F025745644200530B0253B954
Request Chain 73
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/14c44bd0-367d-5471-9a60-b433fe25e330
Request Chain 74
  • https://yandex.ru/an/mapuid/adobedmp/ HTTP 302
  • https://dpm.demdex.net/ibs:dpid=423652&dpuuid=49FD040F92D87F05 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=49FD040F92D87F05
Request Chain 75
  • https://yandex.ru/an/mapuid/azerionis/ HTTP 302
  • https://match.360yield.com/match?external_user_id=A9B5B13F3D229955&publisher_dsp_id=429&publisher_call_type=redirect HTTP 302
  • https://match.360yield.com/ul_cb/match?external_user_id=A9B5B13F3D229955&publisher_dsp_id=429&publisher_call_type=redirect
Request Chain 77
  • https://yandex.ru/an/mapuid/betweenx/ HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=161&external_user_id=5B50F82064E97112 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=161&external_user_id=5B50F82064E97112&crf=1
Request Chain 78
  • https://yandex.ru/an/mapuid/blueseaxcom/ HTTP 302
  • https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=862847ED73475106
Request Chain 80
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=C643FEEF60A6D2FA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Request Chain 81
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=C643FEEF60A6D2FA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Request Chain 82
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandexru HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=C643FEEF60A6D2FA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Request Chain 83
  • https://yandex.ru/an/mapuid/operacom/ HTTP 302
  • https://t.adx.opera.com/sync?vendor=60143&uid=92FA1311BC21376C
Request Chain 84
  • https://yandex.ru/an/mapuid/turktelekomrtb/ HTTP 302
  • https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=FCE9BF0753CFFBB
Request Chain 86
  • https://cm.tns-counter.ru/yacm HTTP 302
  • https://an.yandex.ru/mapuid/mediascope/72b1686b1785e12b75fc7ea4f64b73098f08bf0f036a4e8043c2cbd1c76b6793
Request Chain 89
  • https://dmg.digitaltarget.ru/1/119/i/i?i=1682265858 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1682265858941&i=1682265858
Request Chain 90
  • https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID} HTTP 302
  • https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D HTTP 302
  • https://an.yandex.ru/mapuid/azerionis/f8788b66-f6e8-481b-b005-589227fc0677 HTTP 302
  • https://match.360yield.com/match?external_user_id=f8788b66-f6e8-481b-b005-589227fc0677&publisher_dsp_id=429&publisher_call_type=redirect
Request Chain 91
  • https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D HTTP 301
  • https://an.yandex.ru/mapuid/buzzooladspis/f00ffd77-3752-4b5b-70ae-5f8bc623115f
Request Chain 92
  • https://kimberlite.io/rtb/sync/yandex HTTP 307
  • https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZEVXA8tsYBs HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZEVXA8tsYBs HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=24aa7ac4-d7c8-4944-bb56-944d3dd1715b&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FJKp6xNfISUS7VpRNPdFxWw%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D59%2526em%253D0%26sign%3D2104951988 HTTP 302
  • https://an.yandex.ru/setud/mts_banner/JKp6xNfISUS7VpRNPdFxWw?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=2104951988
Request Chain 93
  • https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
  • https://an.yandex.ru/mapuid/targetrtbis/
Request Chain 95
  • https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/ HTTP 302
  • https://an.yandex.ru/mapuid/hyperdspis/ff4d640a-b994-5128-1328-30c03bb8e6b9
Request Chain 96
  • https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
  • https://an.yandex.ru/mapuid/ramblerssp/
Request Chain 97
  • https://px.adhigh.net/p/cm/yandexssp HTTP 302
  • https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
  • https://an.yandex.ru/mapuid/getintentis/urcFBIrn9fN.AikABlGHrtvkwQ
Request Chain 98
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 307
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=623374194 HTTP 302
  • https://an.yandex.ru/mapuid/dmpweborama/r/ij3J.XF3/fNAHCq2Nc7u
Request Chain 100
  • https://s.uuidksinc.net/match/501 HTTP 302
  • https://an.yandex.ru/mapuid/kadamis/12U8Ly8yFVrqNrh4VUYz
Request Chain 101
  • https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=5183af2c-ce1c-42d8-aeaf-c11553c30c85&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F5183af2c-ce1c-42d8-aeaf-c11553c30c85 HTTP 302
  • https://an.yandex.ru/mapuid/mtsdspis/5183af2c-ce1c-42d8-aeaf-c11553c30c85
Request Chain 102
  • https://sonar.semantiqo.com/dmp/scr.php HTTP 302
  • https://counter.yadro.ru/id127/reff-id.gif?sid=fe3999a5546946629c82ec2215384e5d HTTP 302
  • https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=61BE14E4266C3AD4&sid=fe3999a5546946629c82ec2215384e5d HTTP 302
  • https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=fe3999a5546946629c82ec2215384e5d&spid=61BE14E4266C3AD4&v= HTTP 302
  • https://sync.magnitent.com/fbfli/ct_sync.php?ct=6da7c737ac0e484c9659a80c506616ad&sonar=fe3999a5546946629c82ec2215384e5d&spid=61BE14E4266C3AD4&v=
Request Chain 109
  • https://sync.upravel.com/yandex/sync HTTP 302
  • https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
  • https://an.yandex.ru/mapuid/upravelis/2b00c264-e719-4485-a700-533267bfc979
Request Chain 110
  • https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
  • https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
  • https://an.yandex.ru/mapuid/dmpaidatame/ks4vkwZDw3OZuDq5ltxmAQ?sign=2197098391
Request Chain 111
  • https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
  • https://an.yandex.ru/mapuid/dmpsegmento/XMf0uEaIVQtc?sign=3140879891
Request Chain 112
  • https://yandex-sync.rutarget.ru/sync HTTP 302
  • https://an.yandex.ru/mapuid/rutargetis/HqufjwzFzlmt
Request Chain 120
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=BFdFZOC8O8mtygXs8raICA&random=134634012&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=134634012&crd=&is_vtc=1&random=213112552 HTTP 302
  • https://www.google.nl/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=134634012&crd=&is_vtc=1&random=213112552&ipr=y
Request Chain 121
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=BFdFZLi8O9OFygXZ_Ja4Ag&random=682509004&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=682509004&crd=&is_vtc=1&random=3423706648 HTTP 302
  • https://www.google.nl/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=682509004&crd=&is_vtc=1&random=3423706648&ipr=y

136 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request download
presaver.com/1/
Redirect Chain
  • http://220youtube.ru/
  • https://220youtube.ru/
  • https://presaver.com/
  • https://presaver.com/1/download
7 KB
4 KB
Document
General
Full URL
https://presaver.com/1/download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b14b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb999df254bc3980e3c9170b2fb179d4b8b2cbd3d7f1264b222f8ac8fa113804
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7bc7576b0847b79c-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 23 Apr 2023 16:04:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=318nfRswIjmvOh5E1kvmgtetxH7W8OBTPXcd82HgJYEQbn4FfKQOPVldOAbU7ea9AECY6UfWG1DmyPXqc%2FqxEtpzHvadgofrxTN9OdZDk1C0L8p3Xu4sWzV4HGyYvF1QnOyXQkOxZzuCpAY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7bc75769cf04b79c-AMS
content-type
text/html; charset=UTF-8
date
Sun, 23 Apr 2023 16:04:17 GMT
location
https://presaver.com/1/download
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qJaEdu3yENR3WypTBNbTUdWQTXGlkkoVK7MDgPk9C38KosozL%2BtEK%2BlvAsah8JrRdNQC2OcjTDxlRX2iEX3sxT0broAFKqDbAL2aPMBMnU3kn60Tmq1PLJIQMnhWjIr%2BDXkwowOcV56meg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
context.js
yandex.ru/ads/system/
291 KB
86 KB
Script
General
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: presaver.com
URL: https://presaver.com/1/download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
9ee10655a42016afcee94c86d8bc0ab4398d791338080186b94d352e1460510c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://presaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1682265858038819-6673698464907463893-balancer-l7leveler-kubr-yp-sas-41-BAL-600
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 23 Apr 2023 17:04:18 GMT
js
www.googletagmanager.com/gtag/
113 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-139618482-1
Requested by
Host: presaver.com
URL: https://presaver.com/1/download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e9d4e95edbd488a98df1ff25ae5753233678e2eef66673cec8bd580e425fa677
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://presaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45092
x-xss-protection
0
last-modified
Sun, 23 Apr 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 23 Apr 2023 16:04:17 GMT
app.css
presaver.com/css/
19 KB
6 KB
Stylesheet
General
Full URL
https://presaver.com/css/app.css?id=80dfc01a97d87e1061aa
Requested by
Host: presaver.com
URL: https://presaver.com/1/download
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b14b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2c61b7f8b8289579ca4a0dde7cfb784f98fcfe083d137d3a9e8d93cd5879df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://presaver.com/1/download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1560
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 14:17:10 GMT
server
cloudflare
etag
W/"63ce96e6-4d03"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFyJRVd0z%2BafJX9qs7kGunhGBGLoyG2XbG25bJqliOBvzSs%2BuhghKjQyBIItaIg6Xq3o5v9h96PExeMkAml7bSw66iwSrnC%2FIw16b9vvILLQvk0%2BFNou702xsHa6n51dlfGlh%2FyxLgF1vJw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
7bc7576bab61b8c7-AMS
css
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: presaver.com
URL: https://presaver.com/1/download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e553533d28524e15d82626e82f797afe6db8582382606af03666b4719191db93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://presaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 23 Apr 2023 16:04:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 23 Apr 2023 15:24:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 23 Apr 2023 16:04:17 GMT
widget.js
comments.app/js/
9 KB
3 KB
Script
General
Full URL
https://comments.app/js/widget.js?3
Requested by
Host: presaver.com
URL: https://presaver.com/1/download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.13 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
482f450b7fdbac6f9304643f3e731df20bf66c51fb0599fa9a734e5d102a9e2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://presaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Fri, 19 Jun 2020 23:54:45 GMT
server
nginx/1.20.1
etag
W/"5eed5045-2390"
content-type
application/javascript
email-decode.min.js
presaver.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://presaver.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: presaver.com
URL: https://presaver.com/1/download
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b14b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://presaver.com/1/download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Apr 2023 16:29:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"643ec584-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjT6RFGjP1pafbVj7axv7S6AapoxDqMHHu7Ib0lmyFbz5aheNiJSSXHLiDO42l%2BbM0iu%2Fo3nW6W9hRb6pWGuFVajc6FP%2B5G0g8GSauvRgDOXfCDNEDd4Qu2F5lzXNitYeZ%2FV1GWCBDiGHEI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7bc7576bab64b8c7-AMS
expires
Tue, 25 Apr 2023 16:04:17 GMT
sweetAlert2.js
presaver.com/js/
66 KB
18 KB
Script
General
Full URL
https://presaver.com/js/sweetAlert2.js
Requested by
Host: presaver.com
URL: https://presaver.com/1/download
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b14b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b2e49819d301475757a2b627c46e5453856c05073d77f6467e58b4780a666a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://presaver.com/1/download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3264
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 14:17:10 GMT
server
cloudflare
etag
W/"63ce96e6-10600"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8W78tw8X0Q%2B5I%2BSOkOknb7NWwLByFHneXUAZQoSJoidfqyKzAnrZEY7gQp9zEg1NJcvggQrWIDMW12ld%2FoY%2FrU3yacQ0syNwnPGenEvPpK9vZZJb3YE60p7VeAuHPLWRg6c7CGrSox8eUUo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
7bc7576bab67b8c7-AMS
vendor.js
presaver.com/js/
274 KB
85 KB
Script
General
Full URL
https://presaver.com/js/vendor.js?id=7dcf5502d17063ffae48
Requested by
Host: presaver.com
URL: https://presaver.com/1/download
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b14b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fc0b8b8f89f4fc12be0dd43fcc8e4907bf83b2b906828d96becd23a5407bbde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://presaver.com/1/download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6835
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 14:17:10 GMT
server
cloudflare
etag
W/"63ce96e6-44965"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9sCpw%2FnKW0rYRzVL4xNrd%2Bk0QGk15ahTSBiyZKX%2FvtkOHdFbFgWpzOSiuaWs0hfHnKyC3wf5CxzrmMC6l96Vmt1C3fLUW3jUNH5x2A4Y3Zeaf%2BmNnjxiHNBkKfgSExjQ7DQFKZ%2BWYdtlJA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
7bc7576bab68b8c7-AMS
app.js
presaver.com/js/
55 KB
16 KB
Script
General
Full URL
https://presaver.com/js/app.js?id=b7b3e2aeea1da7921949
Requested by
Host: presaver.com
URL: https://presaver.com/1/download
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b14b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41aeecf645767e00367f3ce2ed361a63639e87f89e44ab0e85abab0f00efafb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://presaver.com/1/download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
480
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 14:17:10 GMT
server
cloudflare
etag
W/"63ce96e6-dd0a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjhXR9fHLMvWPTdkPUgVpPXvNu8lusktvbTc4GvHB2dCNGQ2hpZmiTCYYuPPA3R1aJEuITUzdKDi%2BEGSwo%2BNpD697U5Guj%2Fw%2FKbIvoqhJP4Lwgp39hAhWjbtGeaCrd4N%2FY3PKlKHMcc5aNU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
7bc7576bab69b8c7-AMS
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//presaver.com/1/download;h220YouTube%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0432%u0438%u0434%u0435%u043E%20%u0441%20YouTube%20%u...
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//presaver.com/1/download;h220YouTube%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0432%u0438%u0434%u0435%u043E%20%u0441%20YouTube%20...
43 B
528 B
Image
General
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//presaver.com/1/download;h220YouTube%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0432%u0438%u0434%u0435%u043E%20%u0441%20YouTube%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u043E%20%u043D%u0430%20%u0432%u044B%u0441%u043E%u043A%u043E%u0439%20%u0441%u043A%u043E%u0440%u043E%u0441%u0442%u0438%2C%20%u0431%u0435%u0437%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C%20%u0438%20%u0440%u0435%u0433%u0438%u0441%u0442%u0440%u0430%u0446%u0438%u0438;0.623851588281203
Requested by
Host: presaver.com
URL: https://presaver.com/1/download
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host152.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://presaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Apr 2023 16:04:18 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Fri, 22 Apr 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 23 Apr 2023 16:04:18 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//presaver.com/1/download;h220YouTube%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0432%u0438%u0434%u0435%u043E%20%u0441%20YouTube%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u043E%20%u043D%u0430%20%u0432%u044B%u0441%u043E%u043A%u043E%u0439%20%u0441%u043A%u043E%u0440%u043E%u0441%u0442%u0438%2C%20%u0431%u0435%u0437%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C%20%u0438%20%u0440%u0435%u0433%u0438%u0441%u0442%u0440%u0430%u0446%u0438%u0438;0.623851588281203
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Fri, 22 Apr 2022 21:00:00 GMT
tag.js
mc.yandex.ru/metrika/
213 KB
73 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: presaver.com
URL: https://presaver.com/1/download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
a26b4febdb7690008890d735d5f32ecb59441835704251420f9bb3d4dd4417ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://presaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 21 Apr 2023 13:01:10 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64425ee6-122e6"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
74470
expires
Sun, 23 Apr 2023 17:04:18 GMT
logo.svg
presaver.com/images/
2 KB
1 KB
Image
General
Full URL
https://presaver.com/images/logo.svg?v2
Requested by
Host: presaver.com
URL: https://presaver.com/css/app.css?id=80dfc01a97d87e1061aa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b14b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5e57602d71b6ae75248a554d8f5e7d43f2a750574d4b006c1659804e67e51b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://presaver.com/css/app.css?id=80dfc01a97d87e1061aa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3264
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 14:17:10 GMT
server
cloudflare
etag
W/"63ce96e6-742"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSZBYaN7XH0mj65bASiCyP0GwvvdWEsn%2F19FkvmVjN%2BzNLoumCzbi2IUa60xUN6sL6myc7voFH8kSIKbNp3ysbKaSYjB0CgkbLuthXZY7%2BJ7je5zbsCNJ3RNtiIw6XozB6C3Y15iE6iJ93k%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
7bc7576ced60b8c7-AMS
button_search.svg
presaver.com/images/
269 B
710 B
Image
General
Full URL
https://presaver.com/images/button_search.svg
Requested by
Host: presaver.com
URL: https://presaver.com/css/app.css?id=80dfc01a97d87e1061aa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b14b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ddea45f7eb06a894584093adf3edfed13711ab62db3016f2461d7cbfebce0f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://presaver.com/css/app.css?id=80dfc01a97d87e1061aa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3148
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 14:17:10 GMT
server
cloudflare
etag
W/"63ce96e6-10d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hOBM12qPXK%2BV0l0jZjazW6d%2Ffkqys4t%2B7Qg3UpGVJGZT6vvXL1NRKK719ZtTeNQb%2BUOzEX0eCb0lPWS94GrqmLuF%2B8ifw7oVXVHsUKlBwHojOYvAlBgLT49kzhJnJfeWGMaxRJFCkPf3mM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
7bc7576ced61b8c7-AMS
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2
fonts.gstatic.com/s/opensans/v34/
10 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
624b713241704e0993f7d2147c1f1408a8a0df1be297a490bfe8e2b89387ce93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://presaver.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 23:54:17 GMT
x-content-type-options
nosniff
age
58201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10652
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:11:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 23:54:17 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://presaver.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 21:37:04 GMT
x-content-type-options
nosniff
age
66434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16740
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 21:37:04 GMT
view
comments.app/embed/ Frame B86A
17 KB
4 KB
Document
General
Full URL
https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Requested by
Host: comments.app
URL: https://comments.app/js/widget.js?3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.13 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
74b9a6ef4c00e3deb3d59f86ba5653352f87055bd0fd05225a13bdc47426f49e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://presaver.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store
content-encoding
gzip
content-length
3382
content-type
text/html; charset=utf-8
date
Sun, 23 Apr 2023 16:04:18 GMT
pragma
no-cache
server
nginx/1.20.1
strict-transport-security
max-age=31536000; includeSubDomains; preload
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-139618482-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://presaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 23 Apr 2023 14:43:52 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4826
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sun, 23 Apr 2023 16:43:52 GMT
font-roboto.css
tg.dev/css/ Frame B86A
6 KB
894 B
Stylesheet
General
Full URL
https://tg.dev/css/font-roboto.css?1
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
W/"63512b7d-1816"
content-type
text/css
cache-control
max-age=345600
expires
Thu, 27 Apr 2023 16:04:18 GMT
bootstrap.min.css
tg.dev/css/ Frame B86A
42 KB
10 KB
Stylesheet
General
Full URL
https://tg.dev/css/bootstrap.min.css?3
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Fri, 10 Nov 2017 17:54:14 GMT
server
nginx/1.18.0
etag
W/"5a05e7c6-a61b"
content-type
text/css
cache-control
max-age=345600
expires
Thu, 27 Apr 2023 16:04:18 GMT
bootstrap-extra.css
tg.dev/css/ Frame B86A
70 KB
13 KB
Stylesheet
General
Full URL
https://tg.dev/css/bootstrap-extra.css?2
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6342d16a93416b5e826f6d0e0e930ef033efb682851ae46270f3c4f5b4a1c194
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Fri, 10 Nov 2017 17:54:14 GMT
server
nginx/1.18.0
etag
W/"5a05e7c6-11648"
content-type
text/css
cache-control
max-age=345600
expires
Thu, 27 Apr 2023 16:04:18 GMT
widget-frame.css
tg.dev/css/ Frame B86A
81 KB
21 KB
Stylesheet
General
Full URL
https://tg.dev/css/widget-frame.css?66
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d61214fdf1c1eee41b83cb56d52b82db20a47bfeab5248bb6fda7a4f0744eedf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Sat, 01 Apr 2023 17:42:21 GMT
server
nginx/1.18.0
etag
W/"64286cfd-1456a"
content-type
text/css
cache-control
max-age=345600
expires
Thu, 27 Apr 2023 16:04:18 GMT
comments.css
comments.app/css/ Frame B86A
83 KB
20 KB
Stylesheet
General
Full URL
https://comments.app/css/comments.css?31
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.13 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e450af4a7c4974ea3ff324b629876380e0ca9605333a57152a953310c4a4661a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Fri, 24 Jul 2020 12:57:13 GMT
server
nginx/1.20.1
etag
W/"5f1adaa9-14b98"
content-type
text/css
sPwQlwYd1hFI3MRnSTI84pZbQOwWDjXy8LR1jXUJPk2YkWQcLW1kBORBWb5_5z9BBR9bJGC7MetsZQiB_eQ0YXRneVdlQhibndGpCtbyagCXG56XREtNZ5jb6FjtprsmjZWhhiHseytK5RXyNJuBdu2VoLoartYD4PfDsZKgxmZxx-B-r9yWTI8XCupcyrqn8H3nM...
cdn4.telesco.pe/file/ Frame B86A
Redirect Chain
  • https://tx.me/i/userpic/320/dFRlRU_6U51wvy_7OruMfpqqJKIFqhfVRbBTrJHYh8Y.jpg
  • https://cdn4.telesco.pe/file/sPwQlwYd1hFI3MRnSTI84pZbQOwWDjXy8LR1jXUJPk2YkWQcLW1kBORBWb5_5z9BBR9bJGC7MetsZQiB_eQ0YXRneVdlQhibndGpCtbyagCXG56XREtNZ5jb6FjtprsmjZWhhiHseytK5RXyNJuBdu2VoLoartYD4PfDsZKg...
39 KB
39 KB
Image
General
Full URL
https://cdn4.telesco.pe/file/sPwQlwYd1hFI3MRnSTI84pZbQOwWDjXy8LR1jXUJPk2YkWQcLW1kBORBWb5_5z9BBR9bJGC7MetsZQiB_eQ0YXRneVdlQhibndGpCtbyagCXG56XREtNZ5jb6FjtprsmjZWhhiHseytK5RXyNJuBdu2VoLoartYD4PfDsZKgxmZxx-B-r9yWTI8XCupcyrqn8H3nMU1kOV_OOBToRwNbb7DwPjJ4jrBGz0Mabn5FMcDshgTs8ZGG9r-nwRZQFUUxNuynWmrHbeOfsm1P0kCSvHa9FAgX8-Tz0ErcS_Xx0aQie4yInvnMMgVlQkWgcf8Rv1okpWn2EGr8EZ6fGnkpVQ.jpg
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
HTTP/1.1
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
35b1d485792d32790612e63d8586337c39c42fd5eb289e105af4c7e95f73a147
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 16:04:18 GMT
Content-Security-Policy
default-src 'none'; sandbox
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Connection
keep-alive
Content-Length
39780
X-XSS-Protection
1; mode=block
Server
nginx/1.18.0
ETag
"8f7aaa6fed6bcf8ae995e6ea71584c9f7cb6ea8e"
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
bytes, bytes
Expires
Tue, 23 May 2023 16:04:18 GMT

Redirect headers

date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
gzip
strict-transport-security
max-age=35768000
server
nginx/1.18.0
content-type
text/html; charset=UTF-8
location
https://cdn4.telesco.pe/file/sPwQlwYd1hFI3MRnSTI84pZbQOwWDjXy8LR1jXUJPk2YkWQcLW1kBORBWb5_5z9BBR9bJGC7MetsZQiB_eQ0YXRneVdlQhibndGpCtbyagCXG56XREtNZ5jb6FjtprsmjZWhhiHseytK5RXyNJuBdu2VoLoartYD4PfDsZKgxmZxx-B-r9yWTI8XCupcyrqn8H3nMU1kOV_OOBToRwNbb7DwPjJ4jrBGz0Mabn5FMcDshgTs8ZGG9r-nwRZQFUUxNuynWmrHbeOfsm1P0kCSvHa9FAgX8-Tz0ErcS_Xx0aQie4yInvnMMgVlQkWgcf8Rv1okpWn2EGr8EZ6fGnkpVQ.jpg
cache-control
max-age=3600, public
content-length
20
expires
Sun, 23 Apr 2023 17:04:18 GMT
VnTYunLO8K9YuU-5ibjooOnEnHyu6BjEVnJG5PG4LSA1WXn-VyYiYS8LE3NIhEOC2ILpIuaBYlybHSSMlleKXY1eAbeIXYKP2JxEeD8pIYmSbdd50g3f0JzEGzaGZS2J_pPS6Uko8BnWmwqiKet_KxnbTN62RWd52V74yODDA7jvATj7I7ZtU6JRb7PXsjzqa7s0D...
cdn4.telesco.pe/file/ Frame B86A
Redirect Chain
  • https://tx.me/i/userpic/320/VX3WIprxtZTJZZxQK87ooyc-17Og6H_CIJiXTktrOAWM49SoLgLhXixofnQe8rme.jpg
  • https://cdn4.telesco.pe/file/VnTYunLO8K9YuU-5ibjooOnEnHyu6BjEVnJG5PG4LSA1WXn-VyYiYS8LE3NIhEOC2ILpIuaBYlybHSSMlleKXY1eAbeIXYKP2JxEeD8pIYmSbdd50g3f0JzEGzaGZS2J_pPS6Uko8BnWmwqiKet_KxnbTN62RWd52V74yODD...
25 KB
26 KB
Image
General
Full URL
https://cdn4.telesco.pe/file/VnTYunLO8K9YuU-5ibjooOnEnHyu6BjEVnJG5PG4LSA1WXn-VyYiYS8LE3NIhEOC2ILpIuaBYlybHSSMlleKXY1eAbeIXYKP2JxEeD8pIYmSbdd50g3f0JzEGzaGZS2J_pPS6Uko8BnWmwqiKet_KxnbTN62RWd52V74yODDA7jvATj7I7ZtU6JRb7PXsjzqa7s0DcHU_OVPRHXEgy596KqaIrS5I07k44E7GGCEAvZZIzmFMPhM3g6i04GKYUNrG8rVT1dDJhdx_-ASf6dLaB3-KxAgihcppumpFBPUVN3oT56LBQ-M6UV7ZgwEAQlL64akjihpZFHKBeAJFNUAlg.jpg
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
HTTP/1.1
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4e6fd15282ec00cbb8f2474d12438506061b53e99c4f0556dae1a667872ab3ab
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 16:04:18 GMT
Content-Security-Policy
default-src 'none'; sandbox
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Connection
keep-alive
Content-Length
25701
X-XSS-Protection
1; mode=block
Server
nginx/1.18.0
ETag
"50b8367edb588d783f4d6c9f02dd1730b4096da1"
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
bytes, bytes
Expires
Tue, 23 May 2023 16:04:18 GMT

Redirect headers

date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
gzip
strict-transport-security
max-age=35768000
server
nginx/1.18.0
content-type
text/html; charset=UTF-8
location
https://cdn4.telesco.pe/file/VnTYunLO8K9YuU-5ibjooOnEnHyu6BjEVnJG5PG4LSA1WXn-VyYiYS8LE3NIhEOC2ILpIuaBYlybHSSMlleKXY1eAbeIXYKP2JxEeD8pIYmSbdd50g3f0JzEGzaGZS2J_pPS6Uko8BnWmwqiKet_KxnbTN62RWd52V74yODDA7jvATj7I7ZtU6JRb7PXsjzqa7s0DcHU_OVPRHXEgy596KqaIrS5I07k44E7GGCEAvZZIzmFMPhM3g6i04GKYUNrG8rVT1dDJhdx_-ASf6dLaB3-KxAgihcppumpFBPUVN3oT56LBQ-M6UV7ZgwEAQlL64akjihpZFHKBeAJFNUAlg.jpg
cache-control
max-age=3600, public
content-length
20
expires
Sun, 23 Apr 2023 17:04:18 GMT
Mrq7eOsP2NebopHQhYyfsSyZG_T3PPXeYabSKvbLtDxrlrW-evRSTDB-jMHfQJEMeJ2I9V4gCqbBVK1vTK6-5G3Nz0Kihj253w3UlpiQ3Y4NDETgDqo7fSvuvKGtGEOJofmgvCI_ZyVnfnrudiKcQsEiwfHoUq0OFRh1-xmXnR8_sfbAu0a6D_nS7ATy7W5dYiFoU...
cdn4.telesco.pe/file/ Frame B86A
Redirect Chain
  • https://tx.me/i/userpic/320/XCoFeYbTAPr2NZRMadPmktx6B-ZA5vadz0jCq09-ki559lTUuDKAhK3-8xbXFIH9.jpg
  • https://cdn4.telesco.pe/file/Mrq7eOsP2NebopHQhYyfsSyZG_T3PPXeYabSKvbLtDxrlrW-evRSTDB-jMHfQJEMeJ2I9V4gCqbBVK1vTK6-5G3Nz0Kihj253w3UlpiQ3Y4NDETgDqo7fSvuvKGtGEOJofmgvCI_ZyVnfnrudiKcQsEiwfHoUq0OFRh1-xmX...
20 KB
20 KB
Image
General
Full URL
https://cdn4.telesco.pe/file/Mrq7eOsP2NebopHQhYyfsSyZG_T3PPXeYabSKvbLtDxrlrW-evRSTDB-jMHfQJEMeJ2I9V4gCqbBVK1vTK6-5G3Nz0Kihj253w3UlpiQ3Y4NDETgDqo7fSvuvKGtGEOJofmgvCI_ZyVnfnrudiKcQsEiwfHoUq0OFRh1-xmXnR8_sfbAu0a6D_nS7ATy7W5dYiFoU4458eY4saRhgaL052J-AQUCrRZ1bGO2h1T9K3xrwkO8CFOVgNLNzLkOUwkFRawDyPAc87uazkHVVysIGjlaSSVx2aMMf35AZrAj-del2CQi-EYSIYIofpW4EvRgFgb7Yj5NiSwnY1eY1ei3RQ.jpg
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
HTTP/1.1
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
99bcdc3bfbea0250e84846350abf791e95d3e1e4dc06138e7c8d0438037994c4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 16:04:18 GMT
Content-Security-Policy
default-src 'none'; sandbox
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Connection
keep-alive
Content-Length
20218
X-XSS-Protection
1; mode=block
Server
nginx/1.18.0
ETag
"5e88a7b821a1126ed82dc78667915b62954916df"
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
bytes, bytes
Expires
Tue, 23 May 2023 16:04:18 GMT

Redirect headers

date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
gzip
strict-transport-security
max-age=35768000
server
nginx/1.18.0
content-type
text/html; charset=UTF-8
location
https://cdn4.telesco.pe/file/Mrq7eOsP2NebopHQhYyfsSyZG_T3PPXeYabSKvbLtDxrlrW-evRSTDB-jMHfQJEMeJ2I9V4gCqbBVK1vTK6-5G3Nz0Kihj253w3UlpiQ3Y4NDETgDqo7fSvuvKGtGEOJofmgvCI_ZyVnfnrudiKcQsEiwfHoUq0OFRh1-xmXnR8_sfbAu0a6D_nS7ATy7W5dYiFoU4458eY4saRhgaL052J-AQUCrRZ1bGO2h1T9K3xrwkO8CFOVgNLNzLkOUwkFRawDyPAc87uazkHVVysIGjlaSSVx2aMMf35AZrAj-del2CQi-EYSIYIofpW4EvRgFgb7Yj5NiSwnY1eY1ei3RQ.jpg
cache-control
max-age=3600, public
content-length
20
expires
Sun, 23 Apr 2023 17:04:18 GMT
B_QlnYiiHv9AJD9fpFtzT-vkTACjQ0n_JOEXpVsf1xnVBgAW36mm52moj7KjIeb3vuJZowipA51sqbu_d1x3OyQ3SPYsSxMaY88s-TaZ7lTQF6kceATu_hrbMWCCodaDBFuz8b2aeLRSVMajzn5QM9mz7KsLb4XSbulTpfvKgXdvcOUNgXFt6s6YY5QeUxY_AdCj_...
cdn4.telesco.pe/file/ Frame B86A
Redirect Chain
  • https://tx.me/i/userpic/320/lAxrOyyJFM4P0b6fmrHHUALsdUX4RYxttvARCP55HUUTkKLRu0fJouqETJTJYbL6.jpg
  • https://cdn4.telesco.pe/file/B_QlnYiiHv9AJD9fpFtzT-vkTACjQ0n_JOEXpVsf1xnVBgAW36mm52moj7KjIeb3vuJZowipA51sqbu_d1x3OyQ3SPYsSxMaY88s-TaZ7lTQF6kceATu_hrbMWCCodaDBFuz8b2aeLRSVMajzn5QM9mz7KsLb4XSbulTpfvK...
48 KB
48 KB
Image
General
Full URL
https://cdn4.telesco.pe/file/B_QlnYiiHv9AJD9fpFtzT-vkTACjQ0n_JOEXpVsf1xnVBgAW36mm52moj7KjIeb3vuJZowipA51sqbu_d1x3OyQ3SPYsSxMaY88s-TaZ7lTQF6kceATu_hrbMWCCodaDBFuz8b2aeLRSVMajzn5QM9mz7KsLb4XSbulTpfvKgXdvcOUNgXFt6s6YY5QeUxY_AdCj_PE7N8LuZG3bZfjp1odyWr_C8mUC7LRb-yEdJEAyniXfKtkOz0KYwzQ_eDhxJQyYF-lYtiXeiO3CaDqReMsrEfbZBTeoFbc1thFPNE2X5HgB12C0YBszuNOdIe1TKEm5JZlJ_APBfTsX87xlSA.jpg
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
HTTP/1.1
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f8a558f7402e50fac43173110de683470f28a6a8ca188706393911bb93c1cbda
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 16:04:18 GMT
Content-Security-Policy
default-src 'none'; sandbox
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Connection
keep-alive
Content-Length
48906
X-XSS-Protection
1; mode=block
Server
nginx/1.18.0
ETag
"daa86dfaa9e9250625345814315d25397527f4e2"
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
bytes, bytes
Expires
Tue, 23 May 2023 16:04:18 GMT

Redirect headers

date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
gzip
strict-transport-security
max-age=35768000
server
nginx/1.18.0
content-type
text/html; charset=UTF-8
location
https://cdn4.telesco.pe/file/B_QlnYiiHv9AJD9fpFtzT-vkTACjQ0n_JOEXpVsf1xnVBgAW36mm52moj7KjIeb3vuJZowipA51sqbu_d1x3OyQ3SPYsSxMaY88s-TaZ7lTQF6kceATu_hrbMWCCodaDBFuz8b2aeLRSVMajzn5QM9mz7KsLb4XSbulTpfvKgXdvcOUNgXFt6s6YY5QeUxY_AdCj_PE7N8LuZG3bZfjp1odyWr_C8mUC7LRb-yEdJEAyniXfKtkOz0KYwzQ_eDhxJQyYF-lYtiXeiO3CaDqReMsrEfbZBTeoFbc1thFPNE2X5HgB12C0YBszuNOdIe1TKEm5JZlJ_APBfTsX87xlSA.jpg
cache-control
max-age=3600, public
content-length
20
expires
Sun, 23 Apr 2023 17:04:18 GMT
e6WKRk3iTht8NqTGZ424F20FJGeM8sq94xtF6L7Igq5HDmP_YmmtaR0t7NmwYBGUgj-E9M0jz-d_G4MRiaM1q1iFweSnPJWcBVPgJvditwlaBk0oIUwmNXQa6kbPKkGd-e-3epa6Tmta2f1KxJwz2ZYqPvXhj3PRyt68zvZAfaHVAT1VwmCbtusd3uWcHdOrxXOVa...
cdn4.telesco.pe/file/ Frame B86A
Redirect Chain
  • https://tx.me/i/userpic/320/L3B5JjYPMtgBSC9sTqsQH7NimK0iua25bEWT6REjcb8.jpg
  • https://cdn4.telesco.pe/file/e6WKRk3iTht8NqTGZ424F20FJGeM8sq94xtF6L7Igq5HDmP_YmmtaR0t7NmwYBGUgj-E9M0jz-d_G4MRiaM1q1iFweSnPJWcBVPgJvditwlaBk0oIUwmNXQa6kbPKkGd-e-3epa6Tmta2f1KxJwz2ZYqPvXhj3PRyt68zvZA...
29 KB
30 KB
Image
General
Full URL
https://cdn4.telesco.pe/file/e6WKRk3iTht8NqTGZ424F20FJGeM8sq94xtF6L7Igq5HDmP_YmmtaR0t7NmwYBGUgj-E9M0jz-d_G4MRiaM1q1iFweSnPJWcBVPgJvditwlaBk0oIUwmNXQa6kbPKkGd-e-3epa6Tmta2f1KxJwz2ZYqPvXhj3PRyt68zvZAfaHVAT1VwmCbtusd3uWcHdOrxXOVaBvry-og3TatrPL3yzINjHXVkVqOJMjJg42APqx8sdl48K4ilHK-hayKy2lXPUWLY8N3YrKE59eEevrqu0uTqUnbzc226HyVVHDwa5FDJyK-9seXMk9MIrAd106w0BLt1td8NfqmF_oHbj2V3A.jpg
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
HTTP/1.1
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
417666f0ba78c869d346b36a3d24db2bfe44be89e103adff89d2f9606e2e57cd
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 16:04:18 GMT
Content-Security-Policy
default-src 'none'; sandbox
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Connection
keep-alive
Content-Length
30088
X-XSS-Protection
1; mode=block
Server
nginx/1.18.0
ETag
"1155df93875d51eec856609825b3bf00c93b6a89"
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
bytes, bytes
Expires
Tue, 23 May 2023 16:04:18 GMT

Redirect headers

date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
gzip
strict-transport-security
max-age=35768000
server
nginx/1.18.0
content-type
text/html; charset=UTF-8
location
https://cdn4.telesco.pe/file/e6WKRk3iTht8NqTGZ424F20FJGeM8sq94xtF6L7Igq5HDmP_YmmtaR0t7NmwYBGUgj-E9M0jz-d_G4MRiaM1q1iFweSnPJWcBVPgJvditwlaBk0oIUwmNXQa6kbPKkGd-e-3epa6Tmta2f1KxJwz2ZYqPvXhj3PRyt68zvZAfaHVAT1VwmCbtusd3uWcHdOrxXOVaBvry-og3TatrPL3yzINjHXVkVqOJMjJg42APqx8sdl48K4ilHK-hayKy2lXPUWLY8N3YrKE59eEevrqu0uTqUnbzc226HyVVHDwa5FDJyK-9seXMk9MIrAd106w0BLt1td8NfqmF_oHbj2V3A.jpg
cache-control
max-age=3600, public
content-length
20
expires
Sun, 23 Apr 2023 17:04:18 GMT
Q8Nb0d_AMvNrhQs78rvDO3hv80Ty4_1joxX0ytw9wlwQ_xXFk2ntmwtyxgQ5v5muP8FRgnDi35qA3bGsWOwOC-ZKlIBkJ41yl85cO5iYDtokG6CDHKubFiQzDRtTmEEsOl-y2Bw7m9i9HUYRSgg9kRO8NZt-CyywW-p_uLBHB3WLW6EjkoBhXHKdDvCWgPFeYQDLE...
cdn4.telesco.pe/file/ Frame B86A
Redirect Chain
  • https://tx.me/i/userpic/320/WQD1Dw4_FsV8k-sQqMc8j9iu2T0uMqAoBKK_vfnzgn2qvXr11fb3ZG73kKBk1Yjz.jpg
  • https://cdn4.telesco.pe/file/Q8Nb0d_AMvNrhQs78rvDO3hv80Ty4_1joxX0ytw9wlwQ_xXFk2ntmwtyxgQ5v5muP8FRgnDi35qA3bGsWOwOC-ZKlIBkJ41yl85cO5iYDtokG6CDHKubFiQzDRtTmEEsOl-y2Bw7m9i9HUYRSgg9kRO8NZt-CyywW-p_uLBH...
22 KB
22 KB
Image
General
Full URL
https://cdn4.telesco.pe/file/Q8Nb0d_AMvNrhQs78rvDO3hv80Ty4_1joxX0ytw9wlwQ_xXFk2ntmwtyxgQ5v5muP8FRgnDi35qA3bGsWOwOC-ZKlIBkJ41yl85cO5iYDtokG6CDHKubFiQzDRtTmEEsOl-y2Bw7m9i9HUYRSgg9kRO8NZt-CyywW-p_uLBHB3WLW6EjkoBhXHKdDvCWgPFeYQDLExVgVZCf3hdUYe24az0NhDgmxQ7ETlFOhcbQF0SxKJ8n3Vb8Cx25RMcjvA9atzM6vp-PwE_r4TUxtUFJrYuuEcc-_c8QCfNtLEcRkII_m7Btjxm07tUgjONZsoqkpcd-UUsJBkWkbgBn1Z99OA.jpg
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
HTTP/1.1
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
31fe57aa244712e3564a0c2063e6a73d11c26fc14354d52b714bc3e9104e38ca
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 16:04:18 GMT
Content-Security-Policy
default-src 'none'; sandbox
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Connection
keep-alive
Content-Length
22164
X-XSS-Protection
1; mode=block
Server
nginx/1.18.0
ETag
"8bba83977af30de02f256b840d429c8f06d74c70"
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
bytes, bytes
Expires
Tue, 23 May 2023 16:04:18 GMT

Redirect headers

date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
gzip
strict-transport-security
max-age=35768000
server
nginx/1.18.0
content-type
text/html; charset=UTF-8
location
https://cdn4.telesco.pe/file/Q8Nb0d_AMvNrhQs78rvDO3hv80Ty4_1joxX0ytw9wlwQ_xXFk2ntmwtyxgQ5v5muP8FRgnDi35qA3bGsWOwOC-ZKlIBkJ41yl85cO5iYDtokG6CDHKubFiQzDRtTmEEsOl-y2Bw7m9i9HUYRSgg9kRO8NZt-CyywW-p_uLBHB3WLW6EjkoBhXHKdDvCWgPFeYQDLExVgVZCf3hdUYe24az0NhDgmxQ7ETlFOhcbQF0SxKJ8n3Vb8Cx25RMcjvA9atzM6vp-PwE_r4TUxtUFJrYuuEcc-_c8QCfNtLEcRkII_m7Btjxm07tUgjONZsoqkpcd-UUsJBkWkbgBn1Z99OA.jpg
cache-control
max-age=3600, public
content-length
20
expires
Sun, 23 Apr 2023 17:04:18 GMT
iWFfff5QK5KIK37H-TNYa6vNW157bIte2ULaF33Em3tqmPDu_eJeK4SgEA5Ywg0IOn8wL7ceNwUdoNMhintDBAyNZmhxUVUKfnDdJaWsmLZDDUhnvgsuX24J6256BZa8z1eVukvNG1BtfTNkyiNG_oOupHuh-vM-SOMEnrCeYqVVbjdNmqz8Gs7g6knQpYkW7Gyxw...
cdn4.telesco.pe/file/ Frame B86A
Redirect Chain
  • https://tx.me/i/userpic/320/ZmDti9JplDRibOkHfoNMteVZ7Cd94AbFmfV50Z6HU6Q.jpg
  • https://cdn4.telesco.pe/file/iWFfff5QK5KIK37H-TNYa6vNW157bIte2ULaF33Em3tqmPDu_eJeK4SgEA5Ywg0IOn8wL7ceNwUdoNMhintDBAyNZmhxUVUKfnDdJaWsmLZDDUhnvgsuX24J6256BZa8z1eVukvNG1BtfTNkyiNG_oOupHuh-vM-SOMEnrCe...
34 KB
35 KB
Image
General
Full URL
https://cdn4.telesco.pe/file/iWFfff5QK5KIK37H-TNYa6vNW157bIte2ULaF33Em3tqmPDu_eJeK4SgEA5Ywg0IOn8wL7ceNwUdoNMhintDBAyNZmhxUVUKfnDdJaWsmLZDDUhnvgsuX24J6256BZa8z1eVukvNG1BtfTNkyiNG_oOupHuh-vM-SOMEnrCeYqVVbjdNmqz8Gs7g6knQpYkW7GyxwHzNlYCsD2HbIy1WeG9HmMnzr7ZRI526hqmoe86MiPB90IJ5PSzDu0x2oTrr3sua7-9__4DH1BoeAQyM0eegEwpm1bkLtxXaa3pUb4tOD7rIGv4THUv8_OCjSmBFdDTbWINETX32FGStO-g_tg.jpg
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
HTTP/1.1
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
688af70209889544a8bbeb09c68b19cca60311f2f1d6398632eda5b662cf5a8e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 16:04:18 GMT
Content-Security-Policy
default-src 'none'; sandbox
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Connection
keep-alive
Content-Length
34799
X-XSS-Protection
1; mode=block
Server
nginx/1.18.0
ETag
"e927e26dda47c26b7b86b2c82dea3370d03f1ea5"
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
bytes, bytes
Expires
Tue, 23 May 2023 16:04:18 GMT

Redirect headers

date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
gzip
strict-transport-security
max-age=35768000
server
nginx/1.18.0
content-type
text/html; charset=UTF-8
location
https://cdn4.telesco.pe/file/iWFfff5QK5KIK37H-TNYa6vNW157bIte2ULaF33Em3tqmPDu_eJeK4SgEA5Ywg0IOn8wL7ceNwUdoNMhintDBAyNZmhxUVUKfnDdJaWsmLZDDUhnvgsuX24J6256BZa8z1eVukvNG1BtfTNkyiNG_oOupHuh-vM-SOMEnrCeYqVVbjdNmqz8Gs7g6knQpYkW7GyxwHzNlYCsD2HbIy1WeG9HmMnzr7ZRI526hqmoe86MiPB90IJ5PSzDu0x2oTrr3sua7-9__4DH1BoeAQyM0eegEwpm1bkLtxXaa3pUb4tOD7rIGv4THUv8_OCjSmBFdDTbWINETX32FGStO-g_tg.jpg
cache-control
max-age=3600, public
content-length
20
expires
Sun, 23 Apr 2023 17:04:18 GMT
bX6w4auPeVwZSfCW66QXhzoa1VVSNwHLu3JyfdRRj_QwRNGw4hEUs4vli0ETTXD2srktaVybEseSF93e4Wk2ah0lPMN9QZ5zOXjgH1bqkcnr5oKFnN0b0UeDsD38jOzL2hkBAImdNWX0OG0_nIzswYpNnmE8IVGdCOU_DNnqh487Ionszf9Ds91ey5HUnA5i71Wv2...
cdn4.telesco.pe/file/ Frame B86A
Redirect Chain
  • https://tx.me/i/userpic/320/whaitzrJANTGcxUUGzgkBso4ix5RTEMxy-5j6sqr2d8.jpg
  • https://cdn4.telesco.pe/file/bX6w4auPeVwZSfCW66QXhzoa1VVSNwHLu3JyfdRRj_QwRNGw4hEUs4vli0ETTXD2srktaVybEseSF93e4Wk2ah0lPMN9QZ5zOXjgH1bqkcnr5oKFnN0b0UeDsD38jOzL2hkBAImdNWX0OG0_nIzswYpNnmE8IVGdCOU_DNnq...
31 KB
32 KB
Image
General
Full URL
https://cdn4.telesco.pe/file/bX6w4auPeVwZSfCW66QXhzoa1VVSNwHLu3JyfdRRj_QwRNGw4hEUs4vli0ETTXD2srktaVybEseSF93e4Wk2ah0lPMN9QZ5zOXjgH1bqkcnr5oKFnN0b0UeDsD38jOzL2hkBAImdNWX0OG0_nIzswYpNnmE8IVGdCOU_DNnqh487Ionszf9Ds91ey5HUnA5i71Wv2Isf9U5xqQPAMvGcSaZy7ecMtV4Sq5rCt2qo8cDThsrnWgqJrz788bDSdZmE7KrwZb8EioWZI5MPqMSeBNMOR77U79e5rUa7IVL25_sK052ym1nrJT0F24IQ-8r4jpCrfVE3RNloIQK1GKkm_Q.jpg
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
HTTP/1.1
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
ed441bafd524da7d97ddd554de2197be2d49db0ebadb0b7a3f9fcd6f7e9b9397
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 16:04:18 GMT
Content-Security-Policy
default-src 'none'; sandbox
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Connection
keep-alive
Content-Length
31936
X-XSS-Protection
1; mode=block
Server
nginx/1.18.0
ETag
"596a76c5a5bf005cc3eac111cc037f1986e09cf3"
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
bytes, bytes
Expires
Tue, 23 May 2023 16:04:18 GMT

Redirect headers

date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
gzip
strict-transport-security
max-age=35768000
server
nginx/1.18.0
content-type
text/html; charset=UTF-8
location
https://cdn4.telesco.pe/file/bX6w4auPeVwZSfCW66QXhzoa1VVSNwHLu3JyfdRRj_QwRNGw4hEUs4vli0ETTXD2srktaVybEseSF93e4Wk2ah0lPMN9QZ5zOXjgH1bqkcnr5oKFnN0b0UeDsD38jOzL2hkBAImdNWX0OG0_nIzswYpNnmE8IVGdCOU_DNnqh487Ionszf9Ds91ey5HUnA5i71Wv2Isf9U5xqQPAMvGcSaZy7ecMtV4Sq5rCt2qo8cDThsrnWgqJrz788bDSdZmE7KrwZb8EioWZI5MPqMSeBNMOR77U79e5rUa7IVL25_sK052ym1nrJT0F24IQ-8r4jpCrfVE3RNloIQK1GKkm_Q.jpg
cache-control
max-age=3600, public
content-length
20
expires
Sun, 23 Apr 2023 17:04:18 GMT
jquery.min.js
tg.dev/js/ Frame B86A
94 KB
38 KB
Script
General
Full URL
https://tg.dev/js/jquery.min.js
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Fri, 10 Nov 2017 17:54:14 GMT
server
nginx/1.18.0
etag
W/"5a05e7c6-1762a"
content-type
application/javascript
cache-control
max-age=345600
expires
Thu, 27 Apr 2023 16:04:18 GMT
jquery-ui.min.js
tg.dev/js/ Frame B86A
96 KB
32 KB
Script
General
Full URL
https://tg.dev/js/jquery-ui.min.js
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Fri, 10 Nov 2017 17:54:14 GMT
server
nginx/1.18.0
etag
W/"5a05e7c6-181a9"
content-type
application/javascript
cache-control
max-age=345600
expires
Thu, 27 Apr 2023 16:04:18 GMT
bootstrap.min.js
tg.dev/js/ Frame B86A
31 KB
10 KB
Script
General
Full URL
https://tg.dev/js/bootstrap.min.js
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b5e930df6a2976d5df996e18b347e091756699ea32716dc53d0e1c0fd814c526
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Fri, 10 Nov 2017 17:54:14 GMT
server
nginx/1.18.0
etag
W/"5a05e7c6-7d0d"
content-type
application/javascript
cache-control
max-age=345600
expires
Thu, 27 Apr 2023 16:04:18 GMT
main-aj.js
tg.dev/js/ Frame B86A
35 KB
10 KB
Script
General
Full URL
https://tg.dev/js/main-aj.js?67
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f29b8ecbab4c1e594014a0ab615d1ffd1e9b0441cf76df655af17844de20970a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Sat, 03 Dec 2022 11:05:59 GMT
server
nginx/1.18.0
etag
W/"638b2d97-8d2d"
content-type
application/javascript
cache-control
max-age=345600
expires
Thu, 27 Apr 2023 16:04:18 GMT
tgsticker.js
tg.dev/js/ Frame B86A
24 KB
7 KB
Script
General
Full URL
https://tg.dev/js/tgsticker.js?31
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
42d42f23d7276824168808093be0f20e3e53673718c79349cc22da88f58d3e23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 29 Mar 2023 11:31:32 GMT
server
nginx/1.18.0
etag
W/"64242194-601c"
content-type
application/javascript
cache-control
max-age=345600
expires
Thu, 27 Apr 2023 16:04:18 GMT
telegram-widget.js
oauth.tg.dev/js/ Frame B86A
20 KB
6 KB
Script
General
Full URL
https://oauth.tg.dev/js/telegram-widget.js?22
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Mon, 03 Apr 2023 11:46:12 GMT
server
nginx/1.18.0
etag
W/"642abc84-4ff5"
content-type
application/javascript
cache-control
max-age=345600
expires
Thu, 27 Apr 2023 16:04:18 GMT
widget-frame.js
tg.dev/js/ Frame B86A
92 KB
25 KB
Script
General
Full URL
https://tg.dev/js/widget-frame.js?62
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9db6a684c4b8c87ced6ca91ed34a348464a41df4d3f74c007cae6d87e68a1e88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 20 Apr 2023 18:46:51 GMT
server
nginx/1.18.0
etag
W/"6441889b-16f16"
content-type
application/javascript
cache-control
max-age=345600
expires
Thu, 27 Apr 2023 16:04:18 GMT
comments.js
comments.app/js/ Frame B86A
81 KB
22 KB
Script
General
Full URL
https://comments.app/js/comments.js?35
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.13 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
aa441bf5f2ac8c608371513bad73ea45ad6dc8b7c50e3c6841af81147d0b96ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 17 Nov 2020 20:59:36 GMT
server
nginx/1.20.1
etag
W/"5fb439b8-142f4"
content-type
application/javascript
collect
www.google-analytics.com/j/
1 B
204 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=924536808&t=pageview&_s=1&dl=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&ul=en-us&de=UTF-8&dt=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1131192926&gjid=588078767&cid=290888188.1682265858&tid=UA-139618482-1&_gid=1438090985.1682265858&_r=1&gtm=457e34j0&jsscut=1&z=566014483
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://presaver.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://presaver.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
advert.gif
mc.yandex.ru/metrika/
43 B
113 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: presaver.com
URL: https://presaver.com/1/download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://presaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 21 Apr 2023 13:01:10 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64425ee6-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 23 Apr 2023 17:04:18 GMT
1
mc.yandex.ru/watch/49162435/
Redirect Chain
  • https://mc.yandex.ru/watch/49162435?wmode=7&page-url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flogxj2lsv%3Afp%3A1040%3Afu%3A0%3...
  • https://mc.yandex.ru/watch/49162435/1?wmode=7&page-url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flogxj2lsv%3Afp%3A1040%3Afu%3A0...
439 B
522 B
XHR
General
Full URL
https://mc.yandex.ru/watch/49162435/1?wmode=7&page-url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flogxj2lsv%3Afp%3A1040%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A1029729085882%3Ahid%3A55369251%3Az%3A0%3Ai%3A20230423160418%3Aet%3A1682265858%3Ac%3A1%3Arn%3A244017119%3Arqn%3A1%3Au%3A1682265858711142255%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C101%2C1%2C716%2C0%2C%2C227%2C0%2C%2C%2C%2C1046%3Aco%3A0%3Acpf%3A1%3Ans%3A1682265857021%3Arqnl%3A1%3Ast%3A1682265858%3At%3A220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Requested by
Host: presaver.com
URL: https://presaver.com/1/download
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
ba685c6fbd4f50d5ba445f7273ab25d177498998ab98d6ec8cc01ca5c82e755b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://presaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 23-Apr-2023 16:04:18 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://presaver.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
439
x-xss-protection
1; mode=block
expires
Sun, 23-Apr-2023 16:04:18 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:18 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 23-Apr-2023 16:04:18 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/49162435/1?wmode=7&page-url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flogxj2lsv%3Afp%3A1040%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A1029729085882%3Ahid%3A55369251%3Az%3A0%3Ai%3A20230423160418%3Aet%3A1682265858%3Ac%3A1%3Arn%3A244017119%3Arqn%3A1%3Au%3A1682265858711142255%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C101%2C1%2C716%2C0%2C%2C227%2C0%2C%2C%2C%2C1046%3Aco%3A0%3Acpf%3A1%3Ans%3A1682265857021%3Arqnl%3A1%3Ast%3A1682265858%3At%3A220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://presaver.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 23-Apr-2023 16:04:18 GMT
ead19007024d72aea18c.js
yastatic.net/partner-code-bundles/760801/
14 KB
5 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/760801/ead19007024d72aea18c.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
04472e52c1230e3afb93d131b83dbb2373a0d03ba6505d18ce8029f2b14c9b18
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://presaver.com/
Origin
https://presaver.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4850
last-modified
Thu, 20 Apr 2023 18:49:31 GMT
server
nginx/1.17.9
etag
"052b17495d7b4f15cc11b8d7084c24a8"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 22 Apr 2053 22:35:19 GMT
4fd2cf21ecbbeb4504d4.js
yastatic.net/partner-code-bundles/760801/
113 KB
24 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/760801/4fd2cf21ecbbeb4504d4.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
1475a424ba2f16a6e6e74e4a0de2ea10d2cbe3f6d0bcc8ff407a29d551daf9a3
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://presaver.com/
Origin
https://presaver.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
24057
last-modified
Thu, 20 Apr 2023 18:49:30 GMT
server
nginx/1.17.9
etag
"c37bc4b71522b794f7a428d80f917e7c"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 22 Apr 2053 22:35:19 GMT
host.js
yastatic.net/safeframe-bundles/0.83/
33 KB
9 KB
Script
General
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://presaver.com/
Origin
https://presaver.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 22 Apr 2053 22:37:53 GMT
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/
25 KB
26 KB
Font
General
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://presaver.com/
Origin
https://presaver.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26004
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
server
nginx/1.17.9
etag
"7f0cdaf91230f9789ca4162aedff612e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
9cd02a598b141bc5
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Apr 2024 21:52:04 GMT
1507304
yandex.ru/ads/meta/
99 KB
31 KB
XHR
General
Full URL
https://yandex.ru/ads/meta/1507304?target-ref=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&charset=utf-8&pcode-test-ids=731911%2C0%2C34%3B749183%2C0%2C17%3B749166%2C0%2C93%3B761275%2C0%2C26%3B757576%2C0%2C33%3B755247%2C0%2C55%3B755254%2C0%2C20%3B756836%2C0%2C2%3B757573%2C0%2C93%3B757710%2C0%2C2%3B734893%2C0%2C7%3B759074%2C0%2C95%3B759182%2C0%2C61%3B760801%2C0%2C75%3B681853%2C0%2C90&pcode-flags-map=eJydWGtv2zYU%2FSuD93Xo9KSkfqMkyiYsiRpJxXWLgvBaN%2FWQpEOabl2L%2FvddUrKtR0qnRYBEkX3OveR9HfLr4goLJVZso3CuSpySUhWMK1qrFNc14Yvnr74u%2FtndfNovni8kb8nit8XD%2FuMDfQv%2FI%2BT7QbT49vq3M03DWd5mUihWqwa3glgZIjcJ%2FI6B1DgtiSIZq84kJRVSO3NFc8L0A3yaMoV5NaLdf%2F57whr6oWHNqTC0GWtrqTjJKSeZpsRNY%2FfMc4LAO60NFqKqtpSUs7IEtlrqB8LVBstsRXIlaUUUKwpBpJ3X95zovGdpKyXTyyrZeK9%2F9aN3YxxKQmRwTcZyMkKamI336Klkp8BJKmGfcJ2rlOVbnQ4N5rgiEhaZkwLD4kecBS7FeGVBFKDzyjiRfKuzoCZyw%2FhaEc6ZPZ%2BiEAVRcnZLmtBdES4oq0fIKIwDiPAQixwvPGP7bBIZht8lXcNjy6%2FIFrzZwHIEXdZ2V5AT%2BdGM7mc52pqWDOekixSuRrn3cP9pP4AFXuwnTgeDrBPClOMEM035AQgiJwipFUsFAXfHW76%2F2%2F15sx8hfeQlnZcFfaEqsLUidLmSqpZ2k0HoJ64BbiFtyAvFW5WzCtPaBgudyPPRyV7K2RqcBVtqyWluRboQdvSoQQV1LjlNrXDPdVBg4C9J7amihUre0FyuFK3wklixgRvEzhl7bCsp4zqoHOe0Fb88kWGLtd%2BdwwqXG7wVdqQf9fucFw3UlWhYDYmhOw5rx0XpOY4zxgaOHwy6RqahtbTbC4GmT6WCwS4TnbtHe4q8sKYFmIwibw6nhe4pG13XkJ0%2Fw3B04AqX7ShavvM4uiSY16piHJoI5hRP1u2NjIaO0%2B9ywynjVG5VuoWmSjYN4%2FYNQxHqa%2B%2BYF%2F2YyQS3AhM3igcZSYXKMHRJqXCWQZSEpUuEiR%2B67ghrslhASsuV3qYG5zmtl3aSIAw6z82AhFSW24Yo3%2B51EEfhIDwVz2CfBE1pCbtmN5dE6LtIPSyykmbrC9aPHGYedzJFQYMtKIxhqhdR4MxezUns9TO486Mn6SaoZGb4lXib4mw9mPU2Spg%2Bge%2BNwrEipuGD5piPiinaDT3UxUHPFk4KqPKVKtmSZnZc7PctDdwsKK90znJSHydNw0lqb6oIuqLnjpIXpg6HTAK9BMoGdkA3SpFxPVOEsNY%2BchM3CIZybiLceiEBLwpaU0kgSbM1yA9rfaEgdBAauSgqzKX6oyUt0eSX3AoRQuFpmMsVB70z8cyoE52BtIb%2BQmGGlhe8ityojziIjBKg%2Fb7jQtcRLbR4Umbq2wMQxQlKTuO%2B4BRoyq3q8HryN%2FbFjfHpWgn60pr%2BCCV%2BH6UBQlwSkTO7SeBEJxbotblmsApzhOIAuVPLqgJZju22PM%2Fp9nqQjFovaB22lsy%2BQzEKXP9YJTB24WgBS4WkUSDGOx1g%2Bk430ufnnhlfFPvzVcilfQ0Qptgd1sZZRj6y9aaNXzrooMRDvajoKkKsaaMkN33rUidFCZy9OvDEdFEyrVLzXvZeIIn7KvgeiUmuEce7w2d1u%2Fus3u8P1%2B8fvkNnjmhqTVKcKhCK1vOeAxNpVIpdNW9WkCWDhKlhspo%2BuWyhK%2BsTFPTKjNAre4VGrhP0A49z1TVo2YKy6CrdbLRpKu1ydeG0C0xdqZb45dY0B2V02RD2dfFu%2F%2FDmfbW7vz7cLZ67Iaib2w9%2FHm724s3u5nB3vXjufRuxhjDOBknQtUWQaSotdSboQ%2FTQwKvF7e5w8%2Bz%2BE%2Fj23%2B7u7f4zPP9%2BuN1d7z%2BOXl3vbs2bt1%2F2d93Xd%2F8cHj50j7fPBv%2B8vTv0bzXziQFe3O%2B%2B3Hz48r7%2F%2BMt99%2FfT%2Fe7Z3f7fj7Mv%2FLX7cHsw0NePL3FYcefQ2sOHjnk%2BAuv8xBcCD8iuZGssIU2gU%2FFl36%2BUxEurbofp4A2aXUEg5TjBmYTD7AVg6DveXJ7QuoGxrPXJD4oTOO77KP4u4aAdQf%2Bw7%2BWZSRB5GueGpm6r9IIfoetHXSTM1ZC5hgEkTN2UZN24M3LQ3nOAJnLCH740KhiTE%2F%2FePNyMVwf6xT3phKY7d4CG7qW1vbiDBNTYCXxUKkBirozOZJduURIXHTWyyNfTA3wUJqEbj68ZXK9vT2YQm7O7XJGKWNcawg%2BajtTHxhHMNcWrZjonH1VuMyOh118Q%2FpwR8%2FkTLfS58DRD9vw6cU5T6Mw9t8YaXdn9l6vJhdUjboedBJNLpk99DGJXal0L6weJArNvmiozL1Hc36PosOeYrx%2BJ%2BgwEP12SQuzaMlf6nMlJf%2Ftnbv605ISDxAU1OE8nGJNDYnN3JbclWbbA8kTWubsnVlBr3X2WkqSCBijt6e0HcdItdMlx6mnDcBLKyfwmbbaSxIm60KxSBRh9DFMN4dnk3sQdg9zYO9%2BzzKoWObHjTi4H9Ztvr7%2F9Dy%2Be58I%3D&pcode-icookie=0YUH7sLbpnTYRQ4WFvRBBxy0go%2BpmgNkIeN8DmPlo1QsKTaHTMIHgwdNQzqduNba0ol7X%2BajEzwS9tvFOKWSU2j4E8M%3D&duid=MTY4MjI2NTg1ODcxMTE0MjI1NQ%3D%3D&imp-id=2&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=545907523190786&ad-session-id=9902461682265858316&target-id=49815122&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fpresaver.com&top-ancestor-undetermined=0&pcode-version=760801&pcodever=760801&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22supportHDRBrightness%22%3Afalse%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1220%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A800%2C%22top%22%3A284%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=1180&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNzR9CjKpNJEsv-siCNT5UBRZ8iTL1OkTnjw1jR2WnMpJ3IRtbaLgv26t6kH_--B_LbilGC4L6FEAd4zCTpR4S1_13u06zIxgGMEZxVWlIoPsi6CI5K1nfUEue3k29oG4NlZf9HUWdbnL6DZeNzsXY7k23iIuazoX6aPDeW-x-V8wnp2xnJcP2cY_EO-dDoVVt8h9EWe3aIfxlrnMvk4_gbto60zXLGzwD-NQki7oZ3ng5SxSRlM3wVCXZYMtQeeI8ze8VzvfAcYFx3xJ5XmnVEprKFEopS2JFcoaVUlTADCGVKrLOWXYatKDJGwkedxcmReJa-QHeZf5QW1BJckBuoFg73-u1p4gbAIC34td_Q_jLo05KLrAF9W5remm6DbmKZzFoJlTdjrYrNP6CX9yuJupBKBmZ_jfUm8ac6uLAMr9WKBQxpGwyySJ65LkYRIF2Zj5VPPyIljNMyd0rLRmSa4tlPhEfh94Wro_csVJoJukqSsk-kI989Mv0Wav0ha2zCWIqkxKW6GbpmlUWwh34vI_TaWxZA6QGotYkqaXmVwBaMVK-04fKpUEmdwjzBUIUmN-AmI57Nm1YXgpqWlzdclyQbjqdGrSKDMK3Obd4kpi3wvNnUUo4zQdPE2xWFQzWVC9PrPrfPa5GUYuqtU3otGxpa_gp60QT565Xn9USGbO2JXRivrX1xekCeFWzw-IFAYTK-rk3Hrc4dcLvCDyG7X09esH85ZylmnzpxniSSwba3BnzuwbwLmc8y0TMF-F_E62jXMNdCMmy8axsW1w1zWzQ4Pe6VG4FldCf67CbobtMJ8Ua9DXR_gI3-cmnPxkimH2BXGv2Ysy6QwZtIRpvrGte8ejWCJtftQIUeH7Trk711_FvTOMReoL5itUK-GT6M1L50tsK4RjQ8isgBgjbSaKHtR-d4ZaDnlfUAZUGeH23Zs97xQWXeEH8Z_TMliBlBqI9QayDrJL6o8Z4wii5RJXf7H4fFeYP4-rN8lN_w4ryZQ6xezk8HF0mR-Gh_K7hvCoB1lru4l9v1rcEuhlmgpaMuPEYItRcIQTBcS-2GtQE2HzyB9eqU4UXUWmgqGTDtriA_QXEk6feVwHK3xFbQGIB_Y%3D&uniformat=true&callback=Ya%5B4498309603765%5D
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
ff9521f14db3bcba4645963aeb36fd8425f984242fa81a3854bcc0794177cbb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://presaver.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr
true
x-yandex-req-id
1682265858374445-12213982072093227352-balancer-l7leveler-kubr-yp-sas-41-BAL-3075
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type
Direct
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sun, 23 Apr 2023 16:04:18 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat
true
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
application/json
access-control-allow-origin
https://presaver.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 23 Apr 2023 16:04:18 GMT
ad9484f763d5f32f230b.js
yastatic.net/partner-code-bundles/760801/
23 KB
8 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/760801/ad9484f763d5f32f230b.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
7127e3ede5e2d5e9f53084a1ea3220cf50c657b07c50eb013c846ce938c0cdde
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://presaver.com/
Origin
https://presaver.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
7934
last-modified
Thu, 20 Apr 2023 18:49:30 GMT
server
nginx/1.17.9
etag
"0f7f5c735ef0aa353920c1ee732dc93b"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 22 Apr 2053 22:35:19 GMT
3a34bba2a2bd1b32e60a.js
yastatic.net/partner-code-bundles/760801/
7 KB
3 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/760801/3a34bba2a2bd1b32e60a.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
29bd8a6d8a85db96d0cbebe00c17cee923bb3ec787a17762c39d46699c2580e1
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://presaver.com/
Origin
https://presaver.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
2069
last-modified
Thu, 20 Apr 2023 18:49:30 GMT
server
nginx/1.17.9
etag
"2ef1b9bd5c05517a3dab92b6a7da3135"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 22 Apr 2053 22:35:19 GMT
79063fac5577fbfc3cf5.js
yastatic.net/partner-code-bundles/760801/
612 KB
117 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/760801/79063fac5577fbfc3cf5.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
cb9bd074593253dc255f14eb8a168a015b7e8b0aa00c07622cc34a1f2b1394ab
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://presaver.com/
Origin
https://presaver.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
119403
last-modified
Thu, 20 Apr 2023 18:49:30 GMT
server
nginx/1.17.9
etag
"35ccb9b0d3830a3b1772fe710d5d489e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 22 Apr 2053 22:35:19 GMT
truncated
/ Frame B86A
981 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a60df03b91b9476787761e0a2740e3506dcc439e9d09ce04042bcab8b57ccce6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B86A
974 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ddd0d91489d750daa77e69eff926a5de2d39a04039843acb4b28f7eed5d349dc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
F09F9083.png
tx.me/img/emoji/40/ Frame B86A
2 KB
2 KB
Image
General
Full URL
https://tx.me/img/emoji/40/F09F9083.png
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.161.64.99 , Antigua And Barbuda, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3ddfc79789eb1552a27e7fff25e885ea3aca95b33d2a4c837d1ca3fbac4bb6de

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-934"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
2356
expires
Thu, 27 Apr 2023 16:04:18 GMT
F09F929C.png
tx.me/img/emoji/40/ Frame B86A
2 KB
2 KB
Image
General
Full URL
https://tx.me/img/emoji/40/F09F929C.png
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.161.64.99 , Antigua And Barbuda, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f4b2127d9174ac761cbb3cfe836ab43c2895bf3a8666b150f9513785b32d7536

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-889"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
2185
expires
Thu, 27 Apr 2023 16:04:18 GMT
F09F8D83.png
tx.me/img/emoji/40/ Frame B86A
3 KB
3 KB
Image
General
Full URL
https://tx.me/img/emoji/40/F09F8D83.png
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.161.64.99 , Antigua And Barbuda, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
7f412a933dc0f783eefd0e03a87605d091a187f9f1953cc5cd5e22f7324d925e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-b70"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
2928
expires
Thu, 27 Apr 2023 16:04:18 GMT
truncated
/ Frame B86A
694 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76216b6c25b768e5bee4b758dacfef993b3e87cc2d7fd9bf192bd685d1ae9bfb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B86A
706 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b28d8e93ecf9067ff746e514c79ad5adc53cc00965630bfe0b118cf80f7bf065

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
tg.dev/fonts/Roboto/ Frame B86A
11 KB
11 KB
Font
General
Full URL
https://tg.dev/fonts/Roboto/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: tg.dev
URL: https://tg.dev/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

Request headers

Referer
https://tg.dev/css/font-roboto.css?1
Origin
https://comments.app
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
"63512b7d-2b40"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
11072
expires
Thu, 27 Apr 2023 16:04:18 GMT
KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
tg.dev/fonts/Roboto/ Frame B86A
6 KB
7 KB
Font
General
Full URL
https://tg.dev/fonts/Roboto/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
Requested by
Host: tg.dev
URL: https://tg.dev/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
41b5c3b25f4258190937deb900fa57a6db6d450ce7dd2af2259af760119a1c41

Request headers

Referer
https://tg.dev/css/font-roboto.css?1
Origin
https://comments.app
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
"63512b7d-193c"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
6460
expires
Thu, 27 Apr 2023 16:04:18 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
tg.dev/fonts/Roboto/ Frame B86A
11 KB
11 KB
Font
General
Full URL
https://tg.dev/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: tg.dev
URL: https://tg.dev/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Request headers

Referer
https://tg.dev/css/font-roboto.css?1
Origin
https://comments.app
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
"63512b7d-2b14"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
11028
expires
Thu, 27 Apr 2023 16:04:18 GMT
KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
tg.dev/fonts/Roboto/ Frame B86A
6 KB
7 KB
Font
General
Full URL
https://tg.dev/fonts/Roboto/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
Requested by
Host: tg.dev
URL: https://tg.dev/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3e70e149a35f394bb78ef7842de11a06359fed7828f30331594a28d196c54012

Request headers

Referer
https://tg.dev/css/font-roboto.css?1
Origin
https://comments.app
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
"63512b7d-19e8"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
6632
expires
Thu, 27 Apr 2023 16:04:18 GMT
1
mc.yandex.ru/watch/49162435/
43 B
74 B
XHR
General
Full URL
https://mc.yandex.ru/watch/49162435/1?page-url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&charset=utf-8&hittoken=1682265858_1349d803385e103e543d589a82296a8f68bd13818f78855fff6d54aa5e70222c&browser-info=pa%3A1%3Aar%3A1%3Avf%3A10ym9geic8i73flogxj2lsv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A1%3Als%3A1029729085882%3Ahid%3A55369251%3Az%3A0%3Ai%3A20230423160418%3Aet%3A1682265858%3Ac%3A1%3Arn%3A703609325%3Arqn%3A2%3Au%3A1682265858711142255%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1682265857021%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682265858&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(2)lt(5500)aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://presaver.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:18 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 23-Apr-2023 16:04:18 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://presaver.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 23-Apr-2023 16:04:18 GMT
event_confirmation
an.yandex.ru/ Frame
0
0
Preflight
General
Full URL
https://an.yandex.ru/event_confirmation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://presaver.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://presaver.com
access-control-max-age
1728000
content-encoding
gzip
date
Sun, 23 Apr 2023 16:04:18 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-xss-protection
1; mode=block
event_confirmation
an.yandex.ru/
0
51 B
XHR
General
Full URL
https://an.yandex.ru/event_confirmation
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://presaver.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Apr 2023 16:04:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://presaver.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:19 GMT
1507304
mc.yandex.ru/watch/
256 B
292 B
XHR
General
Full URL
https://mc.yandex.ru/watch/1507304?wmode=7&page-url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flogxj2lsv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A2%3Adp%3A1%3Als%3A1320259508838%3Ahid%3A55369251%3Az%3A0%3Ai%3A20230423160418%3Aet%3A1682265859%3Ac%3A1%3Arn%3A59475855%3Au%3A1682265858711142255%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1682265857021%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682265859%3At%3A220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=mc(p-1)clc(0-0-0)lt(5500)aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
6fd35508fd0d052bf826e387a0df0ce1392484da0f5c065269e7bdb24383744c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://presaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 23-Apr-2023 16:04:18 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://presaver.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
256
x-xss-protection
1; mode=block
expires
Sun, 23-Apr-2023 16:04:18 GMT
y300
avatars.mds.yandex.net/get-direct/225323/ZcplwO9hT2asLNCaAZ6X2g/
1 KB
2 KB
Image
General
Full URL
https://avatars.mds.yandex.net/get-direct/225323/ZcplwO9hT2asLNCaAZ6X2g/y300
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx /
Resource Hash
a44643c75273fae6bc16f15ef190faa329c5242a765fc7cf33a4c8745c91fc6b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://presaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
last-modified
Mon, 22 Jun 2020 14:20:35 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
content-length
1358
x-request-id
9004bea7700437ca
icon-192.png
yastatic.net/s3/games-static/favicons/
24 KB
24 KB
Image
General
Full URL
https://yastatic.net/s3/games-static/favicons/icon-192.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://presaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
24134
last-modified
Thu, 14 Apr 2022 12:22:42 GMT
server
nginx/1.17.9
etag
"7819c957eaa80af5bf14f760d49b64a7"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=216013
x-nginx-request-id
93e488ece19b7add
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 04:02:18 GMT
render.html
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame A970
24 KB
7 KB
Document
General
Full URL
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Requested by
Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://presaver.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=946708560
content-encoding
br
content-length
6262
content-type
text/html
date
Sun, 23 Apr 2023 16:04:18 GMT
etag
"eb77de48712912aadc9aa8171ac75ede"
expires
Tue, 22 Apr 2053 22:37:01 GMT
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server
nginx/1.17.9
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
vary
Accept-Encoding
x-robots-tag
noindex, noarchive, nofollow
trace
yandex.ru/ads/
0
837 B
XHR
General
Full URL
https://yandex.ru/ads/trace
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://presaver.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1682265858854416-16009424692002479074-balancer-l7leveler-kubr-yp-sas-143-BAL-2143
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
1
mc.yandex.ru/watch/1507304/
43 B
74 B
XHR
General
Full URL
https://mc.yandex.ru/watch/1507304/1?page-url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&charset=utf-8&cnt-class=1&hittoken=1682265858_b6da3023c5766961d86b86a64d1b68fa76a29a824a4a3af3f9246eeb327469d1&browser-info=pa%3A1%3Aar%3A1%3Avf%3A10ym9geic8i73flogxj2lsv%3Afp%3A1040%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A2%3Adp%3A1%3Als%3A1320259508838%3Ahid%3A55369251%3Az%3A0%3Ai%3A20230423160418%3Aet%3A1682265859%3Ac%3A1%3Arn%3A7988680%3Arqn%3A1%3Au%3A1682265858711142255%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C101%2C1%2C716%2C0%2C%2C227%2C0%2C1467%2C1467%2C0%2C1046%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1682265857021%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682265859&t=mc(p-2-h-1)clc(0-0-0)rqnt(1)lt(5500)aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://presaver.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:18 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 23-Apr-2023 16:04:18 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://presaver.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 23-Apr-2023 16:04:18 GMT
1507304
mc.yandex.ru/watch/
43 B
74 B
XHR
General
Full URL
https://mc.yandex.ru/watch/1507304?page-url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&charset=utf-8&cnt-class=1&hittoken=1682265858_b6da3023c5766961d86b86a64d1b68fa76a29a824a4a3af3f9246eeb327469d1&browser-info=pv%3A1%3Aar%3A1%3Avf%3A10ym9geic8i73flogxj2lsv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A2%3Adp%3A1%3Als%3A1320259508838%3Ahid%3A55369251%3Az%3A0%3Ai%3A20230423160418%3Aet%3A1682265859%3Ac%3A1%3Arn%3A776223352%3Arqn%3A2%3Au%3A1682265858711142255%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1682265857021%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682265859%3At%3A220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=mc(p-2-h-1)clc(0-0-0)rqnt(2)lt(5500)aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://presaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:18 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 23-Apr-2023 16:04:18 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://presaver.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 23-Apr-2023 16:04:18 GMT
d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame A970
95 B
400 B
Image
General
Full URL
https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 16:04:18 GMT
Strict-Transport-Security
max-age=315360000; includeSubDomains
Server
nginx/1.14.2
X-RT-IH
0.0002
Content-Type
image/png
Cache-Control
private
Connection
close
X-RT-IQ
0.0001
Content-Length
95
Expires
Mon, 24 Apr 2023 16:04:18 GMT
5e24d0ca9f05fe1eb285a9
an.yandex.ru/mapuid/arcspireis/ Frame A970
Redirect Chain
  • https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389
  • https://an.yandex.ru/mapuid/arcspireis/5e24d0ca9f05fe1eb285a9
43 B
108 B
Image
General
Full URL
https://an.yandex.ru/mapuid/arcspireis/5e24d0ca9f05fe1eb285a9
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Apr 2023 16:04:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:19 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/arcspireis/5e24d0ca9f05fe1eb285a9
date
Sun, 23 Apr 2023 16:04:18 GMT
x-envoy-upstream-service-time
0
server
envoy
content-length
0
0100007F025745644200530B0253B954
an.yandex.ru/mapuid/sapeis/ Frame A970
Redirect Chain
  • https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D
  • https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14
  • https://acint.net/rmatch?dp=14&euid=4003420A03574564C1007B8202FF612F&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D
  • https://an.yandex.ru/mapuid/sapeis/0100007F025745644200530B0253B954
43 B
80 B
Image
General
Full URL
https://an.yandex.ru/mapuid/sapeis/0100007F025745644200530B0253B954
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Apr 2023 16:04:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:19 GMT

Redirect headers

date
Sun, 23 Apr 2023 16:04:19 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://an.yandex.ru/mapuid/sapeis/0100007F025745644200530B0253B954
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
14c44bd0-367d-5471-9a60-b433fe25e330
an.yandex.ru/mapuid/betweendigitalis/ Frame A970
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1
  • https://an.yandex.ru/mapuid/betweendigitalis/14c44bd0-367d-5471-9a60-b433fe25e330
43 B
80 B
Image
General
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/14c44bd0-367d-5471-9a60-b433fe25e330
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Apr 2023 16:04:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:19 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/betweendigitalis/14c44bd0-367d-5471-9a60-b433fe25e330
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
demconf.jpg
dpm.demdex.net/ Frame A970
Redirect Chain
  • https://yandex.ru/an/mapuid/adobedmp/
  • https://dpm.demdex.net/ibs:dpid=423652&dpuuid=49FD040F92D87F05
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=49FD040F92D87F05
42 B
940 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=49FD040F92D87F05
Protocol
HTTP/1.1
Server
54.167.225.48 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-225-48.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v046-07eb370f1.edge-va6.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
HkKKijUwTzs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-1-v046-0591b6c65.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
KYZK+P8+Tgo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=49FD040F92D87F05
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
match
match.360yield.com/ul_cb/ Frame A970
Redirect Chain
  • https://yandex.ru/an/mapuid/azerionis/
  • https://match.360yield.com/match?external_user_id=A9B5B13F3D229955&publisher_dsp_id=429&publisher_call_type=redirect
  • https://match.360yield.com/ul_cb/match?external_user_id=A9B5B13F3D229955&publisher_dsp_id=429&publisher_call_type=redirect
43 B
198 B
Image
General
Full URL
https://match.360yield.com/ul_cb/match?external_user_id=A9B5B13F3D229955&publisher_dsp_id=429&publisher_call_type=redirect
Protocol
H2
Server
18.203.73.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-73-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 23 Apr 2023 16:04:18 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://match.360yield.com/ul_cb/match?external_user_id=A9B5B13F3D229955&publisher_dsp_id=429&publisher_call_type=redirect
access-control-allow-origin
*
date
Sun, 23 Apr 2023 16:04:18 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
yandex.ru/an/mapuid/behaviorx/ Frame A970
0
0
Image
General
Full URL
https://yandex.ru/an/mapuid/behaviorx/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

match
ads.betweendigital.com/ Frame A970
Redirect Chain
  • https://yandex.ru/an/mapuid/betweenx/
  • https://ads.betweendigital.com/match?bidder_id=161&external_user_id=5B50F82064E97112
  • https://ads.betweendigital.com/match?bidder_id=161&external_user_id=5B50F82064E97112&crf=1
68 B
598 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=5B50F82064E97112&crf=1
Protocol
H2
Server
203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
/match?bidder_id=161&external_user_id=5B50F82064E97112&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
pixel
im.bluevoox.com/ Frame A970
Redirect Chain
  • https://yandex.ru/an/mapuid/blueseaxcom/
  • https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=862847ED73475106
0
241 B
Image
General
Full URL
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=862847ED73475106
Protocol
HTTP/1.1
Server
52.45.175.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-175-185.compute-1.amazonaws.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Connection
close
Date
Sun, 23 Apr 2023 16:04:19 GMT
Server
openresty

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Sun, 23 Apr 2023 16:04:18 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1682265858804977-10334848072205660536-balancer-l7leveler-kubr-yp-sas-41-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=862847ED73475106
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:18 GMT
/
yandex.ru/an/mapuid/eplanningrtb/ Frame A970
0
0
Image
General
Full URL
https://yandex.ru/an/mapuid/eplanningrtb/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pixel
cm.g.doubleclick.net/ Frame A970
Redirect Chain
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=C643FEEF60A6D2FA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=C643FEEF60A6D2FA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Sun, 23 Apr 2023 16:04:18 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1682265858805678-14751382144467355519-balancer-l7leveler-kubr-yp-sas-41-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=C643FEEF60A6D2FA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:18 GMT
pixel
cm.g.doubleclick.net/ Frame A970
Redirect Chain
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=C643FEEF60A6D2FA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=C643FEEF60A6D2FA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Sun, 23 Apr 2023 16:04:18 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1682265858805947-12191831519666828000-balancer-l7leveler-kubr-yp-sas-41-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=C643FEEF60A6D2FA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:18 GMT
pixel
cm.g.doubleclick.net/ Frame A970
Redirect Chain
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandexru
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=C643FEEF60A6D2FA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
170 B
409 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=C643FEEF60A6D2FA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Sun, 23 Apr 2023 16:04:18 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1682265858806214-11217516516421377288-balancer-l7leveler-kubr-yp-sas-41-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=C643FEEF60A6D2FA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:18 GMT
sync
t.adx.opera.com/ Frame A970
Redirect Chain
  • https://yandex.ru/an/mapuid/operacom/
  • https://t.adx.opera.com/sync?vendor=60143&uid=92FA1311BC21376C
35 B
467 B
Image
General
Full URL
https://t.adx.opera.com/sync?vendor=60143&uid=92FA1311BC21376C
Protocol
H2
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:18 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Sun, 23 Apr 2023 16:04:18 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1682265858806456-4765540197938984741-balancer-l7leveler-kubr-yp-sas-41-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://t.adx.opera.com/sync?vendor=60143&uid=92FA1311BC21376C
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:18 GMT
user-sync
rtb.programattik.com/ Frame A970
Redirect Chain
  • https://yandex.ru/an/mapuid/turktelekomrtb/
  • https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=FCE9BF0753CFFBB
42 B
152 B
Image
General
Full URL
https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=FCE9BF0753CFFBB
Protocol
H2
Server
85.111.6.50 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns1.ttidc.com.tr
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:19 GMT
cache-control
no-store
server
nginx
age
0
content-length
42
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Sun, 23 Apr 2023 16:04:18 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1682265858874673-14019024922439467203-balancer-l7leveler-kubr-yp-sas-41-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=FCE9BF0753CFFBB
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:18 GMT
/
yandex.ru/an/mapuid/xapadsssp/ Frame A970
43 B
159 B
Image
General
Full URL
https://yandex.ru/an/mapuid/xapadsssp/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Sun, 23 Apr 2023 16:04:18 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1682265858874951-9896578973555748533-balancer-l7leveler-kubr-yp-sas-41-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:18 GMT
72b1686b1785e12b75fc7ea4f64b73098f08bf0f036a4e8043c2cbd1c76b6793
an.yandex.ru/mapuid/mediascope/ Frame A970
Redirect Chain
  • https://cm.tns-counter.ru/yacm
  • https://an.yandex.ru/mapuid/mediascope/72b1686b1785e12b75fc7ea4f64b73098f08bf0f036a4e8043c2cbd1c76b6793
43 B
80 B
Image
General
Full URL
https://an.yandex.ru/mapuid/mediascope/72b1686b1785e12b75fc7ea4f64b73098f08bf0f036a4e8043c2cbd1c76b6793
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Apr 2023 16:04:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:19 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:18 GMT
server
ms-counter-4.0.4/1.22.1
content-type
text/html
location
https://an.yandex.ru/mapuid/mediascope/72b1686b1785e12b75fc7ea4f64b73098f08bf0f036a4e8043c2cbd1c76b6793
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
match
dm.hybrid.ai/ Frame A970
0
279 B
Image
General
Full URL
https://dm.hybrid.ai/match?id=182
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, DE),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:18 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
https://yastatic.net
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
108
x-xss-protection
1; mode=block
expires
-1
yandexdmp-match
dm.hybrid.ai/ Frame A970
0
237 B
Image
General
Full URL
https://dm.hybrid.ai/yandexdmp-match
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, DE),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:18 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
109
x-xss-protection
1; mode=block
expires
-1
i
dmg.digitaltarget.ru/awg/custom/119/i/ Frame A970
Redirect Chain
  • https://dmg.digitaltarget.ru/1/119/i/i?i=1682265858
  • https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1682265858941&i=1682265858
49 B
602 B
Image
General
Full URL
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1682265858941&i=1682265858
Protocol
HTTP/1.1
Server
185.15.175.130 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 16:04:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
9
Connection
keep-alive
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
image/gif
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Credentials
true

Redirect headers

Date
Sun, 23 Apr 2023 16:04:18 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Server
nginx
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
0
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1682265858941&i=1682265858
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
match
match.360yield.com/ Frame A970
Redirect Chain
  • https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID}
  • https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D
  • https://an.yandex.ru/mapuid/azerionis/f8788b66-f6e8-481b-b005-589227fc0677
  • https://match.360yield.com/match?external_user_id=f8788b66-f6e8-481b-b005-589227fc0677&publisher_dsp_id=429&publisher_call_type=redirect
43 B
198 B
Image
General
Full URL
https://match.360yield.com/match?external_user_id=f8788b66-f6e8-481b-b005-589227fc0677&publisher_dsp_id=429&publisher_call_type=redirect
Protocol
H2
Server
18.203.73.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-73-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 23 Apr 2023 16:04:19 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Apr 2023 16:04:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://match.360yield.com/match?external_user_id=f8788b66-f6e8-481b-b005-589227fc0677&publisher_dsp_id=429&publisher_call_type=redirect
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:19 GMT
f00ffd77-3752-4b5b-70ae-5f8bc623115f
an.yandex.ru/mapuid/buzzooladspis/ Frame A970
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D
  • https://an.yandex.ru/mapuid/buzzooladspis/f00ffd77-3752-4b5b-70ae-5f8bc623115f
43 B
80 B
Image
General
Full URL
https://an.yandex.ru/mapuid/buzzooladspis/f00ffd77-3752-4b5b-70ae-5f8bc623115f
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Apr 2023 16:04:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:19 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/buzzooladspis/f00ffd77-3752-4b5b-70ae-5f8bc623115f
date
Sun, 23 Apr 2023 16:04:18 GMT
server
nginx
content-length
113
serverid
TODO
content-type
text/html; charset=utf-8
JKp6xNfISUS7VpRNPdFxWw
an.yandex.ru/setud/mts_banner/ Frame A970
Redirect Chain
  • https://kimberlite.io/rtb/sync/yandex
  • https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZEVXA8tsYBs
  • https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZEVXA8tsYBs
  • https://tech.rtb.mts.ru/?dsp_uid=24aa7ac4-d7c8-4944-bb56-944d3dd1715b&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FJKp6xNfISUS7VpRNPdFxWw%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
  • https://an.yandex.ru/setud/mts_banner/JKp6xNfISUS7VpRNPdFxWw?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=2104951988
43 B
104 B
Image
General
Full URL
https://an.yandex.ru/setud/mts_banner/JKp6xNfISUS7VpRNPdFxWw?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=2104951988
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Apr 2023 16:04:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:19 GMT

Redirect headers

Date
Sun, 23 Apr 2023 16:04:19 GMT
Server
nginx/1.20.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://an.yandex.ru/setud/mts_banner/JKp6xNfISUS7VpRNPdFxWw?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=2104951988
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
an.yandex.ru/mapuid/targetrtbis/ Frame A970
Redirect Chain
  • https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
  • https://an.yandex.ru/mapuid/targetrtbis/
43 B
80 B
Image
General
Full URL
https://an.yandex.ru/mapuid/targetrtbis/
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Apr 2023 16:04:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:19 GMT

Redirect headers

Date
Sun, 23 Apr 2023 16:04:19 GMT
Server
nginx/1.22.1
Vary
Origin
Access-Control-Allow-Origin
*
Location
https://an.yandex.ru/mapuid/targetrtbis/
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
mitdmp.whiteboxdigital.ru/ Frame A970
0
0

ff4d640a-b994-5128-1328-30c03bb8e6b9
an.yandex.ru/mapuid/hyperdspis/ Frame A970
Redirect Chain
  • https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/
  • https://an.yandex.ru/mapuid/hyperdspis/ff4d640a-b994-5128-1328-30c03bb8e6b9
43 B
80 B
Image
General
Full URL
https://an.yandex.ru/mapuid/hyperdspis/ff4d640a-b994-5128-1328-30c03bb8e6b9
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Apr 2023 16:04:20 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:20 GMT

Redirect headers

Location
https://an.yandex.ru/mapuid/hyperdspis/ff4d640a-b994-5128-1328-30c03bb8e6b9
Access-Control-Allow-Origin
*
Date
Sun, 23 Apr 2023 16:04:20 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
/
an.yandex.ru/mapuid/ramblerssp/ Frame A970
Redirect Chain
  • https://profile.ssp.rambler.ru/sync3.302?pid=188
  • https://an.yandex.ru/mapuid/ramblerssp/
43 B
80 B
Image
General
Full URL
https://an.yandex.ru/mapuid/ramblerssp/
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Apr 2023 16:04:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:19 GMT

Redirect headers

date
Sun, 23 Apr 2023 16:04:19 GMT
strict-transport-security
max-age=0
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location
//an.yandex.ru/mapuid/ramblerssp/
content-type
application/x-javascript; charset=Windows-1251
x-passed
1bal1
content-length
0
urcFBIrn9fN.AikABlGHrtvkwQ
an.yandex.ru/mapuid/getintentis/ Frame A970
Redirect Chain
  • https://px.adhigh.net/p/cm/yandexssp
  • https://px.adhigh.net/p/cm/yandexssp?bounced=1
  • https://an.yandex.ru/mapuid/getintentis/urcFBIrn9fN.AikABlGHrtvkwQ
43 B
80 B
Image
General
Full URL
https://an.yandex.ru/mapuid/getintentis/urcFBIrn9fN.AikABlGHrtvkwQ
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Apr 2023 16:04:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:19 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:19 GMT
server
nginx
x-backend-id
f14-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
location
https://an.yandex.ru/mapuid/getintentis/urcFBIrn9fN.AikABlGHrtvkwQ
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
fNAHCq2Nc7u
an.yandex.ru/mapuid/dmpweborama/r/ij3J.XF3/ Frame A970
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=623374194
  • https://an.yandex.ru/mapuid/dmpweborama/r/ij3J.XF3/fNAHCq2Nc7u
43 B
80 B
Image
General
Full URL
https://an.yandex.ru/mapuid/dmpweborama/r/ij3J.XF3/fNAHCq2Nc7u
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Apr 2023 16:04:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:19 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:18 GMT
via
1.1 google
last-modified
Sun, 23 Apr 2023 16:04:19 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://an.yandex.ru/mapuid/dmpweborama/r/ij3J.XF3/fNAHCq2Nc7u
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
y
rtb-eu-warsaw.intent.ai/um/ Frame A970
68 B
844 B
Image
General
Full URL
https://rtb-eu-warsaw.intent.ai/um/y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
68
pragma
no-cache
last-modified
Sun, 23 Apr 2023 16:04:19 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34NifV%2FASlErQBzXUwyF%2FgEu30726OGwsPYK9DrnCwwJOTIJI1AapMQ52RVBhIF%2BciVkwBx4BzHC3EwG66YNNkMy%2Bbbedcz9alHezTsoX%2FCfVLVCoHI0AZdp0yMfL9%2Fz%2Baa%2FCH3JL5wD2JbwIdMikHbqJ2Rl"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
cf-ray
7bc75773fabc0111-AMS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Wed, 11 Nov 1998 11:11:11 GMT
12U8Ly8yFVrqNrh4VUYz
an.yandex.ru/mapuid/kadamis/ Frame A970
Redirect Chain
  • https://s.uuidksinc.net/match/501
  • https://an.yandex.ru/mapuid/kadamis/12U8Ly8yFVrqNrh4VUYz
43 B
80 B
Image
General
Full URL
https://an.yandex.ru/mapuid/kadamis/12U8Ly8yFVrqNrh4VUYz
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Apr 2023 16:04:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:19 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/kadamis/12U8Ly8yFVrqNrh4VUYz
date
Sun, 23 Apr 2023 16:04:19 GMT
server
nginx/1.23.2
content-length
0
5183af2c-ce1c-42d8-aeaf-c11553c30c85
an.yandex.ru/mapuid/mtsdspis/ Frame A970
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=yandex&id=map
  • https://sm.rtb.mts.ru/match/second?ssp=55&exu=map
  • https://tech.rtb.mts.ru/?dsp_uid=5183af2c-ce1c-42d8-aeaf-c11553c30c85&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F5183af2c-ce1c-42d8-aeaf-c11553c30c85
  • https://an.yandex.ru/mapuid/mtsdspis/5183af2c-ce1c-42d8-aeaf-c11553c30c85
43 B
80 B
Image
General
Full URL
https://an.yandex.ru/mapuid/mtsdspis/5183af2c-ce1c-42d8-aeaf-c11553c30c85
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Apr 2023 16:04:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:19 GMT

Redirect headers

Date
Sun, 23 Apr 2023 16:04:19 GMT
Server
nginx/1.20.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://an.yandex.ru/mapuid/mtsdspis/5183af2c-ce1c-42d8-aeaf-c11553c30c85
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
ct_sync.php
sync.magnitent.com/fbfli/ Frame A970
Redirect Chain
  • https://sonar.semantiqo.com/dmp/scr.php
  • https://counter.yadro.ru/id127/reff-id.gif?sid=fe3999a5546946629c82ec2215384e5d
  • https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=61BE14E4266C3AD4&sid=fe3999a5546946629c82ec2215384e5d
  • https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=fe3999a5546946629c82ec2215384e5d&spid=61BE14E4266C3AD4&v=
  • https://sync.magnitent.com/fbfli/ct_sync.php?ct=6da7c737ac0e484c9659a80c506616ad&sonar=fe3999a5546946629c82ec2215384e5d&spid=61BE14E4266C3AD4&v=
0
676 B
Image
General
Full URL
https://sync.magnitent.com/fbfli/ct_sync.php?ct=6da7c737ac0e484c9659a80c506616ad&sonar=fe3999a5546946629c82ec2215384e5d&spid=61BE14E4266C3AD4&v=
Protocol
H2
Server
95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.109.217.95.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Sun, 23 Apr 2023 16:04:20 GMT
mode
no-cors, no-cors
cache-control
no-cache, no-cache
content-encoding
gzip
server
nginx/1.20.1
content-type
text/html; charset=UTF-8

Redirect headers

location
https://sync.magnitent.com/fbfli/ct_sync.php?ct=6da7c737ac0e484c9659a80c506616ad&sonar=fe3999a5546946629c82ec2215384e5d&spid=61BE14E4266C3AD4&v=
access-control-allow-origin
*
date
Sun, 23 Apr 2023 16:04:19 GMT
mode
no-cors
server
nginx/1.20.1
content-type
text/html; charset=UTF-8
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame A970
42 B
201 B
Image
General
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad14.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 16:04:19 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame A970
42 B
201 B
Image
General
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad14.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 23 Apr 2023 16:04:19 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
pixel.gif
sync.1dmp.io/ Frame A970
12 B
155 B
Image
General
Full URL
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
87.242.89.90 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software
elb /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:19 GMT
last-modified
Mon, 30 Jan 2023 18:57:34 GMT
server
elb
accept-ranges
bytes
etag
"63d8131e-c"
content-length
12
content-type
text/html
/
sync.bumlam.com/ Frame A970
43 B
390 B
Image
General
Full URL
https://sync.bumlam.com/?src=yandex
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 23 Apr 2023 16:04:19 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
yandexortb
sync.dmp.otm-r.com/match/ Frame A970
0
70 B
Image
General
Full URL
https://sync.dmp.otm-r.com/match/yandexortb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.69.59.100 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.100.59.69.159.clients.your-server.de
Software
nginx/1.17.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 23 Apr 2023 16:04:19 GMT
server
nginx/1.17.10
yandex
sync.gonet-ads.com/match/ Frame A970
15 B
15 B
Image
General
Full URL
https://sync.gonet-ads.com/match/yandex?id=[buyerUid]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.105.236 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
70f60044d161bbdd9a7cbea74e2d3100726004b2d4ce04b0c84a0214bf13ce0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx
content-length
15
content-type
text/plain; charset=utf-8
2b00c264-e719-4485-a700-533267bfc979
an.yandex.ru/mapuid/upravelis/ Frame A970
Redirect Chain
  • https://sync.upravel.com/yandex/sync
  • https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
  • https://an.yandex.ru/mapuid/upravelis/2b00c264-e719-4485-a700-533267bfc979
43 B
80 B
Image
General
Full URL
https://an.yandex.ru/mapuid/upravelis/2b00c264-e719-4485-a700-533267bfc979
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Apr 2023 16:04:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:19 GMT

Redirect headers

date
Sun, 23 Apr 2023 16:04:19 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://an.yandex.ru/mapuid/upravelis/2b00c264-e719-4485-a700-533267bfc979
access-control-allow-origin
*
content-type
image/png
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
false
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
ks4vkwZDw3OZuDq5ltxmAQ
an.yandex.ru/mapuid/dmpaidatame/ Frame A970
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=YANDEX
  • https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
  • https://an.yandex.ru/mapuid/dmpaidatame/ks4vkwZDw3OZuDq5ltxmAQ?sign=2197098391
43 B
80 B
Image
General
Full URL
https://an.yandex.ru/mapuid/dmpaidatame/ks4vkwZDw3OZuDq5ltxmAQ?sign=2197098391
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Apr 2023 16:04:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:19 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:19 GMT
last-modified
Sun, 23 Apr 2023 16:04:18 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://an.yandex.ru/mapuid/dmpaidatame/ks4vkwZDw3OZuDq5ltxmAQ?sign=2197098391
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Sun, 23 Apr 2023 16:04:18 GMT
XMf0uEaIVQtc
an.yandex.ru/mapuid/dmpsegmento/ Frame A970
Redirect Chain
  • https://yandex-dmp-sync.rutarget.ru/sync
  • https://an.yandex.ru/mapuid/dmpsegmento/XMf0uEaIVQtc?sign=3140879891
43 B
80 B
Image
General
Full URL
https://an.yandex.ru/mapuid/dmpsegmento/XMf0uEaIVQtc?sign=3140879891
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Apr 2023 16:04:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:19 GMT

Redirect headers

Location
https://an.yandex.ru/mapuid/dmpsegmento/XMf0uEaIVQtc?sign=3140879891
Date
Sun, 23 Apr 2023 16:04:19 GMT
Server
nginx
Connection
close
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
HqufjwzFzlmt
an.yandex.ru/mapuid/rutargetis/ Frame A970
Redirect Chain
  • https://yandex-sync.rutarget.ru/sync
  • https://an.yandex.ru/mapuid/rutargetis/HqufjwzFzlmt
43 B
152 B
Image
General
Full URL
https://an.yandex.ru/mapuid/rutargetis/HqufjwzFzlmt
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Apr 2023 16:04:20 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:20 GMT

Redirect headers

Location
https://an.yandex.ru/mapuid/rutargetis/HqufjwzFzlmt
Date
Sun, 23 Apr 2023 16:04:19 GMT
Server
nginx
Connection
close
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
1Tut60tJ0Ha200000000U9nJPE9Ub_kcs3V4a4zmvVig-q9PIwPmrnG68F24YOIglJEKZNtnNumXbH4ediadQFaK95xA1EJLNWKIhOnbGB8J90i4J0mp6M-NG3WB6LVTWOYkPDJqWx3sCaxR8Snm5Cm_oyWC5BdA259zbv51Xe7XB-CieBbpcK0YIvbE0QNNClq2i...
yandex.ru/an/rtbcount/
43 B
214 B
XHR
General
Full URL
https://yandex.ru/an/rtbcount/1Tut60tJ0Ha200000000U9nJPE9Ub_kcs3V4a4zmvVig-q9PIwPmrnG68F24YOIglJEKZNtnNumXbH4ediadQFaK95xA1EJLNWKIhOnbGB8J90i4J0mp6M-NG3WB6LVTWOYkPDJqWx3sCaxR8Snm5Cm_oyWC5BdA259zbv51Xe7XB-CieBbpcK0YIvbE0QNNClq2iiyo_GU2Lqm2dwBIJ_C9CZ9mIBpWOlx5ol2NIG5eK2ipAr1HBxCYa9pA3D8ybndalfNCJ8uAO6itClCiZBVDdvFJUP8PvkkhO9LtmUHFPWSdVeYZMLZFxW2pLh1qyszWOJp0mdY1vVs_NnzN_LcsHlmc2yGV7-mVihIqVbhlk_gQ_LiMa6yMi7AUPDqsaniiVPELANeEGwXITD5NLf3JEzWQM2QmDKtRyVROtplBGcQmNJaSl81jpznJQwvlt3Xz3UDADfXX1zWyJh0nFsBZJKzqjGe8DCiFTSt8C7_91hFs9zkzEVmk7xP-jf_8_bJjlRHYs1lxMUnivcO65WQ62zWPDx0pxM3dES4k_e3zuO6h9pjVl9kOzOFzT0VB0exRBrbNSApQoRo1O-KSnXqSZBSuCCBpAGS3GuCz05C6gCe0
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://presaver.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 23 Apr 2023 16:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1682265858875219-3759714058267246747-balancer-l7leveler-kubr-yp-sas-41-BAL
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sun, 23 Apr 2023 16:04:18 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
image/gif
access-control-allow-origin
https://presaver.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 23 Apr 2023 16:04:18 GMT
event_confirmation
an.yandex.ru/ Frame
0
0
Preflight
General
Full URL
https://an.yandex.ru/event_confirmation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://presaver.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://presaver.com
access-control-max-age
1728000
content-encoding
gzip
date
Sun, 23 Apr 2023 16:04:18 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-xss-protection
1; mode=block
event_confirmation
an.yandex.ru/
0
393 B
XHR
General
Full URL
https://an.yandex.ru/event_confirmation
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://presaver.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 23 Apr 2023 16:04:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://presaver.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 23 Apr 2023 16:04:19 GMT
bundle.js
yastatic.net/q/set/s/rsya-tag-users/ Frame A970
105 KB
37 KB
Script
General
Full URL
https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Requested by
Host: presaver.com
URL: https://presaver.com/1/download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:20 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
last-modified
Fri, 29 Oct 2021 11:19:01 GMT
server
nginx/1.17.9
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag
W/"82bdc8db563d3e71c35534315f8a9fd5"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
e03b1eed48196f6e
timing-allow-origin
*
expires
Wed, 26 Apr 2023 04:04:16 GMT
watch.js
mc.yandex.ru/metrika/ Frame A970
164 KB
58 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
7fc63cc13b3210e7eead7fae7885d571206baa4e192d5e14bbaafe8ea257b42e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 21 Apr 2023 13:01:10 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64425ee6-e5f7"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
58871
expires
Sun, 23 Apr 2023 17:04:20 GMT
data
yandex.ru/set/s/rsya-tag-users/ Frame A970
403 B
738 B
Fetch
General
Full URL
https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fpresaver.com%2F
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
76eae2bc85c20a4cc23af20cc7f24d39ebf63822ecc392ec4a85961881c14b30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1682265860735968-4516063316703043856-balancer-l7leveler-kubr-yp-sas-41-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
public,max-age=300
access-control-allow-credentials
true
x-xss-protection
1; mode=block
conversion_async.js
www.googleadservices.com/pagead/ Frame A970
44 KB
16 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
2a348f9793269ef74e8bd0be51c68f47b76b1bbd1c054b78b8fa3feb0bb82971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16233
x-xss-protection
0
server
cafe
etag
7413974659963572443
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 23 Apr 2023 16:04:20 GMT
/
www.google.nl/pagead/1p-user-list/1014923426/ Frame A970
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=BFdFZOC8O8mtygXs8raICA...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=134634012&crd=&is_vtc=1&random=213112552
  • https://www.google.nl/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=134634012&crd=&is_vtc=1&random=213112552&ipr=y
42 B
108 B
Image
General
Full URL
https://www.google.nl/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=134634012&crd=&is_vtc=1&random=213112552&ipr=y
Protocol
H2
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.nl/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=134634012&crd=&is_vtc=1&random=213112552&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/1014923426/ Frame A970
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=BFdFZLi8O9OFygXZ_Ja4Ag...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=682509004&crd=&is_vtc=1&random=3423706648
  • https://www.google.nl/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=682509004&crd=&is_vtc=1&random=3423706648&ipr=y
42 B
108 B
Image
General
Full URL
https://www.google.nl/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=682509004&crd=&is_vtc=1&random=3423706648&ipr=y
Protocol
H2
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.nl/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=682509004&crd=&is_vtc=1&random=3423706648&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1TecQe3I0Ha200000000U9nJPE9Ub_kcs3V4a4zmvVig-q9PIwPmrnG68F24YOIglJEKZNtnNumXbH4ediadQFaK95xA1EJLNWKIhOnbGB8J90i4J0mp6M-NG3WB6LVTWOYkPDJqWx3sCaxR8Snm5Cm_omXITnLCtcLaa65W-Ciu2sZkN2QGo5AcKymC36kPVW7PP...
yandex.ru/an/rtbcount/
43 B
309 B
XHR
General
Full URL
https://yandex.ru/an/rtbcount/1TecQe3I0Ha200000000U9nJPE9Ub_kcs3V4a4zmvVig-q9PIwPmrnG68F24YOIglJEKZNtnNumXbH4ediadQFaK95xA1EJLNWKIhOnbGB8J90i4J0mp6M-NG3WB6LVTWOYkPDJqWx3sCaxR8Snm5Cm_omXITnLCtcLaa65W-Ciu2sZkN2QGo5AcKymC36kPVW7PPvd-0y4h9e5FKUcd-GGP6JWaNd0n_s9b-Cka03IebPaLgAYNMH58JcK6QPxB37BVIcOcHmMmjHkPUHR6s-RFoUayoGppzLMmohjWyYUpWnC_nD4ih6TtW5ahMBhvDx0m7c1XlC3o_j-lZwl-B5iZVfC5ueyFzWzPMbe_hVTTVSt-BGl8DmjOEK-oRfl93PQ-oSeKFOSXL2cww2ihoEaTR0qi4zYQfkruU-pldMKXCzYk70vUmBPdxgarrpTkdBw6SIKRpB03R1uds9WViV6c9xfQ1GIQvOUwPcIOlsI3MVkJxTuSVfSFMp_RJsH_glPUMZ7iZVqiTZPpCmCB0yC5x8mRs9bsiFESO1T_mFxmmDMJdI_UJSpwmNwwWsK1n-sNh2iuLkrati2nSWxZ3Wx6MnmOuVcKWu6XmHu0JzYeo000?confirmTime=2100000&confirmRatio=1000000&test-tag=545907523190786&format-type=118&actual-format=8&rnd=4321012171157&banner-sizes=eyI3MjA1NzYwNDgzMjY0Mjk0MiI6IjEyMjB4MzAwIn0%3D&width=1220&height=300
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://presaver.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 23 Apr 2023 16:04:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1682265860929255-5623805728522256182-balancer-l7leveler-kubr-yp-sas-41-BAL
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sun, 23 Apr 2023 16:04:20 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
image/gif
access-control-allow-origin
https://presaver.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 23 Apr 2023 16:04:20 GMT
advert.gif
mc.yandex.ru/metrika/ Frame A970
43 B
73 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 16:04:20 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 21 Apr 2023 13:01:10 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64425ee6-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 23 Apr 2023 17:04:20 GMT
3
mc.yandex.ru/watch/ Frame A970
256 B
352 B
XHR
General
Full URL
https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fpresaver.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w4vnwqw7z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A542186157984%3Ahid%3A694733067%3Az%3A0%3Ai%3A20230423160420%3Aet%3A1682265861%3Ac%3A1%3Arn%3A18298031%3Arqn%3A1%3Au%3A1682265861608051034%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C44%2C25%2C1%2C0%2C0%2C%2C13%2C0%2C85%2C85%2C0%2C85%3Aco%3A0%3Acpf%3A1%3Ans%3A1682265858668%3Ast%3A1682265861&t=clc(0-0-0)rqnt(1)aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
dc4178193a5a0581e5abd8c6e578562518b4c04fc07cd4a4837ebd22e6ccc1fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 23-Apr-2023 16:04:20 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
256
x-xss-protection
1; mode=block
expires
Sun, 23-Apr-2023 16:04:20 GMT
37412095
mc.yandex.ru/watch/ Frame A970
439 B
543 B
XHR
General
Full URL
https://mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fpresaver.com%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w4vnwqw7z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A2%3Adp%3A1%3Als%3A394725739063%3Ahid%3A694733067%3Aphid%3A55369251%3Az%3A0%3Ai%3A20230423160421%3Aet%3A1682265861%3Ac%3A1%3Arn%3A86594892%3Arqn%3A1%3Au%3A1682265861608051034%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C44%2C25%2C1%2C0%2C0%2C%2C13%2C0%2C85%2C85%2C0%2C85%3Aco%3A0%3Acpf%3A1%3Ans%3A1682265858668%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682265861%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e4aa76f000fc34afd28e0044a487cb12a6f8088413f6e9021cfa1bf69d0ff170
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 23-Apr-2023 16:04:21 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
439
x-xss-protection
1; mode=block
expires
Sun, 23-Apr-2023 16:04:21 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame A970
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1682265861036&cv=9&fst=1682265861036&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fpresaver.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff08e05957a5184f00042ddd43f2247e26b33e02c01523a1b61477a848bffd63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1377
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame A970
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1682265861039&cv=9&fst=1682265861039&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fpresaver.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a23ca1ab4f8ed97b92cc89cababc8649e348f3c2d85240abfd7c0f84ba04079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1381
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame A970
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1682265861042&cv=9&fst=1682265861042&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fpresaver.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b51e07a972cbfcf12ef06ca6f5d28217484d2ba420e3c38b423b49cdeebd315b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1376
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame A970
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1682265861043&cv=9&fst=1682265861043&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fpresaver.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1744e028d964153bee2fdd85519b047398cac4e5965777c292fa52db15a1fbb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1382
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
WPmejI_zOFi0bGm051KTCUucAn38yGK0-m4GW8200J42LqLa000003ZG_xS1Y082kG8lXrYhVXw4EV02zv66Y91yy0K1e0Qg0xW6x0791W8BhctiSqrKgGSE4JdbUZzn7VY02W682eq5Y0i4gWiGybfdomuH0G086EWA0_hm2mRW3OA2WO60W808c0w2bhZjnltSf...
yandex.ru/an/count/
43 B
675 B
XHR
General
Full URL
https://yandex.ru/an/count/WPmejI_zOFi0bGm051KTCUucAn38yGK0-m4GW8200J42LqLa000003ZG_xS1Y082kG8lXrYhVXw4EV02zv66Y91yy0K1e0Qg0xW6x0791W8BhctiSqrKgGSE4JdbUZzn7VY02W682eq5Y0i4gWiGybfdomuH0G086EWA0_hm2mRW3OA2WO60W808c0w2bhZjnltSfbIe3uwYfFskxy-u7P0GkhFccR3Kb_Qy0VWG4eIjiPCuy18IY1C2a1Coc1FW507m5S6AzkoZZxpyOw0MaCFKeGR95jWMWHUe5mdG627u6DARoCVst_ZM2u0PYHcscGiPk1d___y1m1c2jl64qCh8hNBI6H9vOM9pNtDbSdPbSYzoE34qBJBe6SG9y1c0mWEO6jJ3Kx0RIBWR0u8S3MTXHJfGKJPlLKLeQ3Vf780T_t_m7m6080A880pG8V___m7L8l__V_-18w0Z0V8Z4m1pQ-gfNbA3_uOP5SUJqxwZmKmHvPyPkX5Ao27Dmxk58GY1j7oWVTHi1QjM5_1QEsUyy4SHgIIDyWHH8XWK~1=WQ0ejI_zOBe0jGm0z1QSeXupkW66a-pVcDRjcvy1W075zQpb0uW1YvgdsbQG0VoTqhRGW8200fW1g9tIjb2u0O2R-xeWs07UgQ2L0U01r8ADb07e0Jxu0PIwthu1e0AqZGAm0-uSY0Nft2EG1UkJCx05se0Dk0NQW0t01ThAu0N81PUYkm7G1TBD1AW6gWEf1muHEULwFt4Tk0U01T08keY0WSA0W0RW2Dg60UW91u0A0VWAWBKOw0oJ0fWDyR8sa881eH6ScPcPcPdPY181a181g1Fl_lhngloch1VG5D_TrXxe58m2e1QGmzIX1iaMy3_G5fIwthu1c1U_-Oehk1S1m1UrrW6W6Qe3k1d___y1-1czlPqSWHh__mTR9jgdJgWU0R0V0SWVxvJGIgaWHfSlqQtEfZ-u89ZBBP0YpTuja2BEtYsG8i_UBP0Y_8Ska2BzXowG8lw7BjKY__z__u4ZYIFPFv0ZpVteal7KrfES0PWZvfATnDEarkTQ2W2UF0-i0aPEncjawf91QbQXAOgDjHNo9jbopXiQbT8v1jj44G00~1?stat-id=2&test-tag=545907523246609&banner-sizes=eyI3MjA1NzYwNDgzMjY0Mjk0MiI6IjEyMjB4MzAwIn0%3D&format-type=118&actual-format=8&pcodever=760801&banner-test-tags=eyI3MjA1NzYwNDgzMjY0Mjk0MiI6IjU3MzkzIn0%3D&constructor-rendered-assets=eyI3MjA1NzYwNDgzMjY0Mjk0MiI6MTcwMzd9&width=1220&height=300&confirmTime=2100000&confirmRatio=1000000&wmode=0
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://presaver.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 23 Apr 2023 16:04:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1682265861128285-9527748164343138268-balancer-l7leveler-kubr-yp-sas-41-BAL
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sun, 23 Apr 2023 16:04:21 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
image/gif
access-control-allow-origin
https://presaver.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 23 Apr 2023 16:04:21 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame A970
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1682265861042&cv=9&fst=1682265600000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fpresaver.com%2F&async=1&fmt=3&is_vtc=1&random=2977854135&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/947884341/ Frame A970
42 B
455 B
Image
General
Full URL
https://www.google.nl/pagead/1p-user-list/947884341/?random=1682265861042&cv=9&fst=1682265600000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fpresaver.com%2F&async=1&fmt=3&is_vtc=1&random=2977854135&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame A970
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1682265861039&cv=9&fst=1682265600000&num=1&guid=ON&eid=466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fpresaver.com%2F&async=1&fmt=3&is_vtc=1&random=1951049603&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/693627671/ Frame A970
42 B
108 B
Image
General
Full URL
https://www.google.nl/pagead/1p-user-list/693627671/?random=1682265861039&cv=9&fst=1682265600000&num=1&guid=ON&eid=466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fpresaver.com%2F&async=1&fmt=3&is_vtc=1&random=1951049603&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame A970
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1682265861036&cv=9&fst=1682265600000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fpresaver.com%2F&async=1&fmt=3&is_vtc=1&random=3582137379&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/947884341/ Frame A970
42 B
108 B
Image
General
Full URL
https://www.google.nl/pagead/1p-user-list/947884341/?random=1682265861036&cv=9&fst=1682265600000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fpresaver.com%2F&async=1&fmt=3&is_vtc=1&random=3582137379&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame A970
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1682265861043&cv=9&fst=1682265600000&num=1&guid=ON&eid=466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fpresaver.com%2F&async=1&fmt=3&is_vtc=1&random=3786316297&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/693627671/ Frame A970
42 B
108 B
Image
General
Full URL
https://www.google.nl/pagead/1p-user-list/693627671/?random=1682265861043&cv=9&fst=1682265600000&num=1&guid=ON&eid=466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fpresaver.com%2F&async=1&fmt=3&is_vtc=1&random=3786316297&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 16:04:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mitdmp.whiteboxdigital.ru
URL
https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| yaContextCb function| ym function| gtag object| dataLayer boolean| isPhone boolean| isPhoneOrTablet function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| setImmediate function| clearImmediate object| platform object| _pass_modules number| _CommentsAppWidgetUuid string| websiteId function| _typeof object| regeneratorRuntime object| modules object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| Ya object| yaCounter49162435 function| cnc object| pcode_760801_default_GsQ15qVJqJ object| __activeTestIds object| __vasActiveTestIds object| __pcodeAllActiveTestIds number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya boolean| yandex_context_perf_logging object| yaads object| layoutConfig object| $sf object| yaSafeFrameAsyncCallbacks object| yaCounter1507304

65 Cookies

Domain/Path Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: afpix
Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: pcssspb
Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: pcs3
Value: 1
kimberlite.io/rtb/sync Name: f
Value: https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FZEVXA8tsYBs
kimberlite.io/rtb/sync Name: n
Value: 1
presaver.com/ Name: XSRF-TOKEN
Value: eyJpdiI6Ikg1d2pZMVdxUldxTjZQODJLRU1PUEE9PSIsInZhbHVlIjoiekN6dGhJdFppc25kVGxQbHQ2a3VaY05hK3lGTnpqMzZBcXRMMDBWL1MrRWlaSjJCS0VkaGJ2T0FzbHpoQTE2QUpWdjdDaktoZmVsVE9XSHI0MUNaQ21qSXVYZkgvSit2VWlyWEVhNWFCcm9KUnhEdlhpdUhzcndFTFM1dmdBVFMiLCJtYWMiOiJjMWYxYTk3YmQ3NGU5NmVmOTA4YzJiNGMwYjJiYTZlYjZiZjJmNTFkYmFkNGJhYWVlNGQ3MjQzMmE0ZmU2NDRhIn0%3D
presaver.com/ Name: presaver_session
Value: eyJpdiI6IllOcExCWktiRTBXNGVtNERobHZqSkE9PSIsInZhbHVlIjoieFU5TmJxcElzTzJVU2FrNnlpdFRKamtwN09FZVIyOWErVk45cTkwR2JnS0dMeEpTTFlJWlZ0bExYVXlOZWErRWNRelllb0h2QVc5bTVVZi9teUxvbDRCLytZMEhlcGNjaS9Bc3g1US9HVE95SFZyMW9RTi80QnZ2UGNHVGxkalEiLCJtYWMiOiJjZDBmNWQ5YzI2Y2E2Zjc1MjFhYjc4YzU1Nzk1NzExMDEyNDcwYmYxMTRkZjY5ZGNiN2JhNjM4YWIzNDQ5OTZjIn0%3D
.yadro.ru/ Name: FTID
Value: 1aHLS20OYEuY1aHLS2003N7A
.presaver.com/ Name: tz
Value: 0
.yandex.ru/ Name: i
Value: hr18KV/Ypv8hPE02nL6Ym3pAyRMstWax4TyJocbno3g89WylqycJtwTCSVTnuP9TOp5yl/Kw7hJ98AkwqBhZoC5fvCE=
.yandex.ru/ Name: yandexuid
Value: 6074638931682265858
comments.app/ Name: bcom_on
Value: 1
.yadro.ru/ Name: VID
Value: 2Bb_8t1uqceY1aHLS2003N88
.presaver.com/ Name: _ga
Value: GA1.2.290888188.1682265858
.presaver.com/ Name: _gid
Value: GA1.2.1438090985.1682265858
.presaver.com/ Name: _gat_gtag_UA_139618482_1
Value: 1
.presaver.com/ Name: _ym_uid
Value: 1682265858711142255
.presaver.com/ Name: _ym_d
Value: 1682265858
tx.me/ Name: stel_ssid
Value: 3ad9b0e20adcf62128_11084415525729931960
mc.yandex.ru/ Name: yabs-sid
Value: 2122691701682265858
.yandex.ru/ Name: yuidss
Value: 6074638931682265858
.yandex.ru/ Name: ymex
Value: 1713801858.yrts.1682265858
.yandex.ru/ Name: bh
Value: KgI/MA==
.presaver.com/ Name: _ym_isad
Value: 2
.presaver.com/ Name: _ym_visorc
Value: b
px.arcspire.io/ Name: arcid
Value: 5e24d0ca9f05fe1eb285a9
.360yield.com/ Name: tuuid_lu
Value: 1682265858
.360yield.com/ Name: tuuid
Value: 4ecb899c-cf45-4c29-b89e-cae5cf5b96d4
.acint.net/ Name: test_cookie
Value: CheckForPermission
.acint.net/ Name: aid
Value: fwAAAWRFVwILUwBCVLlTAojuHMr4WNRziLCGZHX0Hn2gDsXl
.adx.opera.com/ Name: UID
Value: OPU7f9cee4ca2324a4487756d6778112b66
.acint.net/ Name: cSyncDp14v3
Value: 1682265858
.tns-counter.ru/ Name: guid
Value: C5E96A0264455702X1682265858
.dmg.digitaltarget.ru/ Name: viuserid
Value: 7PkczaXlFFXYC5d7jqwg
.ssp-rtb.sape.ru/ Name: sspuid
Value: CkIDQGRFVwOCewDBL2H/Au/7OW7iZOTMErFrpO81M4jyQLhN
.weborama.fr/ Name: AFFICHE_W
Value: wbED8v@jZ4TB27
kimberlite.io/ Name: u
Value: ZEVXA8tsYBs~cM8l7N21-IVk3RbnvTJ9zT7tWu4
.demdex.net/ Name: demdex
Value: 48250134617349354792690387727965499772
.adhigh.net/ Name: gi_u
Value: urcFBIrn9fN.AikABlGHrtvkwQ
.uuidksinc.net/ Name: jcsuuid
Value: 12U8Ly8yFVrqNrh4VUYz
.betweendigital.com/ Name: dc
Value: sin1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: tuuid
Value: 14c44bd0-367d-5471-9a60-b433fe25e330
.adhigh.net/ Name: yandexssp_sync
Value: LKI1
.dpm.demdex.net/ Name: dpm
Value: 48250134617349354792690387727965499772
.mts.ru/ Name: dspid
Value: 5183af2c-ce1c-42d8-aeaf-c11553c30c85
.sonar.semantiqo.com/ Name: semantiqo_a
Value: fe3999a5546946629c82ec2215384e5d
.sonar.semantiqo.com/ Name: check
Value: 702837c0fec74f3ab257595b7c1f9589
.betweendigital.com/ Name: ut
Value: ZEVXAwAGm2gToej5NbKhwspZtOLxHah745rMfA==
.mts.ru/ Name: mts_id_last_sync
Value: 1682265859
.mts.ru/ Name: mts_id
Value: 4e7d2c26-0f61-4814-86fe-458f9c19f65d
.aidata.io/ Name: __upin
Value: ks4vkwZDw3OZuDq5ltxmAQ
.aidata.io/ Name: __upints
Value: 1682265859
.upravel.com/ Name: session_tptc
Value: 1682265859828
x01.aidata.io/ Name: yaya
Value: 1
.upravel.com/ Name: user_id
Value: 2b00c264-e719-4485-a700-533267bfc979
.caltat.com/ Name: caltat
Value: 6da7c737ac0e484c9659a80c506616ad
.rutarget.ru/ Name: userId
Value: HqufjwzFzlmt
.magnitent.com/ Name: sonar
Value: fe3999a5546946629c82ec2215384e5d
.magnitent.com/ Name: ct
Value: 6da7c737ac0e484c9659a80c506616ad
.magnitent.com/ Name: spid
Value: 61BE14E4266C3AD4
.magnitent.com/ Name: 3db
Value: 61BE14E4266C3AD4
.yandex.ru/ Name: is_gdpr
Value: 1
.yandex.ru/ Name: is_gdpr_b
Value: CI7aQhCzswEYAQ==
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

2 Console Messages

Source Level URL
Text
network error URL: https://an.yandex.ru/setud/mts_banner/JKp6xNfISUS7VpRNPdFxWw?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=2104951988
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.gonet-ads.com/match/yandex?id=[buyerUid]
Message:
Failed to load resource: the server responded with a status of 408 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

220youtube.ru
acint.net
ads.betweendigital.com
an.yandex.ru
avatars.mds.yandex.net
cdn3.caltat.com
cdn4.telesco.pe
cm.g.doubleclick.net
cm.tns-counter.ru
comments.app
counter.yadro.ru
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
euw-ice.360yield.com
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
im.bluevoox.com
kimberlite.io
match.360yield.com
match.new-programmatic.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
nr.bidderstack.com
oauth.tg.dev
presaver.com
profile.ssp.rambler.ru
px.adhigh.net
px.arcspire.io
redirect.frontend.weborama.fr
rtb-eu-warsaw.intent.ai
rtb.programattik.com
s.uuidksinc.net
sm.rtb.mts.ru
sonar.semantiqo.com
ssp-rtb.sape.ru
ssp.adriver.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.gonet-ads.com
sync.magnitent.com
sync.upravel.com
t.adx.opera.com
tech.rtb.mts.ru
tg.dev
tx.me
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
mitdmp.whiteboxdigital.ru
142.250.181.226
142.250.185.130
148.251.129.43
149.154.164.13
149.154.164.25
149.154.167.99
159.69.59.100
167.235.177.243
167.235.33.113
18.203.73.89
185.15.175.130
188.42.105.236
188.72.107.156
188.72.109.103
193.232.150.70
193.3.184.211
2001:4860:4802:38::178
2001:6d0:4001::226
203.195.121.142
213.87.44.187
217.65.2.150
217.66.147.37
23.88.12.14
2606:4700:20::681a:e45
2606:4700:3034::ac43:b14b
2a00:1450:4001:801::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:829::2004
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
2a06:98c1:3120::3
2a06:98c1:3121::3
31.172.81.159
31.220.27.155
35.177.4.157
35.190.24.218
37.18.16.16
52.45.175.185
54.167.225.48
81.222.128.214
82.145.213.8
85.111.6.50
87.242.89.90
88.212.202.52
89.108.108.11
89.108.119.43
91.192.149.14
95.161.64.99
95.217.109.66
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
04472e52c1230e3afb93d131b83dbb2373a0d03ba6505d18ce8029f2b14c9b18
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd
1475a424ba2f16a6e6e74e4a0de2ea10d2cbe3f6d0bcc8ff407a29d551daf9a3
1744e028d964153bee2fdd85519b047398cac4e5965777c292fa52db15a1fbb1
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
29bd8a6d8a85db96d0cbebe00c17cee923bb3ec787a17762c39d46699c2580e1
2a348f9793269ef74e8bd0be51c68f47b76b1bbd1c054b78b8fa3feb0bb82971
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31fe57aa244712e3564a0c2063e6a73d11c26fc14354d52b714bc3e9104e38ca
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
35b1d485792d32790612e63d8586337c39c42fd5eb289e105af4c7e95f73a147
3ddfc79789eb1552a27e7fff25e885ea3aca95b33d2a4c837d1ca3fbac4bb6de
3e70e149a35f394bb78ef7842de11a06359fed7828f30331594a28d196c54012
417666f0ba78c869d346b36a3d24db2bfe44be89e103adff89d2f9606e2e57cd
41aeecf645767e00367f3ce2ed361a63639e87f89e44ab0e85abab0f00efafb3
41b5c3b25f4258190937deb900fa57a6db6d450ce7dd2af2259af760119a1c41
42d42f23d7276824168808093be0f20e3e53673718c79349cc22da88f58d3e23
482f450b7fdbac6f9304643f3e731df20bf66c51fb0599fa9a734e5d102a9e2a
4e6fd15282ec00cbb8f2474d12438506061b53e99c4f0556dae1a667872ab3ab
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ddea45f7eb06a894584093adf3edfed13711ab62db3016f2461d7cbfebce0f1
624b713241704e0993f7d2147c1f1408a8a0df1be297a490bfe8e2b89387ce93
6342d16a93416b5e826f6d0e0e930ef033efb682851ae46270f3c4f5b4a1c194
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
688af70209889544a8bbeb09c68b19cca60311f2f1d6398632eda5b662cf5a8e
6b2e49819d301475757a2b627c46e5453856c05073d77f6467e58b4780a666a8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fd35508fd0d052bf826e387a0df0ce1392484da0f5c065269e7bdb24383744c
70f60044d161bbdd9a7cbea74e2d3100726004b2d4ce04b0c84a0214bf13ce0b
7127e3ede5e2d5e9f53084a1ea3220cf50c657b07c50eb013c846ce938c0cdde
74b9a6ef4c00e3deb3d59f86ba5653352f87055bd0fd05225a13bdc47426f49e
76216b6c25b768e5bee4b758dacfef993b3e87cc2d7fd9bf192bd685d1ae9bfb
76eae2bc85c20a4cc23af20cc7f24d39ebf63822ecc392ec4a85961881c14b30
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7c2c61b7f8b8289579ca4a0dde7cfb784f98fcfe083d137d3a9e8d93cd5879df
7f412a933dc0f783eefd0e03a87605d091a187f9f1953cc5cd5e22f7324d925e
7fc0b8b8f89f4fc12be0dd43fcc8e4907bf83b2b906828d96becd23a5407bbde
7fc63cc13b3210e7eead7fae7885d571206baa4e192d5e14bbaafe8ea257b42e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974
8a23ca1ab4f8ed97b92cc89cababc8649e348f3c2d85240abfd7c0f84ba04079
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
99bcdc3bfbea0250e84846350abf791e95d3e1e4dc06138e7c8d0438037994c4
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9db6a684c4b8c87ced6ca91ed34a348464a41df4d3f74c007cae6d87e68a1e88
9ee10655a42016afcee94c86d8bc0ab4398d791338080186b94d352e1460510c
a26b4febdb7690008890d735d5f32ecb59441835704251420f9bb3d4dd4417ea
a44643c75273fae6bc16f15ef190faa329c5242a765fc7cf33a4c8745c91fc6b
a60df03b91b9476787761e0a2740e3506dcc439e9d09ce04042bcab8b57ccce6
aa441bf5f2ac8c608371513bad73ea45ad6dc8b7c50e3c6841af81147d0b96ce
b28d8e93ecf9067ff746e514c79ad5adc53cc00965630bfe0b118cf80f7bf065
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b51e07a972cbfcf12ef06ca6f5d28217484d2ba420e3c38b423b49cdeebd315b
b5e930df6a2976d5df996e18b347e091756699ea32716dc53d0e1c0fd814c526
ba685c6fbd4f50d5ba445f7273ab25d177498998ab98d6ec8cc01ca5c82e755b
bb999df254bc3980e3c9170b2fb179d4b8b2cbd3d7f1264b222f8ac8fa113804
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
c5e57602d71b6ae75248a554d8f5e7d43f2a750574d4b006c1659804e67e51b1
ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e
cb9bd074593253dc255f14eb8a168a015b7e8b0aa00c07622cc34a1f2b1394ab
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
d61214fdf1c1eee41b83cb56d52b82db20a47bfeab5248bb6fda7a4f0744eedf
dc4178193a5a0581e5abd8c6e578562518b4c04fc07cd4a4837ebd22e6ccc1fb
ddd0d91489d750daa77e69eff926a5de2d39a04039843acb4b28f7eed5d349dc
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e450af4a7c4974ea3ff324b629876380e0ca9605333a57152a953310c4a4661a
e4aa76f000fc34afd28e0044a487cb12a6f8088413f6e9021cfa1bf69d0ff170
e553533d28524e15d82626e82f797afe6db8582382606af03666b4719191db93
e9d4e95edbd488a98df1ff25ae5753233678e2eef66673cec8bd580e425fa677
eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376
ed441bafd524da7d97ddd554de2197be2d49db0ebadb0b7a3f9fcd6f7e9b9397
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3
f29b8ecbab4c1e594014a0ab615d1ffd1e9b0441cf76df655af17844de20970a
f4b2127d9174ac761cbb3cfe836ab43c2895bf3a8666b150f9513785b32d7536
f8a558f7402e50fac43173110de683470f28a6a8ca188706393911bb93c1cbda
ff08e05957a5184f00042ddd43f2247e26b33e02c01523a1b61477a848bffd63
ff9521f14db3bcba4645963aeb36fd8425f984242fa81a3854bcc0794177cbb8