www.tg-me.com Open in urlscan Pro
2606:4700:3037::6815:40c7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.tg-me.com/+VfbOQNoW_l9mMDdl/us/+VfbOQNoW_l9mMDdl
Effective URL:
https://www.tg-me.com/us/Telegram+News/com.telegram
Submission: On January 03 via api (January 3rd 2024, 7:28:47 am UTC) from US — Scanned from US

Summary HTTP 225 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 47 domains to perform 225 HTTP transactions. The main IP is 2606:4700:3037::6815:40c7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.tg-me.com.
TLS certificate: Issued by GTS CA 1P5 on December 6th 2023. Valid for: 3 months.

This is the only time www.tg-me.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6 36	2606:4700:303... 2606:4700:3037::6815:40c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	23.209.54.115 23.209.54.115	16625 (AKAMAI-AS) (AKAMAI-AS)
3	23.203.177.63 23.203.177.63	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
8	2600:9000:210... 2600:9000:210b:ee00:9:81e3:f9c0:21	16509 (AMAZON-02) (AMAZON-02)
7	47.254.199.63 47.254.199.63	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
5	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
5	8.218.26.252 8.218.26.252	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
5	47.250.12.214 47.250.12.214	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
3	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
3	23.51.57.13 23.51.57.13	16625 (AKAMAI-AS) (AKAMAI-AS)
1 11	119.81.216.16 119.81.216.16	36351 (SOFTLAYER) (SOFTLAYER)
5 5	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1 2	2600:1f18:4e9... 2600:1f18:4e9:5a01:b190:a784:2195:7e31	14618 (AMAZON-AES) (AMAZON-AES)
2	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	35.211.93.27 35.211.93.27	19527 (GOOGLE-2) (GOOGLE-2)
1 2	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
6 6	54.146.98.73 54.146.98.73	14618 (AMAZON-AES) (AMAZON-AES)
7 7	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
1 1	23.105.14.105 23.105.14.105	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1 1	2603:c020:400... 2603:c020:400d:3000:7130:bb0b:d7e:bee2	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 1	198.148.27.131 198.148.27.131	19189 (PULSEPOINT) (PULSEPOINT)
6	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	40.76.134.238 40.76.134.238	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1 1	35.194.66.159 35.194.66.159	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 8	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
2	162.248.18.34 162.248.18.34	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	52.86.74.151 52.86.74.151	14618 (AMAZON-AES) (AMAZON-AES)
1	144.76.38.164 144.76.38.164	24940 (HETZNER-AS) (HETZNER-AS)
4	104.21.24.208 104.21.24.208	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	13.32.208.102 13.32.208.102	16509 (AMAZON-02) (AMAZON-02)
8	172.67.161.57 172.67.161.57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
8 12	2607:f8b0:400... 2607:f8b0:4006:80f::200d	15169 (GOOGLE) (GOOGLE)
40	34.111.15.3 34.111.15.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	68.67.160.75 68.67.160.75	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	173.231.178.77 173.231.178.77	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	2620:116:800b... 2620:116:800b:21:b08a:1dc5:659b:4055	14618 (AMAZON-AES) (AMAZON-AES)
1 1	44.219.82.214 44.219.82.214	14618 (AMAZON-AES) (AMAZON-AES)
1 2	50.17.254.219 50.17.254.219	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.199.50.181 34.199.50.181	14618 (AMAZON-AES) (AMAZON-AES)
1	52.73.1.8 52.73.1.8	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2606:ae80:145... 2606:ae80:1451:19::1400	25751 (VALUECLICK) (VALUECLICK)
1 2	38.68.201.140 38.68.201.140	174 (COGENT-174) (COGENT-174)
1	3.223.16.170 3.223.16.170	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
2 2	207.198.113.88 207.198.113.88	13768 (COGECO-PEER1) (COGECO-PEER1)
9	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	() ()
225	39

36 2606:4700:3037::6815:40c7 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

www.tg-me.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.tg-me.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
photo.tg-me.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.209.54.115 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-54-115.deploy.static.akamaitechnologies.com

cdn.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl-avd.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avd.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.203.177.63 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-177-63.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:210b:ee00:9:81e3:f9c0:21 (United States)

ASN16509 (AMAZON-02, US)

d37tb4r0t9g99j.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 47.254.199.63 (Kuala Lumpur, Malaysia)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

as.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 8.218.26.252 (Hong Kong, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

optimize.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 47.250.12.214 (Kuala Lumpur, Malaysia)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

optimize2.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.51.57.13 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-13.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 119.81.216.16 (Singapore, Singapore) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 10.d8.5177.ip4.static.sl-reverse.com

avd.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.211.178.172 (North Charleston, United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:4e9:5a01:b190:a784:2195:7e31 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.93.27 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 27.93.211.35.bc.googleusercontent.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.128.147 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.146.98.73 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-98-73.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.40.194 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.14.105 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: 23.105.14.105.rdns.racklot.com

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:c020:400d:3000:7130:bb0b:d7e:bee2 (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.131 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (Seattle, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

us01.z.antigena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.194.66.159 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 8.28.7.83 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.218.10 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.74.151 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-74-151.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.38.164 (Dottingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.38.76.144.clients.your-server.de

acceptable.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.24.208 (None, )

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.32.208.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-208-102.iad66.r.cloudfront.net

moonheappyr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.161.57 (United States)

ASN13335 (CLOUDFLARENET, US)

yistkechauk.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:80f::200d (United States) 8 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 34.111.15.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.15.111.34.bc.googleusercontent.com

cdn1.cdn-telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.75 (Jersey City, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.231.178.77 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:b08a:1dc5:659b:4055 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.219.82.214 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-219-82-214.compute-1.amazonaws.com

sonata-notifications.taptapnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.17.254.219 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-254-219.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.50.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-50-181.compute-1.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.1.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-1-8.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1451:19::1400 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.68.201.140 (Ashburn, United States) 1 redirects

ASN174 (COGENT-174, US)

pmp.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.223.16.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-16-170.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::21 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.88 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f012:10c:face:b00c:0:3 (None, )

ASN- ()

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	cdn-telegram.org cdn1.cdn-telegram.org — Cisco Umbrella Rank: 85570	293 KB
36	tg-me.com 6 redirects www.tg-me.com img.tg-me.com photo.tg-me.com	754 KB
28	innity.com 1 redirects as.innity.com — Cisco Umbrella Rank: 19693 optimize.innity.com — Cisco Umbrella Rank: 36304 optimize2.innity.com — Cisco Umbrella Rank: 35999 avd.innity.com — Cisco Umbrella Rank: 27634	17 KB
21	pubmatic.com 1 redirects ads.pubmatic.com — Cisco Umbrella Rank: 811 image6.pubmatic.com — Cisco Umbrella Rank: 1215 image2.pubmatic.com — Cisco Umbrella Rank: 1555 simage2.pubmatic.com — Cisco Umbrella Rank: 1499 image4.pubmatic.com — Cisco Umbrella Rank: 2201 simage4.pubmatic.com — Cisco Umbrella Rank: 1864	34 KB
12	google.com 8 redirects accounts.google.com — Cisco Umbrella Rank: 65	3 KB
11	innity.net cdn.innity.net — Cisco Umbrella Rank: 30165 ssl-avd.innity.net — Cisco Umbrella Rank: 42130 avd.innity.net — Cisco Umbrella Rank: 38421	44 KB
10	moonheappyr.com moonheappyr.com	12 KB
9	fbcdn.net static.xx.fbcdn.net	384 KB
8	yistkechauk.org yistkechauk.org	3 KB
8	cloudfront.net d37tb4r0t9g99j.cloudfront.net	234 KB
7	doubleclick.net 7 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 338	2 KB
7	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 590 grid.bidswitch.net — Cisco Umbrella Rank: 1632	3 KB
6	bidr.io 6 redirects match.prod.bidr.io — Cisco Umbrella Rank: 972	3 KB
5	facebook.com 2 redirects www.facebook.com — Cisco Umbrella Rank: 98	37 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	368 KB
4	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 18217	202 KB
4	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819 ups.analytics.yahoo.com — Cisco Umbrella Rank: 505	2 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 594	1 KB
3	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 845	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	315 B
3	addthis.com s7.addthis.com — Cisco Umbrella Rank: 5050	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 1321	938 B
2	mxptint.net 1 redirects pmp.mxptint.net — Cisco Umbrella Rank: 10897	967 B
2	dotomi.com 2 redirects pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5770	745 B
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 930	521 B
2	thrtle.com 1 redirects thrtle.com — Cisco Umbrella Rank: 2386	687 B
2	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1396	767 B
2	adgrx.com 2 redirects cm.adgrx.com — Cisco Umbrella Rank: 2472	1009 B
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 356	2 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 731	734 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 398	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	88 KB
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1449	518 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 2030	35 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 3080	425 B
1	kargo.com crb.kargo.com — Cisco Umbrella Rank: 1708	359 B
1	taptapnetworks.com 1 redirects sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 12435	346 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1348	593 B
1	a-ads.com acceptable.a-ads.com — Cisco Umbrella Rank: 164698	6 KB
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 1536	554 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1428	659 B
1	antigena.com us01.z.antigena.com — Cisco Umbrella Rank: 9298
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 881	988 B
1	technoratimedia.com 1 redirects sync.technoratimedia.com — Cisco Umbrella Rank: 3411	4 KB
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1004	796 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 1629	338 B
0	Failed function sub() { [native code] }. Failed
225	47

	Domain	Requested by
40	cdn1.cdn-telegram.org	www.tg-me.com
26	www.tg-me.com	6 redirects www.tg-me.com
12	accounts.google.com	8 redirects www.tg-me.com
11	avd.innity.com	1 redirects www.tg-me.com avd.innity.net ads.pubmatic.com
10	moonheappyr.com	d37tb4r0t9g99j.cloudfront.net
9	static.xx.fbcdn.net	www.facebook.com
8	photo.tg-me.com	www.tg-me.com
8	yistkechauk.org	www.tg-me.com
8	simage2.pubmatic.com	1 redirects ads.pubmatic.com www.tg-me.com
8	d37tb4r0t9g99j.cloudfront.net	www.tg-me.com moonheappyr.com
7	cm.g.doubleclick.net	7 redirects
7	as.innity.com	cdn.innity.net
6	image2.pubmatic.com	ads.pubmatic.com www.tg-me.com
6	match.prod.bidr.io	6 redirects
5	www.facebook.com	2 redirects www.tg-me.com connect.facebook.net
5	x.bidswitch.net	5 redirects
5	optimize2.innity.com	www.tg-me.com
5	optimize.innity.com	www.tg-me.com
5	www.googletagmanager.com	www.tg-me.com www.googletagmanager.com
4	pogothere.xyz	d37tb4r0t9g99j.cloudfront.net
4	ssl-avd.innity.net	www.tg-me.com
4	cdn.innity.net	www.tg-me.com
3	match.adsrvr.org	3 redirects
3	pixel.tapad.com	2 redirects ads.pubmatic.com
3	ads.pubmatic.com	www.tg-me.com ads.pubmatic.com
3	avd.innity.net	ssl-avd.innity.net
3	www.google-analytics.com	www.googletagmanager.com
3	s7.addthis.com	www.tg-me.com
2	pixel-sync.sitescout.com	2 redirects
2	pmp.mxptint.net	1 redirects www.tg-me.com
2	pubmatic-match.dotomi.com	2 redirects
2	us-u.openx.net	1 redirects www.tg-me.com
2	thrtle.com	1 redirects www.tg-me.com
2	sync-tm.everesttech.net	1 redirects ads.pubmatic.com
2	cm.adgrx.com	2 redirects
2	ib.adnxs.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	eb2.3lift.com	1 redirects ads.pubmatic.com
2	s.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	grid.bidswitch.net	as.innity.com
2	image6.pubmatic.com	ads.pubmatic.com
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	connect.facebook.net	www.tg-me.com connect.facebook.net
2	img.tg-me.com	www.tg-me.com
1	ad.turn.com	1 redirects
1	rtb.adentifi.com	www.tg-me.com
1	sync.bfmio.com	www.tg-me.com
1	crb.kargo.com	www.tg-me.com
1	sonata-notifications.taptapnetworks.com	1 redirects
1	cms.quantserve.com	1 redirects
1	simage4.pubmatic.com	ads.pubmatic.com
1	acceptable.a-ads.com	www.tg-me.com
1	sync.ipredictive.com	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	1 redirects
1	us01.z.antigena.com	ads.pubmatic.com
1	bh.contextweb.com	1 redirects
1	sync.technoratimedia.com	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	match.deepintent.com	ads.pubmatic.com
0	telegram Failed	www.tg-me.com
225	61

This site contains links to these domains. Also see Links.

Domain
www.voogame.com

Subject Issuer	Validity	Valid
tg-me.com GTS CA 1P5	`2023-12-06` - `2024-03-05`	3 months	crt.sh
*.innity.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-29` - `2025-01-03`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-09` - `2024-12-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-12` - `2024-01-10`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.innity.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2024-01-01` - `2024-12-21`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2023-12-01` - `2025-01-01`	a year	crt.sh
*.z.antigena.com Sectigo ECC Domain Validation Secure Server CA	`2023-04-03` - `2024-04-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-27` - `2025-01-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-27`	a year	crt.sh
moonheappyr.com Amazon RSA 2048 M02	`2023-12-30` - `2025-01-28`	a year	crt.sh
yistkechauk.org GTS CA 1P5	`2023-12-30` - `2024-03-29`	3 months	crt.sh
cdn1.cdn-telegram.org GTS CA 1D4	`2024-01-01` - `2024-04-01`	3 months	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-11` - `2024-09-11`	a year	crt.sh
*.prod.use1.green.ops.kargo.com Amazon RSA 2048 M03	`2023-12-11` - `2025-01-08`	a year	crt.sh
*.bfmio.com Amazon RSA 2048 M02	`2023-03-17` - `2024-04-14`	a year	crt.sh
adentifi.com Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://www.tg-me.com/us/Telegram+News/com.telegram
Frame ID: A0F96EA04FFCCF56660AC33E863B375C
Requests: 46 HTTP requests in this frame

Frame: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Frame ID: 0E093E2D90337E5C6B1515A1E1CF7127
Requests: 5 HTTP requests in this frame

Frame: https://ssl-avd.innity.net/1/container_549927e79bd1fa1a040041a9.js
Frame ID: 3C9205F548728CB251CE680038522D47
Requests: 1 HTTP requests in this frame

Frame: https://avd.innity.com/uidsync/init/?idsr=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D1381%26g%3D204%26j%3D0&c=HK&itmcb=1704266921870
Frame ID: CFC6EAB6C73A9E007AC9A050D8E491B8
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Frame ID: 8A8FA15CF2DB9067E8FD2B6E3FBFCDC5
Requests: 24 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: CEA43C7E1F886C8FBE461ECDB84789F5
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 9FB7CAF5CF3889498DEFA4AA5143EDF1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGkQU7LKhkAABaMGDBQ3g&gdpr=0
Frame ID: 46E15481636FB33A49BA9369780B827A
Requests: 1 HTTP requests in this frame

Frame: https://avd.innity.com/uidsync/mapuid/?pid=1056&puuid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51
Frame ID: 172669C6F95626FFC525608040A57415
Requests: 1 HTTP requests in this frame

Frame: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Frame ID: 1986590453E5C5D66D4A24244D852238
Requests: 5 HTTP requests in this frame

Frame: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Frame ID: ABE6729A7607B2DD2A904994FF3BD772
Requests: 102 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/2161124
Frame ID: 21E279FCB0B5861DFCBF129D2574A47B
Requests: 2 HTTP requests in this frame

Frame: https://moonheappyr.com/UHE4cXUxE1scSjFMWlcAIh0FVEcWVAo3EWNGTBNBIkFMSBJpSFJfFjweTRUTIh5WBVs+FExURxYDaikdKhVCEhgWCQgjNhQ0ajdFPz5eNA0SJV8rHxUWeSgiBCd+OycoNHIzIxQ0CwIBFCB5QBEXPHUyJx06WTQZFCRuAh4WGWo6MAMwbzQwPzZhCR4IN2kBDQgWWzkiE0R+MzQ0MnIGNBcwbRIDFTdtMiM+Fm45NGEUcyMkAyRfJDEEJwk5MD4VcSYCEhRzCQIzMH0jEgMadSskYjNzIEUJOVlBHQcjcCcSAxp1MC05BXcjRBk0ekBEEiMISA8ENxUBJhIpbSs0JxVaODRoJn4nAiM1fiszMyl6PScWGn0SRGEzaglNJTR5EhQHQ3o6OBY4fhUnARBwNz83IlM8JAUYYSU9FkVrFUU3IHBBICE3aismEiB2OyQFEmIVIwo3agZAaCdTOzMUHHo6JCcjbzgNOzNwGT9jIVMrMBE2TD0nBjd7FDA7V1ICGj4BBSceIxBVQREcGU0CNxM
Frame ID: 2DC690B7DB1BE6A01DEA1D73BF17F016
Requests: 2 HTTP requests in this frame

Frame: https://moonheappyr.com/aE9kM20JLQdeUglyBhUYGiNZFl8ualZ1CVt4EFFZGn8QCgpRdg4dDgQgEVcLGiAKR0MGKhAWXy4DNwIKHwAzegImflFVNTx3HGUsOi0HXlUrDiJxGSUkKmQpLDsIYCwbCSVKJyIrIEAdLB4iAT8sdw1lLDofAV4KPxk1fgE4OFRVLxEaU3c8AAovWRU7DSJpGSQKJmQuMBYSYigfDilKXC8cNVQHDiQyajURFldgASkALkkGPgwdYUhaDQBULAsaLEcaOn4lfiESKyxgBgx6BXVYJh1XXwIpHgh+CFt/IFZdDHoFdgk5CywCHi4eC1QPBSAlYjs6alZ1DjpiMX84ASALYis9BzR3XDsaA0BIWgkCYidNfSJlXgA5LFQdPS0JXCwtHg9ZIS5+MmFeAy0iYhk7BR51DzAKAAYMLisHcj4pfCNhFTkqHkc0OzhUXj06Gih5JRg+JXEJOxUzBywpCRBfDDkGJWFeBCA1AgotBA1DNyAJJX0POQIrZyUAOiJYFQ4qAxUHGyAKQ1AQfQN7FxECPVE4WQA
Frame ID: 5D6A72012425E1152DA0F3A3AD61C90E
Requests: 2 HTTP requests in this frame

Frame: https://moonheappyr.com/c3cyZE8SFVEJcBJKUEI6ARsPQX01UgAiK0BARgZ7AUdGXShKTlhKLB8YRwApARhcEGEdEkZBfTU9YzF+NBZYKSY6HlUpCzciWS0jEDxXLCNDIkUiITkNZyIXJzFFNCYxBVE1AlZFdCkJBCR+HX8BLl8HeiM2BistOw8AMAlLEHsdCSsxYTUlOSFRJxUKAFsnDkZGUx4CPzNbEyYjNnwCAyAPWDMHJUdrVxUjNmoiIz4mfAAFID5KIx0pDVQ3KBYxXCp2F0ZdACwkHwMvDSkNVDAKNy9qAHoqRl4cFTtOACEoJUZoIwEqNksldj0QaDMBGhBZJRkcRlMsYiIEcAoFRRZ0DwkpPwtWHh8QQiscADB0CgI8LgMDCz8kYxALCy1IAhw2J2cnIBoVAlwNECQGEQg1AEEvCD0uVjwNVkV0ACQiM1BXO0EiRRQ5FT9gMAkdOQsqHgcheyB3BSNFIQcWP2QABys9BT0NSzhRJWkZBF0KP04PeDx/PQ5oCxwRHHM1
Frame ID: E31FF3D07FD10865A3D63699B4E0459B
Requests: 2 HTTP requests in this frame

Frame: https://www.tg-me.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: 375C30D664C41A29E9CBDBC62739D162
Requests: 2 HTTP requests in this frame

Frame: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Frame ID: 74B34E39C6B7B487952D33AB0E025A8A
Requests: 3 HTTP requests in this frame

Frame: https://moonheappyr.com/WjlOWGo7Wy01VTsELH4fKFVzfVgcHHweDmkOOjpeKAk6YQ1jACR2CTZWOzwMKFYgLEQ0XDp9WBxVFDYaEnQ0PywcaiIOKCJwGhEdbnsWaF9reik0Kx99HDs8MmMGFVocbwULIy1qGGAsDlAAHg4yDXYBPz56DzMOK3gpMCscUBQ8MmtNLREGa1sZaB4ybCIvLwgKAw4+GGAYFCtvaQg/UjZqfmg7GVB/OiIydCw9Bm9hBhonKGF/NC4JeAsfLDZjKDw7F2gLCicqb387OBluBxopG14BAQ0fcBhoGip4Nmk8FX4HGikYfBoTOw90H2gBHH8pKD0bV2MdIh9sABEOa3MHHgIDUBweWh98HW0iEm8fYAk9eB4LLzZBCD8aDWwnIAgOeD0PMz1/eQlaMgoWaS8UcXwRKBl4Cz4gHFEWDFtjCA9pGRV6DTAPAmwAESsLcAUOBggKBglfDWh9bA4ZbxwcMz18Bx44KVEbMwUKYX0OWx5vGBYLC3gBCStjDw8/BgJoIGwrHlV3CA4bSgIOWi5BaDIZNVc+ZR4oVAEAHSBeLWwOLHc2Hg
Frame ID: 3CA93C2D4CA7B5FABF5D2FE163B7B3ED
Requests: 2 HTTP requests in this frame

Frame: https://moonheappyr.com/V3RUMkk2FjdfdjZJNhQ8JRhpF3sRUWZ0LWRDIFB9JUQgCy5uTT4cKjsbIVYvJRs6Rmc5ESAXexEFN2U9Yzo4XRoVNg5jEwYhF3oIIx4HdDEcMGZaERYlIGgHFjIDcx4eUWZwDi4EH3AhHkwEdyEDEhVnGx81IAEYEQAxZSMkEhB3HAYkLAoABSUwCgwWTDVxe2IsHEUhDTkBRSoUMRkGCgVAG2AjFi4AY3gPLixFDBYYbAABBgQwcAsvMQZnLgMVEXQNE0VsAg8GJQRgEW4wA0oTFBJkfCsEJQ4CGAJBGFYBbjADRXAxOhFWLw8lAWsfERgdZiQvMgVeZGcxNVoINTcSXWxlMhZVfTYsAH8PAx8kRStnPjdkLgEHAnQlHjw+dxMfDAJTL2c5O2oYBQUcYwADIWcLDQAMbWYGBRsRZxsZGwVjLgYmEGcqExhkdwESNg5hCz8FDAN4HjBmfC8AHztiL2c6NnF4NEwRcCIFMWZVeg8fJ3AtEj4waiIZGgV0OR0wOXwKDyERdigCGA1hGDMHclg6OBokDzADED5ze2c8GWV5Mg
Frame ID: 66442E220789893C83157C379E057FA1
Requests: 2 HTTP requests in this frame

Frame: https://moonheappyr.com/UkdYZUczJTsIeDN6OkMyICtlQHUUYmojI2FwLAdzIHcsXCBrfjJLJD4oLQEhICg2EWk8IixAdRQ/Dg52Ph0iMHYbICsnBDsOMyQRPQo6VisKHz8BMBg/ASwQKx0vLi4QBRwdcx4GCSAgERYeJxYBMCgyAj0CAgg0GAU0Fj8xAhUmECgRLzMCFBIVDH4LEiAoLR4BPy4QOzAzJhYmEjtWfzgSMBEqMwE8PQ8BAjMmMBwmETFyExEJMHMdEhozBQUjYTZ2MRYCNH4TEQkwLxgGLDcGCgl9VwUYdxEtHTgRDDA/Kj0+VBIVFQs8LxMFGjQJER4VID8QLBtUahASGQsvd3UaMHcbDwIIEh0DaCBwGxIaMyM8CX1XAQQWLAYXAS8ZMxYHPxMkHh8QNlwoBHY8Mhc4fxMmKxA9PhwJBQVqPy0EEjMhHTwVOzYWACw8IAUEBQswNBMwAi0XYC8ALBYQKz0OMwcGayRzBQEBIB1hETszBhwxPSMdNAU1AX8HMH4PND0pKFgIFTMBNik0cy4hIw
Frame ID: 6A8A1B91CCE126DD7132EE26A228A1C9
Requests: 2 HTTP requests in this frame

Frame: https://www.tg-me.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: C79CEBA686DBB1FEAA7C2DF9E5A0FDD0
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4690175777796740270&gdpr=0&gdpr_consent=
Frame ID: 47E34C472200328177A964DF10F220FB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=ba84da06-aa09-11ee-b5a6-b787ee51105f
Frame ID: CA82558180F6DC71D8E8D7D403999B6F
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZZUMrQALt7iULQBH
Frame ID: E25C01BF1D04854EB73908A9F2DAC4B2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1Dq3c9Js7yLPN-p-hGujIts873fPP7gl1jggKzIS
Frame ID: C6D9CDAD856A47A03A491036E46EE744
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ee41876f-4704-476d-8848-1b48c3febeeb&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: B0BFF9B05FE9A0E29731253B83DC917A
Requests: 1 HTTP requests in this frame

Frame: https://avd.innity.com/uidsync/mapuid/?pid=1056&puuid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51
Frame ID: 5606D3D9B2D059A2A135FCBCC98CFFE7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cc018fb0cdf14%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff2e7628aafdf67%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2FTelegram%2BNews%2Fcom.telegram&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width
Frame ID: 61ADCADAEBE9CC0C7CBEE96C5D61BE86
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telegram News Telegram

Page URL History Show full URLs

https://www.tg-me.com/+VfbOQNoW_l9mMDdl/us/+VfbOQNoW_l9mMDdl HTTP 302
https://www.tg-me.com/us/+VfbOQNoW_l9mMDdl/us/+VfbOQNoW_l9mMDdl HTTP 302
https://www.tg-me.com/us/telegram/com.%20VfbOQNoW_l9mMDdl HTTP 302
https://www.tg-me.com/us/Telegram+News/com.telegram Page URL

Detected technologies

AddThis (Widgets) Expand

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

225
Requests

80 %
HTTPS

24 %
IPv6

47
Domains

61
Subdomains

39
IPs

6
Countries

2477 kB
Transfer

10822 kB
Size

108
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.voogame.com/
Title: Free Online Games

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.tg-me.com/+VfbOQNoW_l9mMDdl/us/+VfbOQNoW_l9mMDdl HTTP 302
https://www.tg-me.com/us/+VfbOQNoW_l9mMDdl/us/+VfbOQNoW_l9mMDdl HTTP 302
https://www.tg-me.com/us/telegram/com.%20VfbOQNoW_l9mMDdl HTTP 302
https://www.tg-me.com/us/Telegram+News/com.telegram Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://avd.innity.com/uidsync/getuid/?idsr=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fssp%3Dinnity%26user_id%3D%24UID&itmcb=1704266921870 HTTP 302
https://x.bidswitch.net/sync?ssp=innity&user_id=f2bb895346ba119aabdc4f1adae334bc HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=innity&user_id=f2bb895346ba119aabdc4f1adae334bc HTTP 302
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=innity&ssp_user_id=ee41876f-4704-476d-8848-1b48c3febeeb&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-_b0H6uxE2pl1s5DGE6OE5iQXqG0zrpbUnhotSg--~A&expires=5&ssp=innity HTTP 302
https://avd.innity.com/uidsync/mapuid/?pid=689&puuid=ee41876f-4704-476d-8848-1b48c3febeeb

Request Chain 36

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 38

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHa1FVN0xLaGtBQUJhTUdEQlEzZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partneruserid=AAGkQU7LKhkAABaMGDBQ3g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8876973003597357306&gdpr=0&gdpr_consent= HTTP 303
https://sync.technoratimedia.com/services?uid=AAGkQU7LKhkAABaMGDBQ3g&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8876973003597357306%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 307
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8876973003597357306&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
https://bh.contextweb.com/bh/rtset?ev=AAGkQU7LKhkAABaMGDBQ3g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8876973003597357306%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8876973003597357306&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAGkQU7LKhkAABaMGDBQ3g&pid=558502&do=add&gdpr=0 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGkQU7LKhkAABaMGDBQ3g&gdpr=0

Request Chain 40

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ddj75hL6RiWt0u2rfDF_UQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ddj75hL6RiWt0u2rfDF_UQ%3D%3D&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 41

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=52de7b38-f135-4d9a-b891-8965b4e40076%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a9e24617-9faf-4e3d-8c2b-e0b124563b02&ttd_puid=52de7b38-f135-4d9a-b891-8965b4e40076%2C%2C

Request Chain 43

https://eb2.3lift.com/xuid?mid=7976&xuid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=

Request Chain 44

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzVEOEZCRTYtMTJGQS00NjI1LUFERDItRURBQjdDMzE3RjUx&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzVEOEZCRTYtMTJGQS00NjI1LUFERDItRURBQjdDMzE3RjUx&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 45

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBC7uIdt55I7TmdQ6lUbymk&google_cver=1

Request Chain 46

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B650E4619727464B94F3E35E9B35A6B7

Request Chain 47

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a9e24617-9faf-4e3d-8c2b-e0b124563b02&gdpr=0&gdpr_consent=

Request Chain 49

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AjF0fppE2uX1fkv7xYTBU6UX9_xeh4Q-~A&gdpr=0

Request Chain 50

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dd23d9c5-ee2b-4efe-b1a8-d27a906b57aa&gdpr=0&gdpr_consent=

Request Chain 53

https://www.tg-me.com/Telegram+News/com.telegram/webview?embed=1 HTTP 302
https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Request Chain 70

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp3wTcPU7Vn7bAMbyAQOE-xwv64SGYS3Kz3KPaV1IyTwcLEqEzz3awpyiokrYDwggFKHQnvfIA HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1THAFgFHSJDRWBwn4eZf24tiRQrfZRg8jAHcUcv72GpUap3vTBjgJ3rd-b2Wtf96sk_ygp&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S688240098%3A1704266923067671&theme=glif

Request Chain 71

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1cWtc7EcBTFmFZzhL2JTCPAe_USgPE5FSJ8VJSCMR6OLkC9Jfq-BaaOa9GdqLj1ymotv01bQ HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0CcKJ7vb2GOXvztGX7qgYXRNQx_9KSbg0Sny8S6Gdb6ih-ny6RC96so4DlVmqPnuQgufolhQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1157709681%3A1704266922982719&theme=glif

Request Chain 74

https://www.tg-me.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.tg-me.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Request Chain 183

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp1xQM1aYYy8zfrhpa8eSsAVR9LgZQbVGCWNDjiC2i6h3FEMNBQ7cTqNDTxkvt0koX8b8PQm HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3p2pgb7RT-et0lKpQhus0rn34K3FmxCEKGJo8KZPUPNE6yfjxZjCwt1Zg5ACus5cjxie5M&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-771514079%3A1704266925213000&theme=glif

Request Chain 184

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1H_jFTsnbuubIOxKi5NLN-M5d_gxarH22NoLg_zskgy1P0e5W1Mjb7OgNmGSnsIN7Q-ao_ HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1wcxfdhDZwNfUjW_No_aldEOdHU2rdY5_wrmlR7N_2xzvrs2BP33SpcLauNgXt9Q_CmLmz&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S2097738661%3A1704266925119423&theme=glif

Request Chain 187

https://www.tg-me.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.tg-me.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Request Chain 197

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4690175777796740270&gdpr=0&gdpr_consent=

Request Chain 198

https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=ba84da06-aa09-11ee-b5a6-b787ee51105f

Request Chain 199

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZZUMrQALt7iULQBH

Request Chain 200

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1Dq3c9Js7yLPN-p-hGujIts873fPP7gl1jggKzIS

Request Chain 201

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ee41876f-4704-476d-8848-1b48c3febeeb&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_8ef85975-0cd0-4b75-ba78-ef223dc7592d&bsw_param=ee41876f-4704-476d-8848-1b48c3febeeb&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ee41876f-4704-476d-8848-1b48c3febeeb&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 203

https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&gdpr=0&gdpr_consent= HTTP 302
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&vxii_pid=12&vxii_pid1=10067&vxii_rcid=b8ae2b3e-ffd0-4ef3-9c9f-3e2800fd60da

Request Chain 204

https://us-u.openx.net/w/1.0/sd?id=540245193&val=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&gdpr=0&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&gdpr=0&gdpr_consent=

Request Chain 207

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=4d015793671c14ed&is_secure=true&networkId=17100&version=1&nuid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFribkwlBA5wMYTNG7AAAAAAA&expiration=1704353325&nuid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 208

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CAB_10EB2C41F_D1BF51C5&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
https://pmp.mxptint.net/sn.ashx?ak=1

Request Chain 210

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4278568244899564815&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 211

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=35830fbf-51fa-4f5d-b539-47d4f58f71ef-65950cad-5553&gdpr=0&gdpr_consent=

Request Chain 214

https://www.facebook.com/v8.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cc018fb0cdf14%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff2e7628aafdf67%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2FTelegram%2BNews%2Fcom.telegram&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width= HTTP 302
https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cc018fb0cdf14%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff2e7628aafdf67%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2FTelegram%2BNews%2Fcom.telegram&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cc018fb0cdf14%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff2e7628aafdf67%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2FTelegram%2BNews%2Fcom.telegram&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width

225 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request com.telegram Show response
www.tg-me.com/us/Telegram+News/
Redirect Chain

https://www.tg-me.com/+VfbOQNoW_l9mMDdl/us/+VfbOQNoW_l9mMDdl
https://www.tg-me.com/us/+VfbOQNoW_l9mMDdl/us/+VfbOQNoW_l9mMDdl
https://www.tg-me.com/us/telegram/com.%20VfbOQNoW_l9mMDdl
https://www.tg-me.com/us/Telegram+News/com.telegram

21 KB
7 KB

38ms
37ms

Document
text/html

2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d017da012e2658b78412555628ed5fbe42276d27db9a3b6efa550977de4dc524

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1249098
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
cf-cache-status: HIT
cf-ray: 83f986ba7b984bd8-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 03 Jan 2024 07:28:40 GMT
last-modified: Tue, 19 Dec 2023 20:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wIVnZv7hL6Nge9WWVLNXujzRlo%2FAeheneR8ATG8RWKvBXM27rpIVIP4S2toJ6Phm5xhd%2BQkdc0mFMfocsBUx8kYyJsMVXvCg%2BUvlZtofeHroXgT1K2UdffnXOAeGZe6ARndxjYdoKevaW53u"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: BYPASS
cf-ray: 83f986b73a1a4bd8-BUF
content-type: text/html; charset=UTF-8
date: Wed, 03 Jan 2024 07:28:40 GMT
location: https://www.tg-me.com/us/Telegram+News/com.telegram
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0B%2Bc8sZHsDta%2FJUy2RQD%2BqZp1ltFJIQQmqLlklDEuer8g2attQP0%2BNElK9FKKtqyw9pisnfubDBNWVTOFIz4KWCqJMApaAx%2FOhyf3ebXqSBKIKn1LNfGQ43wfL2z8n2KNNp2XVCphMEfywdv"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 GKNcrQjoAp6Z98cDDrrto_NSSHU.js Show response
www.tg-me.com/cdn-cgi/apps/head/ 5 KB
2 KB 37ms
35ms Script
application/javascript 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tg-me.com/cdn-cgi/apps/head/GKNcrQjoAp6Z98cDDrrto_NSSHU.js
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1564de76f12335b86790a0aa52846be066e1945090183589e762537fe9464cfe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/us/Telegram+News/com.telegram
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:40 GMT
x-amz-version-id: E1E3JGNyYHVXxbWCxajU5xVZDdmc_Ir2
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: YHGVAPSMB7J7E4JS
age: 65760
alt-svc: h3=":443"; ma=86400
x-amz-id-2: SJc5jmdx9NPkM7Kx5wB+dreLtfTiO8MVU7b8q7dQJTfWcbosHPZZ9gwQ8t8ss5bVA8E4LVK1gUk=
last-modified: Thu, 06 May 2021 08:34:07 GMT
server: cloudflare
etag: W/"8cbe5fbd6b1a135e178b1a76bcee5724"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbxelNs%2FfD49zvD8z2fd9MPXXH3esH9yYww1z1noiFg1z%2B8oLb2TmoadnViTL75v0UfzJvx0dAh362UFiGzBj6I83LgnYp1nv65QSV1OQFz0p1Xd6CBjQaIqkPqw14igM0%2BkQzsqAuYL10o9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 83f986bacbab4bd8-BUF

GET
H/1.1 200
OK admanager.js Show response
cdn.innity.net/ 12 KB
4 KB 176ms
27ms Script
application/javascript 23.209.54.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.innity.net/admanager.js
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.209.54.115 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-54-115.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e9d627b37bb2437e38e178e2c5776d50a3163be9b0976526b4ab133922a34963

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 07:28:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Nov 2023 09:17:20 GMT
Server: Apache
ETag: "2e2f-6097852320800-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3929
Expires: Thu, 04 Jan 2024 07:28:40 GMT

GET
H3 200 style.css
www.tg-me.com/ 2 KB
1 KB 37ms
37ms Stylesheet
text/css 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tg-me.com/style.css?v1
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a9654e71938bbbd0859b8d354b0792a7286136527044e55661d6bd72a6981c4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/us/Telegram+News/com.telegram
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 539400
cf-polished: origSize=2374
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Jun 2023 05:19:18 GMT
server: cloudflare
etag: W/"64782a56-946"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4P8JnYOAJJJSbsAr8W8EL7iHWDCUkyMCEN5jMdm0CljipIro2BBl4FNVkp0ClHZ0VKhtMFgCifGlBoEnID0Be%2FqAhIk34wimZ4AzSBMHLs6bM0O68kGj0Kuo65fKMq0odCpLp411wlHgnTys"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 83f986bacbac4bd8-BUF

GET
H2 200 telegram.jpg
img.tg-me.com/icon/te/ 6 KB
6 KB 303ms
294ms Image
image/jpeg 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tg-me.com/icon/te/telegram.jpg
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d16227677095de7d78fe63b771b683b3f6bd1d559dbb82e4ab557c7bde2952ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:40 GMT
cf-cache-status: HIT
last-modified: Fri, 31 Mar 2023 18:55:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64272cb7-1848"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSz6Q%2FTMdtf0e9idjpYAsXYnQUJ8doQFcYwT%2BN8uvvhArOzILvrcfRgr0vf9DF2th0%2B5T5wOMWJAmCGiaTvq3jAYao%2F8gvSUDHaz%2BbNbIbURyndDgns90MaBNKJNi%2Bpx%2BdzVWucy6LmCuB65"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 83f986bacf154bd5-BUF
alt-svc: h3=":443"; ma=86400
content-length: 6216

GET
H3 200 cm.svg
www.tg-me.com/img/ 893 B
946 B 524ms
523ms Image
image/svg+xml 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tg-me.com/img/cm.svg
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd21af8d422403bd8e42df9da7cda432c81c76da81e830d3571e17c5d0edbd8c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/us/Telegram+News/com.telegram
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 26 Oct 2022 11:10:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"635915b7-37d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88FuZxEhfEO8lldbwG8OXpCPHT1F7VVrCIgdvtJLSgfkARMEy9RpADKrpDbw1IOBGXfWs%2Bxxftge2WdoPQb7xfW16nuUTKq9Q%2B4XIgTMVYtQQC%2F8iyDGLsXhcdlgYxwPdYMlUNvuqxI4812I"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=691200
cf-ray: 83f986c24dc84bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
361 B 163ms
29ms Script
text/javascript 23.203.177.63
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.203.177.63 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-177-63.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:28:40 GMT
server: Oracle API Gateway
opc-request-id: /4BF820706E1D9704E3218278409015A1/51FFB3BF8B8C19CBD047DE829DCBC78C
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
3 KB 109ms
29ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

047e8a3087729539ea3a0be160a2f2fdb4dcc21f9690e2ae5866d010af1e94c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.tg-me.com/
Origin: https://www.tg-me.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:28:41 GMT
content-md5: 8G7sJ4Rl68cSFAArOHdMFg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints
x-fb-debug: mMavOyOnfSFkiWyY/GjMOQG9gNOKTslOAz0OsqtNuugQUp/uyGgxuDGNmlBeDpMA7xgCd9bjvjf35ej8ZWxj+Q==
x-fb-content-md5: a718b677199f549d0ead7f3e68605739
cross-origin-opener-policy: same-origin-allow-popups
etag: "ab6e6235df25b9e415855a67abafaccf"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 03 Jan 2024 07:47:32 GMT

GET
H3 200 widget-frame.css
www.tg-me.com/ 32 KB
7 KB 37ms
37ms Stylesheet
text/css 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tg-me.com/widget-frame.css
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 832b09488629b668ef6de9b3f7c674ef456fb2dbbf80d5d74c0f7da334d26a78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/us/Telegram+News/com.telegram
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 539400
cf-polished: origSize=37786
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Jun 2023 05:19:18 GMT
server: cloudflare
etag: W/"64782a56-939a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhg84XYvLcUUpboAZ%2BsNXDx8K8xrzidFRjzfsBUgAnetJHqVthfF%2F%2FrjdM7vBiEW3ICO3kttYisJqVRQtdEkPXP9DK4N4ENIERXrsw6mvbJNW2pv9UB93D2nn09%2FOkKVLWm0DutZkt1aX1aT"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 83f986bbcbf94bd8-BUF

GET
H3 200 web.css
www.tg-me.com/ 17 KB
4 KB 36ms
36ms Stylesheet
text/css 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tg-me.com/web.css
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf1db37f5ba79db58d9c710e2cd17edcc52da87ab14685a030e2bda11d90cbf9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/us/Telegram+News/com.telegram
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775683
cf-polished: origSize=20897
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Jun 2023 05:19:18 GMT
server: cloudflare
etag: W/"64782a56-51a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kAHUSFqfyV4OMvAMz2DSyPDFKEg%2Betrj0bI3MVNXU%2BqXyjzUg39j8rTdQaa1o%2FP7CBXBqRqoeNwms0giWp81FfFB02Jn32xz7OWLLNgijvcF297qsnXOcL3nHOVaWe2XM0HZky2FETcEnBjA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 83f986bc0c0f4bd8-BUF

GET
H2 200 / Show response
d37tb4r0t9g99j.cloudfront.net/ 354 KB
115 KB 176ms
108ms Script
text/plain 2600:9000:210b:ee00:9:81e3:f9c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:ee00:9:81e3:f9c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9709911218b377be3da0f3ce799a5f4074b45c8e76186e935f3d0b9ae1cbfebf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 07:28:40 GMT
content-encoding: gzip
via: 1.1 b107b2437bbcbc926a3b733dc72fd52a.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 117322
x-amz-cf-id: 8ntjktfjGWJ38oh7UT6IVwqlCPE4-RiH90Bpe4Mxzgtk2gNP1lx1wQ==

GET
H3 200 mttil_w5gfRQoMK9J5wSEV0yOJQ.js Show response
www.tg-me.com/cdn-cgi/apps/body/ 4 KB
2 KB 40ms
36ms Script
application/javascript 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tg-me.com/cdn-cgi/apps/body/mttil_w5gfRQoMK9J5wSEV0yOJQ.js
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/cdn-cgi/apps/head/GKNcrQjoAp6Z98cDDrrto_NSSHU.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0c8ae28caaea979ac1a1b6c668726fe721704bc34bf50d882cb35a212516cf7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/us/Telegram+News/com.telegram
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:41 GMT
x-amz-version-id: yTUDbCChusb22oEAAiuOhIKs2DMdoM2X
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: RNQAEHH4SSF7HJ59
age: 282139
alt-svc: h3=":443"; ma=86400
x-amz-id-2: k/eo8GiTKnOfs1FVzJ9bh/Qf5Q71IAAisImVWICM+9lP3z/4HISR796BWxsFZpjm2VwzQxahK5o=
last-modified: Thu, 06 May 2021 08:34:06 GMT
server: cloudflare
etag: W/"906771a682327b7ef80896da1bda8167"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nju3YRMXud8%2BPywr7MW8GMorotk5yNOA4CqSyCktiHJOxYuC9JFxFv92XKx6VOM4aVw7%2F7oaJO076XGOacbaKwwDgGPBZBWNBOqHMaf3iuHrJqnUW1R%2BrlDiqbUsX6UkR1wFycOrx7r%2FL4wE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 83f986c2fdee4bd8-BUF

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 623 B
1 KB 1025ms
255ms Script
text/javascript 47.254.199.63
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1704266920288&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93378&output=js&flash=0&url=www.tg-me.com&width=*&height=*&vpw=1600&vph=1200&auction=33675fa-22520b2&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL1RlbGVncmFtK05ld3MvY29tLnRlbGVncmFt
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.254.199.63 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 1dacb40a6bd2a5cd93380f50c073e162a34ff4049e99d94118babdaf6b349b7d

Request headers

Referer: https://www.tg-me.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 07:28:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Jan 2024 07:28:41 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Length: 355
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 623 B
1 KB 1111ms
295ms Script
text/javascript 47.254.199.63
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1704266920291&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93380&output=js&flash=0&url=www.tg-me.com&width=*&height=*&vpw=1600&vph=1200&auction=33675fa-22520b2&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL1RlbGVncmFtK05ld3MvY29tLnRlbGVncmFt
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.254.199.63 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 82caa5ebaf5d0ab9ce3a22ba0c0f9c27a67e0e2bde0c98fb80e34c9dbaf17912

Request headers

Referer: https://www.tg-me.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 07:28:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Jan 2024 07:28:41 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Length: 355
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK analytics.js Show response
cdn.innity.net/ 301 B
547 B 34ms
30ms Script
application/javascript 23.209.54.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.innity.net/analytics.js
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.209.54.115 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-54-115.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 03d0e8a81b76b97330c387401f890774b9d88750ea2d7b7d85da4851ca2ef3ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 07:28:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Oct 2023 08:05:30 GMT
Server: Apache
ETag: "12d-606df78894680-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 175
Expires: Thu, 04 Jan 2024 07:28:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 157 KB
58 KB 123ms
44ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TS87BVL

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a424b624519f437f8d07988f6be571b11e51e88b098b30866912300d7f3955da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58652
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Jan 2024 07:28:41 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 2 KB
1 KB 272ms
271ms Script
text/javascript 47.254.199.63
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1704266921421&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98814&output=js&flash=0&url=www.tg-me.com&width=300&height=250&vpw=1600&vph=1200&auction=33675fa-22520b2&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL1RlbGVncmFtK05ld3MvY29tLnRlbGVncmFt
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.254.199.63 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 637b4a8d95328034af7e48f62995ae823b8128dbd5696e71952dbe464d9197e4

Request headers

Referer: https://www.tg-me.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 07:28:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Jan 2024 07:28:41 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Length: 741
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK /
optimize.innity.com/ 43 B
452 B 982ms
236ms Image
image/gif 8.218.26.252
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimize.innity.com/?pubid=3686&zoneid=93380&cb=1704266921455
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 8.218.26.252 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 07:28:42 GMT
Last-Modified: Wed, 03 Jan 2024 07:28:42 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 43
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H2 200 /
optimize2.innity.com/ 43 B
347 B 1188ms
281ms Image
image/gif 47.250.12.214
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimize2.innity.com/?pubid=3686&zoneid=93380&cb=1704266921455
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.250.12.214 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: / PHP/8.2.5
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 07:28:42 GMT
last-modified: Wed, 03 Jan 2024 07:28:42 GMT
x-powered-by: PHP/8.2.5
content-type: image/gif
p3p: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK /
optimize.innity.com/ 43 B
452 B 987ms
237ms Image
image/gif 8.218.26.252
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimize.innity.com/?pubid=3686&zoneid=93378&cb=1704266921455
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 8.218.26.252 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 07:28:42 GMT
Last-Modified: Wed, 03 Jan 2024 07:28:42 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 43
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H2 200 /
optimize2.innity.com/ 43 B
347 B 1186ms
281ms Image
image/gif 47.250.12.214
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimize2.innity.com/?pubid=3686&zoneid=93378&cb=1704266921455
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.250.12.214 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: / PHP/8.2.5
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 07:28:42 GMT
last-modified: Wed, 03 Jan 2024 07:28:42 GMT
x-powered-by: PHP/8.2.5
content-type: image/gif
p3p: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
84 KB 106ms
71ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H9DDVMTLKY

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/cdn-cgi/apps/body/mttil_w5gfRQoMK9J5wSEV0yOJQ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9e500e53d3cc560a95504fb9def7a590996efd03ec4617a9933ed42e3affe08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85469
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 Jan 2024 07:28:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
86 KB 53ms
51ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H9DDVMTLKY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS87BVL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7004e9ae4f9726964c635759c7dc31f1d03dcc4c8c9669c4ee7d573b0d95d2cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87678
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 Jan 2024 07:28:41 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
253 B 97ms
38ms Ping
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H9DDVMTLKY&gtm=45je3bt0v882766043&_p=1704266921416&gcd=11l1l1l1l1&dma=0&cid=311929231.1704266922&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704266921&sct=1&seg=0&dl=https%3A%2F%2Fwww.tg-me.com%2Fus%2FTelegram%2BNews%2Fcom.telegram&dt=Telegram%20News%20Telegram&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3343
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H9DDVMTLKY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 07:28:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tg-me.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK container_576b5a051c51b1c0244bca09.js Show response
ssl-avd.innity.net/1/ Frame 0E09 11 KB
4 KB 132ms
26ms Script
application/javascript 23.209.54.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.209.54.115 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-54-115.deploy.static.akamaitechnologies.com
Software: nginx/1.24.0 /
Resource Hash: fcbfe3701531c9c0a1cdf0f9adaf43370498a8a46185ec0639f844a14f1f5541

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 07:28:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Oct 2023 07:45:31 GMT
Server: nginx/1.24.0
ETag: "6528f59b-2aa5-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1353242
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3678
Expires: Thu, 18 Jan 2024 23:22:43 GMT

GET
H/1.1 200
OK container_549927e79bd1fa1a040041a9.js Show response
ssl-avd.innity.net/1/ Frame 3C92 7 KB
3 KB 123ms
27ms Script
application/javascript 23.209.54.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl-avd.innity.net/1/container_549927e79bd1fa1a040041a9.js
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.209.54.115 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-54-115.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: 6d82e21331aeb7b154ce45f18bc4a76893c17b1e2db85c4b40397fabfc0b023e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 07:28:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Aug 2020 05:09:27 GMT
Server: nginx/1.20.1
ETag: "5f45ee87-1dd4-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1033699
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2863
Expires: Mon, 15 Jan 2024 06:37:00 GMT

GET
H/1.1 200
OK /
optimize.innity.com/ 43 B
452 B 934ms
232ms Image
image/gif 8.218.26.252
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimize.innity.com/?pubid=3686&zoneid=98814&cb=1704266921739
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 8.218.26.252 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 07:28:42 GMT
Last-Modified: Wed, 03 Jan 2024 07:28:42 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 43
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H2 200 /
optimize2.innity.com/ 43 B
348 B 902ms
280ms Image
image/gif 47.250.12.214
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimize2.innity.com/?pubid=3686&zoneid=98814&cb=1704266921739
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.250.12.214 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: / PHP/8.2.5
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 07:28:42 GMT
last-modified: Wed, 03 Jan 2024 07:28:42 GMT
x-powered-by: PHP/8.2.5
content-type: image/gif
p3p: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 1 KB
1 KB 272ms
271ms Script
text/javascript 47.254.199.63
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1704266921743&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98811&output=js&flash=0&url=www.tg-me.com&width=300&height=250&vpw=1600&vph=1200&auction=33675fa-22520b2&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL1RlbGVncmFtK05ld3MvY29tLnRlbGVncmFt
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.254.199.63 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: e9a0812f16f2f727b9edc9cc17f56b02c25280785f8e220d45b224dfc172b5f1

Request headers

Referer: https://www.tg-me.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 07:28:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Jan 2024 07:28:41 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Length: 603
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK dc.js Show response
avd.innity.net/lib/ Frame 0E09 20 KB
7 KB 185ms
27ms Script
application/javascript 23.209.54.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/lib/dc.js
Requested by: Host: ssl-avd.innity.net
URL: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.209.54.115 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-54-115.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 07:28:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Oct 2021 06:40:46 GMT
Server: nginx/1.20.2
ETag: "61725cee-5149-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1357043
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6412
Expires: Fri, 19 Jan 2024 00:26:05 GMT

GET
H2 200 userSync.js Show response
ads.pubmatic.com/AdServer/js/ Frame 0E09 7 KB
3 KB 101ms
28ms Script
application/javascript 23.51.57.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bbfd11be8ef21e1c20fcbb1a97d6e90e07784a8b824d4ff3e76b2600527388f9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:41 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 09:12:08 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=131024
accept-ranges: bytes
content-length: 2416
expires: Thu, 04 Jan 2024 19:52:25 GMT

GET
H/1.1 200
OK /
avd.innity.com/uidsync/init/ Frame CFC6 43 B
608 B 1159ms
246ms Image
image/gif 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/uidsync/init/?idsr=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D1381%26g%3D204%26j%3D0&c=HK&itmcb=1704266921870
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 07:28:42 GMT
Last-Modified: Wed, 03 Jan 2024 07:28:42 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H/1.1

200
OK

/
avd.innity.com/uidsync/mapuid/ Frame CFC6
Redirect Chain

https://avd.innity.com/uidsync/getuid/?idsr=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fssp%3Dinnity%26user_id%3D%24UID&itmcb=1704266921870
https://x.bidswitch.net/sync?ssp=innity&user_id=f2bb895346ba119aabdc4f1adae334bc
https://x.bidswitch.net/ul_cb/sync?ssp=innity&user_id=f2bb895346ba119aabdc4f1adae334bc
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=innity&ssp_user_id=ee41876f-4704-476d-8848-1b48c3febeeb&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-_b0H6uxE2pl1s5DGE6OE5iQXqG0zrpbUnhotSg--~A&expires=5&ssp=innity
https://avd.innity.com/uidsync/mapuid/?pid=689&puuid=ee41876f-4704-476d-8848-1b48c3febeeb

43 B
471 B

743ms
251ms

Image
image/gif

119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/uidsync/mapuid/?pid=689&puuid=ee41876f-4704-476d-8848-1b48c3febeeb
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: HTTP/1.1
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 07:28:43 GMT
Last-Modified: Wed, 03 Jan 2024 07:28:43 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

Redirect headers

Location: //avd.innity.com/uidsync/mapuid/?pid=689&puuid=ee41876f-4704-476d-8848-1b48c3febeeb
Date: Wed, 03 Jan 2024 07:28:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 8A8F 16 KB
6 KB 28ms
28ms Document
text/html 23.51.57.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://www.tg-me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=66270
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Wed, 03 Jan 2024 07:28:42 GMT
expires: Thu, 04 Jan 2024 01:53:12 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 8A8F 2 KB
3 KB 98ms
28ms Script
text/html 8.28.7.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=42836090&p=163515&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0223270cf3581102b039b72fb5507e357a7f122e5f55dfe6710f198962832590

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 03 Jan 2024 07:28:41 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK adj Show response
grid.bidswitch.net/ 22 B
235 B 294ms
137ms Script
text/javascript 35.211.93.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/adj?auid=373595
Requested by: Host: as.innity.com
URL: https://as.innity.com/synd/?cb=1704266921743&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98811&output=js&flash=0&url=www.tg-me.com&width=300&height=250&vpw=1600&vph=1200&auction=33675fa-22520b2&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL1RlbGVncmFtK05ld3MvY29tLnRlbGVncmFt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.93.27 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.93.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 18c983c761fdf75fb946aa47edc930cbf2f88bc7948ebc7bc6f699aa19628eb8

Request headers

Referer: https://www.tg-me.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 03 Jan 2024 07:28:42 GMT
cache-control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 22
Content-Type: text/javascript; charset=UTF-8

GET
H/1.1 200
OK / Show response
avd.innity.com/dc/cb/ Frame 0E09 59 B
567 B 2089ms
1254ms Script
application/javascript 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by: Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 116ae0d4bc21f6afd35f95a372d012c06f189e585b63e5815c755049d10ace7f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 07:28:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Jan 2024 07:28:44 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 79
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H/1.1

200
OK

dcm Show response
s.amazon-adsystem.com/ Frame CEA4
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&redir=true&gdpr=0&gdpr_consent=
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

77ms
74ms

Document
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 03 Jan 2024 07:28:42 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 1EEQ0J0Z9N9RS2XK21P6

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 03 Jan 2024 07:28:42 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 5RVP7BNF1WXEVN2HS3DV

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 9FB7 0
338 B 110ms
34ms Document
image/gif 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 0
content-type: image/gif
date: Wed, 03 Jan 2024 07:28:41 GMT
p3p: policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server: b

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 46E1
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHa1FVN0xLaGtBQUJhTUdEQlEzZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partneruserid=AAGkQU7LKhkAABaMGDBQ3g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252C...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8876973003597357306&gdpr=0&gdpr_consent=
https://sync.technoratimedia.com/services?uid=AAGkQU7LKhkAABaMGDBQ3g&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8876973003597357306%26gdpr%3D0%26gdpr_cons...
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8876973003597357306&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
https://bh.contextweb.com/bh/rtset?ev=AAGkQU7LKhkAABaMGDBQ3g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8876973003597357306%26gdpr%3D0%26bee_sync_pa...
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8876973003597357306&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAGkQU7LKhkAABaMGDBQ3...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGkQU7LKhkAABaMGDBQ3g&gdpr=0

42 B
279 B

26ms
25ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGkQU7LKhkAABaMGDBQ3g&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 03 Jan 2024 07:28:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Wed, 03 Jan 2024 07:28:43 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGkQU7LKhkAABaMGDBQ3g&gdpr=0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1 200
OK / Show response
avd.innity.com/uidsync/mapuid/ Frame 1726 43 B
471 B 752ms
244ms Document
image/gif 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.com/uidsync/mapuid/?pid=1056&puuid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Wed, 03 Jan 2024 07:28:42 GMT
Expires: Wed, 04 Aug 1985 12:59:00 GMT
Last-Modified: Wed, 03 Jan 2024 07:28:42 GMT
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Pragma: no-cache
Server: Apache

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8A8F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ddj75hL6RiWt0u2rfDF_UQ%3D%3D&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ddj75hL6RiWt0u2rfDF_UQ%3D%3D&gdpr=0&gdpr_consent=&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

38ms
33ms

Image
text/html

23.51.57.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:42 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=66270
accept-ranges: bytes
content-length: 5622
expires: Thu, 04 Jan 2024 01:53:12 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 07:28:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 8A8F
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=52de7b38-f135-4d9a-b891-8965b4e40076%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a9e24617-9faf-4e3d-8c2b-e0b124563b02&ttd_puid=52de7b38-f135-4d9a-b891-8965b4e40076%2C%2C

95 B
124 B

46ms
46ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a9e24617-9faf-4e3d-8c2b-e0b124563b02&ttd_puid=52de7b38-f135-4d9a-b891-8965b4e40076%2C%2C

Requested by

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:42 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a9e24617-9faf-4e3d-8c2b-e0b124563b02&ttd_puid=52de7b38-f135-4d9a-b891-8965b4e40076%2C%2C
date: Wed, 03 Jan 2024 07:28:42 GMT
server: Kestrel
content-length: 359

GET
H2 403 FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 8A8F 0
0 155ms
39ms Image
text/html 40.76.134.238
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2075D8FBE6-12FA-4625-ADD2-EDAB7C317F51&rnd=RND
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2

200

xuid
eb2.3lift.com/ Frame 8A8F
Redirect Chain

https://eb2.3lift.com/xuid?mid=7976&xuid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&dongle=u6nf&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

45ms
42ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 03 Jan 2024 07:28:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7976&xuid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date: Wed, 03 Jan 2024 07:28:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 8A8F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzVEOEZCRTYtMTJGQS00NjI1LUFERDItRURBQjdDMzE3RjUx&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzVEOEZCRTYtMTJGQS00NjI1LUFERDItRURBQjdDMzE3RjUx&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

35ms
30ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 03 Jan 2024 07:28:41 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 07:28:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 8A8F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBC7uIdt55I7TmdQ6lUbymk&google_cver=1

42 B
267 B

36ms
31ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBC7uIdt55I7TmdQ6lUbymk&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 03 Jan 2024 07:28:42 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 07:28:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBC7uIdt55I7TmdQ6lUbymk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 8A8F
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B650E4619727464B94F3E35E9B35A6B7

42 B
552 B

129ms
30ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B650E4619727464B94F3E35E9B35A6B7
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 03 Jan 2024 07:28:42 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Wed, 03 Jan 2024 07:28:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B650E4619727464B94F3E35E9B35A6B7
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 02 Jan 2024 07:28:42 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8A8F
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a9e24617-9faf-4e3d-8c2b-e0b124563b02&gdpr=0&gdpr_consent=

42 B
541 B

98ms
28ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a9e24617-9faf-4e3d-8c2b-e0b124563b02&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 03 Jan 2024 07:28:41 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a9e24617-9faf-4e3d-8c2b-e0b124563b02&gdpr=0&gdpr_consent=
date: Wed, 03 Jan 2024 07:28:42 GMT
server: Kestrel
content-length: 355

GET
H2 200 75D8FBE6-12FA-4625-ADD2-EDAB7C317F51
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 8A8F 43 B
602 B 145ms
31ms Image
image/gif 2600:1f18:4e9:5a01:b190:a784:2195:7e31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/75D8FBE6-12FA-4625-ADD2-EDAB7C317F51?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a01:b190:a784:2195:7e31 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 8A8F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AjF0fppE2uX1fkv7xYTBU6UX9_xeh4Q-~A&gdpr=0

0
260 B

123ms
55ms

Image
text/plain

162.248.18.34
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AjF0fppE2uX1fkv7xYTBU6UX9_xeh4Q-~A&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:42 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AjF0fppE2uX1fkv7xYTBU6UX9_xeh4Q-~A&gdpr=0
date: Wed, 03 Jan 2024 07:28:42 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8A8F
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dd23d9c5-ee2b-4efe-b1a8-d27a906b57aa&gdpr=0&gdpr_consent=

1 B
255 B

30ms
29ms

Image
text/html

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dd23d9c5-ee2b-4efe-b1a8-d27a906b57aa&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 03 Jan 2024 07:28:41 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dd23d9c5-ee2b-4efe-b1a8-d27a906b57aa&gdpr=0&gdpr_consent=
Date: Wed, 03 Jan 2024 07:28:42 GMT
Connection: keep-alive
X-CI-RTID: 339900f3-1f4b-447b-8de9-794476b0d3fe
Content-Length: 205
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK container_576b5a051c51b1c0244bca09.js Show response
ssl-avd.innity.net/1/ Frame 1986 11 KB
4 KB 32ms
26ms Script
application/javascript 23.209.54.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.209.54.115 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-54-115.deploy.static.akamaitechnologies.com
Software: nginx/1.24.0 /
Resource Hash: fcbfe3701531c9c0a1cdf0f9adaf43370498a8a46185ec0639f844a14f1f5541

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 07:28:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Oct 2023 07:45:31 GMT
Server: nginx/1.24.0
ETag: "6528f59b-2aa5-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1353241
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3678
Expires: Thu, 18 Jan 2024 23:22:43 GMT

GET
H3 200 stars.svg
www.tg-me.com/img/ 901 B
983 B 52ms
48ms Image
image/svg+xml 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tg-me.com/img/stars.svg
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc60e6f6e60e1cc56e2ebfc8d51811b55fc04a29e0a383dfceba765c2e870ba6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/us/Telegram+News/com.telegram
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Oct 2022 11:10:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 282138
etag: W/"635915b7-385"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6Ogh9QcbTQrINW4VU2toZxEnlRbYmo2YSdJl1AoKczSFqZ%2Fm17AcFGYirzlK%2F%2B%2BF%2BUa9fuc9ABxI8q8fzErfKXogUOS421mPXnAOl9n9SsfgTc%2BzkMTtYUIccIMlgu1AT7eZpD06rfzMdMc"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=691200
cf-ray: 83f986c8cfac4bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3

200

webview Show response
www.tg-me.com/us/Telegram+News/com.telegram/ Frame ABE6
Redirect Chain

https://www.tg-me.com/Telegram+News/com.telegram/webview?embed=1
https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

128 KB
19 KB

772ms
772ms

Document
text/html

2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56774e2029289862e17c64b243ac49106ed48e771bc7d49c3fb3aa3631803fd1

Request headers

Referer: https://www.tg-me.com/us/Telegram+News/com.telegram
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
cf-cache-status: MISS
cf-ray: 83f986cc089e4bd8-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 03 Jan 2024 07:28:43 GMT
last-modified: Wed, 03 Jan 2024 07:28:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnhp9W9eIdcZSVzljqYYLuMjKlbYyNRB9IrXDxHIYi2RgJErFXjPsIRVKMhOzdcuCUkOSA2jBM751jU8a1J2KAv%2FIoNEtDlAur3dLtdreFZM8aQsAjFdFFgPxRo5LT73DLkHZOTbXNwI2myc"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: BYPASS
cf-ray: 83f986c8cfb94bd8-BUF
content-type: text/html; charset=UTF-8
date: Wed, 03 Jan 2024 07:28:42 GMT
location: /us/Telegram+News/com.telegram/webview?embed=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sm1Cc5Eveo6v%2Bowcg7uNJUsqFHmRKvNzhItoEOi2MxW%2FR4fdim1O1HbfKjJMppqL1ZlOUZz6Wrvj%2FBOyZXYk1AN4naiG0eJds%2FTgaZaHwzE0fz3AH9HHvYNzTMWZYLWlru7%2FTHpekVB2oqxi"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 2161124 Show response
acceptable.a-ads.com/ Frame 21E2 24 KB
6 KB 662ms
131ms Document
text/html 144.76.38.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://acceptable.a-ads.com/2161124

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.76.38.164 Dottingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.164.38.76.144.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

ff8bb48e9a326072aa26e7300806a9f5f12223e73158e1c75a1513cbd01ebc9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Wed, 03 Jan 2024 07:28:42 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://www.tg-me.com/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H3 200 telegram.jpg
img.tg-me.com/icon/te/ 6 KB
7 KB 49ms
42ms Image
image/jpeg 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tg-me.com/icon/te/telegram.jpg
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d16227677095de7d78fe63b771b683b3f6bd1d559dbb82e4ab557c7bde2952ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:42 GMT
cf-cache-status: HIT
last-modified: Fri, 31 Mar 2023 18:55:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: "64272cb7-1848"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aIaEPYwfBIg6AeVb9hWpsC9jzX9M%2BDUSA4vdHS4hsEivltuTxb5eY0OmApKSd0k%2BJmn9zog%2FvzZT86qWIxq5OqqgCS1n%2BhKKLlg0P%2BEL59KGG8i2quzi3RhR2FvPHy2BxITEixnZkeVJnAzX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 83f986c8cfba4bd8-BUF
alt-svc: h3=":443"; ma=86400
content-length: 6216

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
361 B 46ms
33ms Script
text/javascript 23.203.177.63
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.203.177.63 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-177-63.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:28:42 GMT
server: Oracle API Gateway
opc-request-id: /4BF820706E1D9704E3218278409015A1/51FFB3BF8B8C19CBD047DE829DCBC78C
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 297 KB
85 KB 42ms
32ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=52361bd515bff3d7f74c7d2d167d2ebc

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5c1b8adff1fd7c2cdc9e2114d14afb02bc95e5f83f065715856ca7f24f05cd94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.tg-me.com/
Origin: https://www.tg-me.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:28:42 GMT
content-md5: 2LwX5HmWz0jh17IyBPtLCQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86876
reporting-endpoints
x-fb-debug: mVfPJ+OKIaTnQiEZHC3SQ3x10Fs8Y/NJTkW/vpWyQameo5LOX52dZRIFp6NWRtRB7HFGmTkI4/6lsNzSWggtDg==
x-fb-content-md5: 817755225f65abca3c824e0429bf898b
cross-origin-opener-policy: same-origin-allow-popups
etag: "957eee14a534c08852a2bca145bf26d4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 02 Jan 2025 07:09:26 GMT

GET
H/1.1 200
OK dc.js Show response
avd.innity.net/lib/ Frame 1986 20 KB
7 KB 27ms
26ms Script
application/javascript 23.209.54.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/lib/dc.js
Requested by: Host: ssl-avd.innity.net
URL: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.209.54.115 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-54-115.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 07:28:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Oct 2021 06:40:46 GMT
Server: nginx/1.20.2
ETag: "61725cee-5149-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1357043
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6412
Expires: Fri, 19 Jan 2024 00:26:05 GMT

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 86ms
28ms Fetch
binary/octet-stream 104.21.24.208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d37tb4r0t9g99j.cloudfront.net
URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5464
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 03 Jan 2024 05:57:38 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://www.tg-me.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVXfW8h0H%2BxLL%2FXatG3vwbjHRpVspxv72OD3X%2FSWMR8g7JiJ7a3T5glBa4QFy60jbk2Buqnu7Gcf%2BIOS%2BLrZMQH1hWAOAfsB060ZWF7jtf2rbc87S7qmwWOCZumt%2BgL2"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 83f986c97a8239e1-YYZ
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 26 B
351 B 105ms
48ms Fetch
text/plain 104.21.24.208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d37tb4r0t9g99j.cloudfront.net
URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bda77c658db6264264c14430c8dc4300b528c901836544babe6987f292074f6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qn7kx%2Fkj6Ke7ptA5dJXDUo8r0YLFMpSkuJwdPq5d4WniySBJkTL6gpNUhwoOY35%2F8QY4n%2BzynS7HapgHHRa78Wjd0N0DjPU9lwjdEtiK2UlWR9h%2BFnvTcwS%2BUW3p9vG9"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://www.tg-me.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 83f986c97a8339e1-YYZ
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
moonheappyr.com/ 0
537 B 113ms
36ms XHR
text/plain 13.32.208.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://moonheappyr.com/utx?cb=K1QP2TT2I0yS&top=www.tg-me.com&tid=994291
Requested by: Host: d37tb4r0t9g99j.cloudfront.net
URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.208.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-208-102.iad66.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 07:28:42 GMT
via: 1.1 063f496e2a2a07219bf3fbec39d54de4.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: IAD66-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tg-me.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: RIedSo3k3hN2mrRWs8_WIytqlcfYez7ATKEv87wkqoWL8tu8_6z8Dw==

GET
H2 200 UHE4cXUxE1scSjFMWlcAIh0FVEcWVAo3EWNGTBNBIkFMSBJpSFJfFjweTRUTIh5WBVs+FExURxYDaikdKhVCEhgWCQgjNhQ0ajdFPz5eNA0SJV8rHxUWeSgiBCd+OycoNHIzIxQ0CwIBFCB5QBEXPHUyJx06WTQZFCRuAh4WGWo6MAMwbzQwPzZhCR4IN2kBDQgWW... Show response
moonheappyr.com/ Frame 2DC6 3 KB
2 KB 81ms
40ms Document
text/html 13.32.208.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://moonheappyr.com/UHE4cXUxE1scSjFMWlcAIh0FVEcWVAo3EWNGTBNBIkFMSBJpSFJfFjweTRUTIh5WBVs+FExURxYDaikdKhVCEhgWCQgjNhQ0ajdFPz5eNA0SJV8rHxUWeSgiBCd+OycoNHIzIxQ0CwIBFCB5QBEXPHUyJx06WTQZFCRuAh4WGWo6MAMwbzQwPzZhCR4IN2kBDQgWWzkiE0R+MzQ0MnIGNBcwbRIDFTdtMiM+Fm45NGEUcyMkAyRfJDEEJwk5MD4VcSYCEhRzCQIzMH0jEgMadSskYjNzIEUJOVlBHQcjcCcSAxp1MC05BXcjRBk0ekBEEiMISA8ENxUBJhIpbSs0JxVaODRoJn4nAiM1fiszMyl6PScWGn0SRGEzaglNJTR5EhQHQ3o6OBY4fhUnARBwNz83IlM8JAUYYSU9FkVrFUU3IHBBICE3aismEiB2OyQFEmIVIwo3agZAaCdTOzMUHHo6JCcjbzgNOzNwGT9jIVMrMBE2TD0nBjd7FDA7V1ICGj4BBSceIxBVQREcGU0CNxM
Requested by: Host: d37tb4r0t9g99j.cloudfront.net
URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.208.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-208-102.iad66.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 76bf228a948f84324a44bb664d7ec959bc6f5bcd79b5c0bbf8e12c110d3c45d2

Request headers

Referer: https://www.tg-me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1240
content-type: text/html
date: Wed, 03 Jan 2024 07:28:42 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 063f496e2a2a07219bf3fbec39d54de4.cloudfront.net (CloudFront)
x-amz-cf-id: 0k0pQcbm8wfsKMrfU2nS_CBPvrQm4NgghNPPWqq8CtsVZCxzbBl-vQ==
x-amz-cf-pop: IAD66-C1
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 58ms
47ms Fetch
binary/octet-stream 104.21.24.208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d37tb4r0t9g99j.cloudfront.net
URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5464
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 03 Jan 2024 05:57:38 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://www.tg-me.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEYLTR53DCu6IkjBNG5xmX6zx0fGPZGwSEwgvEH0hXkkCJ95EkIJQg8gpEjYwaCdCPLT23TNzUUXNJErfgYsqLTSDLgXiSKmyGeab5Dwk6pF1kUGS4l5YjHy2F4Gr4WS"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 83f986c97a8539e1-YYZ
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 26 B
373 B 58ms
47ms Fetch
text/plain 104.21.24.208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d37tb4r0t9g99j.cloudfront.net
URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcee70ee4dde68151cd2665fce43d542b0e11521ffeade1cab4ce9d17955f0a1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFKgidq5N1y2R3uCCBC%2F3XyG72L9pKoNNTKdxZM7wtifhYv1EIR%2FCDiCtiQSTEf7RXZ3lxJgtj175E%2B4YbV7IjPqRdXo%2ByeYJu2R%2Fn1LxoZCbDIaIOb2xDXyrQFkKKsS"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://www.tg-me.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 83f986c97a8739e1-YYZ
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
moonheappyr.com/ 0
537 B 68ms
38ms XHR
text/plain 13.32.208.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://moonheappyr.com/utx?cb=ntNXu5gK2401&top=www.tg-me.com&tid=997292
Requested by: Host: d37tb4r0t9g99j.cloudfront.net
URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.208.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-208-102.iad66.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 07:28:42 GMT
via: 1.1 063f496e2a2a07219bf3fbec39d54de4.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: IAD66-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tg-me.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: WLAhzBVJodmb7NWpwzNad5jogERxPZ7Dhpg6A9WupFdhyv1-at4Qsg==

GET
H2 200 IFZdDHoFdgk5CywCHi4eC1QPBSAlYjs6alZ1DjpiMX84ASALYis9BzR3XDsaA0BIWgkCYidNfSJlXgA5LFQdPS0JXCwtHg9ZIS5+MmFeAy0iYhk7BR51DzAKAAYMLisHcj4pfCNhFTkqHkc0OzhUXj06Gih5JRg+JXEJOxUzBywpCRBfDDkGJWFeBCA1AgotBA1DN... Show response
moonheappyr.com/aE9kM20JLQdeUglyBhUYGiNZFl8ualZ1CVt4EFFZGn8QCgpRdg4dDgQgEVcLGiAKR0MGKhAWXy4DNwIKHwAzegImflFVNTx3HGUsOi0HXlUrDiJxGSUkKmQpLDsIYCwbCSVKJyIrIEAdLB4iAT8sdw1lLDofAV4KPxk1fgE4OFRVLxEaU3c8A... Frame 5D6A 3 KB
2 KB 35ms
34ms Document
text/html 13.32.208.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://moonheappyr.com/aE9kM20JLQdeUglyBhUYGiNZFl8ualZ1CVt4EFFZGn8QCgpRdg4dDgQgEVcLGiAKR0MGKhAWXy4DNwIKHwAzegImflFVNTx3HGUsOi0HXlUrDiJxGSUkKmQpLDsIYCwbCSVKJyIrIEAdLB4iAT8sdw1lLDofAV4KPxk1fgE4OFRVLxEaU3c8AAovWRU7DSJpGSQKJmQuMBYSYigfDilKXC8cNVQHDiQyajURFldgASkALkkGPgwdYUhaDQBULAsaLEcaOn4lfiESKyxgBgx6BXVYJh1XXwIpHgh+CFt/IFZdDHoFdgk5CywCHi4eC1QPBSAlYjs6alZ1DjpiMX84ASALYis9BzR3XDsaA0BIWgkCYidNfSJlXgA5LFQdPS0JXCwtHg9ZIS5+MmFeAy0iYhk7BR51DzAKAAYMLisHcj4pfCNhFTkqHkc0OzhUXj06Gih5JRg+JXEJOxUzBywpCRBfDDkGJWFeBCA1AgotBA1DNyAJJX0POQIrZyUAOiJYFQ4qAxUHGyAKQ1AQfQN7FxECPVE4WQA
Requested by: Host: d37tb4r0t9g99j.cloudfront.net
URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.208.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-208-102.iad66.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: a718b13d3fd81253de7f20c5b19de4a621574c09c43e2caaf38d5c8f57e23c22

Request headers

Referer: https://www.tg-me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1237
content-type: text/html
date: Wed, 03 Jan 2024 07:28:42 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 063f496e2a2a07219bf3fbec39d54de4.cloudfront.net (CloudFront)
x-amz-cf-id: c3LU4LTsoSIFOlNE6qqq_SWZFPnrTjazKPnktH7WlBfiXq8d2mCuqQ==
x-amz-cf-pop: IAD66-C1
x-cache: Miss from cloudfront

GET
H2 200 PQ5oCxwRHHM1 Show response
moonheappyr.com/c3cyZE8SFVEJcBJKUEI6ARsPQX01UgAiK0BARgZ7AUdGXShKTlhKLB8YRwApARhcEGEdEkZBfTU9YzF+NBZYKSY6HlUpCzciWS0jEDxXLCNDIkUiITkNZyIXJzFFNCYxBVE1AlZFdCkJBCR+HX8BLl8HeiM2BistOw8AMAlLEHsdCSsxYTUlO... Frame E31F 3 KB
2 KB 39ms
38ms Document
text/html 13.32.208.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://moonheappyr.com/c3cyZE8SFVEJcBJKUEI6ARsPQX01UgAiK0BARgZ7AUdGXShKTlhKLB8YRwApARhcEGEdEkZBfTU9YzF+NBZYKSY6HlUpCzciWS0jEDxXLCNDIkUiITkNZyIXJzFFNCYxBVE1AlZFdCkJBCR+HX8BLl8HeiM2BistOw8AMAlLEHsdCSsxYTUlOSFRJxUKAFsnDkZGUx4CPzNbEyYjNnwCAyAPWDMHJUdrVxUjNmoiIz4mfAAFID5KIx0pDVQ3KBYxXCp2F0ZdACwkHwMvDSkNVDAKNy9qAHoqRl4cFTtOACEoJUZoIwEqNksldj0QaDMBGhBZJRkcRlMsYiIEcAoFRRZ0DwkpPwtWHh8QQiscADB0CgI8LgMDCz8kYxALCy1IAhw2J2cnIBoVAlwNECQGEQg1AEEvCD0uVjwNVkV0ACQiM1BXO0EiRRQ5FT9gMAkdOQsqHgcheyB3BSNFIQcWP2QABys9BT0NSzhRJWkZBF0KP04PeDx/PQ5oCxwRHHM1
Requested by: Host: d37tb4r0t9g99j.cloudfront.net
URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.208.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-208-102.iad66.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: c886556689c2545a7a04f45a73d746bbe6ec98053c0560dd79b5e022d277c94d

Request headers

Referer: https://www.tg-me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1224
content-type: text/html
date: Wed, 03 Jan 2024 07:28:42 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 063f496e2a2a07219bf3fbec39d54de4.cloudfront.net (CloudFront)
x-amz-cf-id: gd3juX6uOl0Ah2P3ilsz89mEQqTRhJwkMYl-IHwwZFKftVfyW3FyOQ==
x-amz-cf-pop: IAD66-C1
x-cache: Miss from cloudfront

GET
H2 204 P29cUCMiNAJLbDpvXFh5eHxeQmR8dBhLe2omHRctcWNLBj44PlBHfXxmX0B8dWBfQnp6
yistkechauk.org/TFJtdkpjbQ4Fdxs/KyArJzYbIR19NA4hexkLXDwzLQQFBR8iG0sCIyhvVE9+fmtcUDolNlBHbD8mDAI/ 0
394 B 148ms
77ms Image
text/plain 172.67.161.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yistkechauk.org/TFJtdkpjbQ4Fdxs/KyArJzYbIR19NA4hexkLXDwzLQQFBR8iG0sCIyhvVE9+fmtcUDolNlBHbD8mDAI/P29cUCMiNAJLbDpvXFh5eHxeQmR8dBhLe2omHRctcWNLBj44PlBHfXxmX0B8dWBfQnp6
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.161.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ThwpOtbajEYrkOnlyY1ak3pfGffiLIxOfvNs7oS2f%2FrhpYN9wGySCsILgSD5OpUVpgxvo9unmSWe0%2FY5YmR1%2Fzo95QYZG%2Bl4b%2BK3T1EmS17%2BuG2Es9C9%2FRt2MuLezuioknw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 83f986ca7d3539f2-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 422ms
81ms Image
text/html 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp3wTcPU7Vn7bAMbyAQOE-xwv64SGYS3Kz3KPaV1IyTwcLEqEzz3awpyiok...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1THAFgFHSJDRWBwn4eZf24tiRQrfZRg8jAHcUcv72GpUap3vTBjgJ3rd-b2Wtf96sk_ygp&passive=...

0
0

70ms
70ms

Image
text/html

2607:f8b0:4006:80f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1THAFgFHSJDRWBwn4eZf24tiRQrfZRg8jAHcUcv72GpUap3vTBjgJ3rd-b2Wtf96sk_ygp&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S688240098%3A1704266923067671&theme=glif
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H3
Server: 2607:f8b0:4006:80f::200d , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Redirect headers

date: Wed, 03 Jan 2024 07:28:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-4rLlj-t4ognP_aeDZr8uWw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 400
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1THAFgFHSJDRWBwn4eZf24tiRQrfZRg8jAHcUcv72GpUap3vTBjgJ3rd-b2Wtf96sk_ygp&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S688240098%3A1704266923067671&theme=glif
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1cWtc7EcBTFmFZzhL2JTCPAe_USgPE5FSJ8VJSCMR6OLkC9Jfq-Ba...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0CcKJ7vb2GOXvztGX7qgYXRNQx_9KSbg0Sny8S6Gdb6ih-ny6RC96so4DlVmqPnuQgufolhQ&passi...

0
0

75ms
75ms

Image
text/html

2607:f8b0:4006:80f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0CcKJ7vb2GOXvztGX7qgYXRNQx_9KSbg0Sny8S6Gdb6ih-ny6RC96so4DlVmqPnuQgufolhQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1157709681%3A1704266922982719&theme=glif
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H3
Server: 2607:f8b0:4006:80f::200d , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Redirect headers

date: Wed, 03 Jan 2024 07:28:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-KHElmLXnohisvNt6QSvfCw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 407
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0CcKJ7vb2GOXvztGX7qgYXRNQx_9KSbg0Sny8S6Gdb6ih-ny6RC96so4DlVmqPnuQgufolhQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1157709681%3A1704266922982719&theme=glif
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 MWFadnIeXjkFT2sKYkIQaTMMEgVdOAgaJAIgDE8wZCliNyoBMHwCG1VcY09FA1hoUAJYBWdHVEIVOwIHQlxrUBtfBzVLVEdca1hBBU9pQlwBRy9LQxcVKhcVDFB8BgZFDWdHRQFVaEBECFNoQkcC
yistkechauk.org/ 0
254 B 46ms
43ms Image
text/plain 172.67.161.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yistkechauk.org/MWFadnIeXjkFT2sKYkIQaTMMEgVdOAgaJAIgDE8wZCliNyoBMHwCG1VcY09FA1hoUAJYBWdHVEIVOwIHQlxrUBtfBzVLVEdca1hBBU9pQlwBRy9LQxcVKhcVDFB8BgZFDWdHRQFVaEBECFNoQkcC
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.161.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PG9%2FX%2FFOG28LSRwhs%2BLOqGXITMVigaBwgLnQnhv%2B%2BHR1C2SQu96nNwAvM2ayQks%2BlL5qKCRM64nprashlkAz2kwtlmLFa3PiHFz%2Fv%2FCPsa9Rn9STLh3WjcNaTDciVywvt%2Fs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 83f986caad5339f2-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 204 H2skMDc4MDIKIDYTIzMAIAcsJzMeNUMVDxZvXFhSQGtXRxYbNlhQXlQhEQASByFYUEAbPAMOW1QkWFBIQnxXT1JUJ1hQQAYiBAZbQ3QVFRIeb1RWVkZgU1dfQGBQUVA
yistkechauk.org/clJlYWZdbQYSWxYaLFI/ 0
246 B 45ms
42ms Image
text/plain 172.67.161.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yistkechauk.org/clJlYWZdbQYSWxYaLFI/H2skMDc4MDIKIDYTIzMAIAcsJzMeNUMVDxZvXFhSQGtXRxYbNlhQXlQhEQASByFYUEAbPAMOW1QkWFBIQnxXT1JUJ1hQQAYiBAZbQ3QVFRIeb1RWVkZgU1dfQGBQUVA
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.161.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdOwmnUcCNAQDOe7sEDsHE5htZH6HNxggP2%2Bzu%2Fa7FD5FdTmY%2FSIcw2i1CXW79VHc9RvsRlQJ2ObRi7giYP2tk2M5FgQ6zi%2BUo0Z319HeVOI0h9u6J8qMnLYiiucYs4AT%2B0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 83f986caad5439f2-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3

200

main.js Show response
www.tg-me.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 375C
Redirect Chain

https://www.tg-me.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.tg-me.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
4 KB

35ms
34ms

Script
application/javascript

2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tg-me.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram

Protocol

Server

2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71f7f9a794e9467fe550136c5ecdd65f83345bb2c588e431b5607a29ba49c63a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:42 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dITeIP16qfo6KXV%2FpDrl4anKzHbVO%2FQxyhTxHCUZb3N8p8d8M3PMNuFw9kgy6RM4kK42v0Wj6xf3sS9Qzq%2BC4sknVmoBM5BV%2Fl2QPc1Uen1ruucZ5ygZg6XaBM49F0mYwWPz2zTfge2Vp7mA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 83f986caa8304bd8-BUF
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 03 Jan 2024 07:28:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVJzC4KGbUSMHQnT4kFS09YVNiJVWaFHG%2BCjmEQTy0kL0kK5FaFbq%2BH70WNeDuR2t1XoYWzjylPzeyTaxXiarooxYmczFfjtYrN%2ByMpQiclPuOpluHKbn6GdiCALscyVxNQD7cbnikRAZ1Q4"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
cache-control: max-age=300, public
cf-ray: 83f986ca28184bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK / Show response
avd.innity.com/dc/cb/ Frame 1986 59 B
567 B 747ms
248ms Script
application/javascript 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by: Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 116ae0d4bc21f6afd35f95a372d012c06f189e585b63e5815c755049d10ace7f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 07:28:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Jan 2024 07:28:43 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 79
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H2 200 rRXhzdzcmFx0RCDERF0oOfExBTgZjEgAYWTVFJRxEJBVDE3stDQA1dGMMCRMKaElDUVskFhRKESAWEEoGYxkXFQpxXgcHWC5FBAdCJwAGAUcvEFUCVngVHA1eKRQSUgUDTV1HEndIWwBeKxwcAERgSkMZQ2BKQ0YHa0hWRHVgSkMAXitOR1IEB11BR09zTF-pSBXU... Show response
d37tb4r0t9g99j.cloudfront.net/ Frame 2DC6 697 B
786 B 140ms
139ms Script
text/plain 2600:9000:210b:ee00:9:81e3:f9c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d37tb4r0t9g99j.cloudfront.net/rRXhzdzcmFx0RCDERF0oOfExBTgZjEgAYWTVFJRxEJBVDE3stDQA1dGMMCRMKaElDUVskFhRKESAWEEoGYxkXFQpxXgcHWC5FBAdCJwAGAUcvEFUCVngVHA1eKRQSUgUDTV1HEndIWwBeKxwcAERgSkMZQ2BKQ0YHa0hWRHVgSkMAXitOR1IEB11BR09zTF-pSBXUZAwdbIA8WFVwsDFZFcXBLRFkEc11BRx8uEAcaW2BKMFIFdRQaHFJgSkMQUiYTHF4Sd0gQH0UqFRZSBQNJQUcZdVZFRw58VkJFDmBKQwRWIxkBHhJ3PkZEAGtLRVFCeEk
Requested by: Host: moonheappyr.com
URL: https://moonheappyr.com/UHE4cXUxE1scSjFMWlcAIh0FVEcWVAo3EWNGTBNBIkFMSBJpSFJfFjweTRUTIh5WBVs+FExURxYDaikdKhVCEhgWCQgjNhQ0ajdFPz5eNA0SJV8rHxUWeSgiBCd+OycoNHIzIxQ0CwIBFCB5QBEXPHUyJx06WTQZFCRuAh4WGWo6MAMwbzQwPzZhCR4IN2kBDQgWWzkiE0R+MzQ0MnIGNBcwbRIDFTdtMiM+Fm45NGEUcyMkAyRfJDEEJwk5MD4VcSYCEhRzCQIzMH0jEgMadSskYjNzIEUJOVlBHQcjcCcSAxp1MC05BXcjRBk0ekBEEiMISA8ENxUBJhIpbSs0JxVaODRoJn4nAiM1fiszMyl6PScWGn0SRGEzaglNJTR5EhQHQ3o6OBY4fhUnARBwNz83IlM8JAUYYSU9FkVrFUU3IHBBICE3aismEiB2OyQFEmIVIwo3agZAaCdTOzMUHHo6JCcjbzgNOzNwGT9jIVMrMBE2TD0nBjd7FDA7V1ICGj4BBSceIxBVQREcGU0CNxM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:ee00:9:81e3:f9c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4aa85434c5cd8c425d779bc1ddc5a2975592558a2afce31d4e7fdc977eef96f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://moonheappyr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:42 GMT
content-encoding: gzip
via: 1.1 b107b2437bbcbc926a3b733dc72fd52a.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 509
x-amz-cf-id: f020ZCNkoGmKIIaj-Lm2Y-AUvrWORYHUbhpUqBzruSiZvcRSn_8-gQ==

GET
H2 200 V3hvHgpUbmoAEQkjLF1VR3kbFQtSJzFbXEd5aFdcASA3GRxQeztYSw0mPRULJHpqABdSZW4AAFtlaQIAR3loQ1gEKipZHFANbQMOTHhuFkxfeg Show response
d37tb4r0t9g99j.cloudfront.net/LS1gwOWIoN15fXT8xVARbcm8CAFBtMkNWDDtlSAsFAyJJdDspDQF2RD8iVARPemgWVQMlPw0fByU7DQhEKjxSBFZtLEBWCXYvQEwAMy1GSQgjfkVYXyY3SlAOJzkVCyR+dgAcUHtwR1AMLzdHSkd5aF5NR3loAQlMe30De0... Frame 5D6A 704 B
790 B 128ms
125ms Script
text/plain 2600:9000:210b:ee00:9:81e3:f9c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d37tb4r0t9g99j.cloudfront.net/LS1gwOWIoN15fXT8xVARbcm8CAFBtMkNWDDtlSAsFAyJJdDspDQF2RD8iVARPemgWVQMlPw0fByU7DQhEKjxSBFZtLEBWCXYvQEwAMy1GSQgjfkVYXyY3SlAOJzkVCyR+dgAcUHtwR1AMLzdHSkd5aF5NR3loAQlMe30De0d5aEdQDH1sFQogbmoAQVR/cR-ULUiooQFUHPD1SUgs/fQJ/V3hvHgpUbmoAEQkjLF1VR3kbFQtSJzFbXEd5aFdcASA3GRxQeztYSw0mPRULJHpqABdSZW4AAFtlaQIAR3loQ1gEKipZHFANbQMOTHhuFkxfeg
Requested by: Host: moonheappyr.com
URL: https://moonheappyr.com/aE9kM20JLQdeUglyBhUYGiNZFl8ualZ1CVt4EFFZGn8QCgpRdg4dDgQgEVcLGiAKR0MGKhAWXy4DNwIKHwAzegImflFVNTx3HGUsOi0HXlUrDiJxGSUkKmQpLDsIYCwbCSVKJyIrIEAdLB4iAT8sdw1lLDofAV4KPxk1fgE4OFRVLxEaU3c8AAovWRU7DSJpGSQKJmQuMBYSYigfDilKXC8cNVQHDiQyajURFldgASkALkkGPgwdYUhaDQBULAsaLEcaOn4lfiESKyxgBgx6BXVYJh1XXwIpHgh+CFt/IFZdDHoFdgk5CywCHi4eC1QPBSAlYjs6alZ1DjpiMX84ASALYis9BzR3XDsaA0BIWgkCYidNfSJlXgA5LFQdPS0JXCwtHg9ZIS5+MmFeAy0iYhk7BR51DzAKAAYMLisHcj4pfCNhFTkqHkc0OzhUXj06Gih5JRg+JXEJOxUzBywpCRBfDDkGJWFeBCA1AgotBA1DNyAJJX0POQIrZyUAOiJYFQ4qAxUHGyAKQ1AQfQN7FxECPVE4WQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:ee00:9:81e3:f9c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0b8b8f7c41b69b113ad7c5e0915dbaad6b405ad762559c6ea69b5c485b198f18

Request headers

accept-language: en-US,en;q=0.9
Referer: https://moonheappyr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:42 GMT
content-encoding: gzip
via: 1.1 b107b2437bbcbc926a3b733dc72fd52a.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 513
x-amz-cf-id: QMjUI1Qawgocj-ZAplhndcQJwVesRwQq8GRkDBeIUnouDRiUNvSaTw==

GET
H2 200 dkQDb3t2UwpvfHRTFnN9NQtVID8vTwEHeHVdHXJ7YB8OcA Show response
d37tb4r0t9g99j.cloudfront.net/JQU1GajMiIigMDDUkIlcKeHl0UwFnJzUFXTFwPiBrcQM/MFwSLy0rYmc5PA4ObHx2TF8gIyFXFSQjJVcCZywiCA51azMLDiwiPANfLSxjWHV0Y3ZPAXFlMQNdJSIxGRZzfSgeFnN9d1odcWh1KBZzfTEDXXd5Y1lxZH92Eg... Frame E31F 189 B
463 B 110ms
110ms Script
text/plain 2600:9000:210b:ee00:9:81e3:f9c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d37tb4r0t9g99j.cloudfront.net/JQU1GajMiIigMDDUkIlcKeHl0UwFnJzUFXTFwPiBrcQM/MFwSLy0rYmc5PA4ObHx2TF8gIyFXFSQjJVcCZywiCA51azMLDiwiPANfLSxjWHV0Y3ZPAXFlMQNdJSIxGRZzfSgeFnN9d1odcWh1KBZzfTEDXXd5Y1lxZH92EgV1ZGNYAyA9NgZWNigkAVo1aH-QsBnJ6aFkFZH92QlgpOSsGFnMOY1gDLSQtDxZzfSEPUCoib08BcS4uGFwsKGNYdXB/dkQDb3t2UwpvfHRTFnN9NQtVID8vTwEHeHVdHXJ7YB8OcA
Requested by: Host: moonheappyr.com
URL: https://moonheappyr.com/c3cyZE8SFVEJcBJKUEI6ARsPQX01UgAiK0BARgZ7AUdGXShKTlhKLB8YRwApARhcEGEdEkZBfTU9YzF+NBZYKSY6HlUpCzciWS0jEDxXLCNDIkUiITkNZyIXJzFFNCYxBVE1AlZFdCkJBCR+HX8BLl8HeiM2BistOw8AMAlLEHsdCSsxYTUlOSFRJxUKAFsnDkZGUx4CPzNbEyYjNnwCAyAPWDMHJUdrVxUjNmoiIz4mfAAFID5KIx0pDVQ3KBYxXCp2F0ZdACwkHwMvDSkNVDAKNy9qAHoqRl4cFTtOACEoJUZoIwEqNksldj0QaDMBGhBZJRkcRlMsYiIEcAoFRRZ0DwkpPwtWHh8QQiscADB0CgI8LgMDCz8kYxALCy1IAhw2J2cnIBoVAlwNECQGEQg1AEEvCD0uVjwNVkV0ACQiM1BXO0EiRRQ5FT9gMAkdOQsqHgcheyB3BSNFIQcWP2QABys9BT0NSzhRJWkZBF0KP04PeDx/PQ5oCxwRHHM1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:ee00:9:81e3:f9c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 53fe7d39c572d9188a39b0cfbf8d7d68d25049ef7b9dfc1e024ba46bbd38c712

Request headers

accept-language: en-US,en;q=0.9
Referer: https://moonheappyr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:42 GMT
content-encoding: gzip
via: 1.1 b107b2437bbcbc926a3b733dc72fd52a.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 185
x-amz-cf-id: rZJbePh6a4sYNVfU66cL8TwUkl7uy1z3Gc-RMXR5Cs3YWRhXAXUIzQ==

POST
H3 200 83f986ba7b984bd8 Show response
www.tg-me.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 375C 0
557 B 47ms
46ms XHR
text/plain 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tg-me.com/cdn-cgi/challenge-platform/h/g/jsd/r/83f986ba7b984bd8
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Jan 2024 07:28:42 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxJ4176UHFZMw7GA4SHJu5w8hWujZrL%2B%2BNmcsluFjdb%2FRPlkRAZIFdIOJzMO1xU404PytjWmKxQ4iW1KkRsInjK90LTYlF73kq%2Fk%2BSSgMO0kB1E2soJfkIGQfR2oH6shQw%2Fago%2F6l8GwKBD8"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 83f986cc68b54bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 21E2 68 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 popunder.gif
yistkechauk.org/ 35 B
419 B 28ms
24ms Image
image/gif 172.67.161.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yistkechauk.org/popunder.gif
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.161.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Wed, 03 Jan 2024 07:28:43 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Jan 2024 01:40:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 20886
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60RnpR62fVejyYwhmXsDUvnekLLAUUv2PSbK6FysxE56q2b863RCaStgmnn06xOcFwey3GxlSdz4%2F5qsO4YBv%2BUMQJw13%2F05N0fWZcWNNM%2BTQ%2Brnz83CcLUsQajsiO4gA64%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 83f986cde80d39f2-YYZ
alt-svc: h3=":443"; ma=86400

GET
H/1.0 204
No Content /
avd.innity.com/dc/ Frame 1986 0
91 B 730ms
243ms Image
text/html 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/dc/?cl=0&cuid=f2bb895346ba119aabdc4f1adae334bc&cb=1704266923396&douid=&sess=119541599.0.1704266923395&dur=0&ref=https%3A%2F%2Fwww.tg-me.com%2Fus%2FTelegram%2BNews%2Fcom.telegram&srf=&pk=&pt=Telegram%20News%20Telegram&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Connection: close
Cache-Control: no-cache
Content-Type: text/html

GET
H/1.1 200
OK /
avd.innity.com/sync/ Frame 1986 43 B
471 B 742ms
255ms Image
image/gif 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/sync/?partner=innity&token=f2bb895346ba119aabdc4f1adae334bc&type=cookie&itmcb=1704266923396
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 07:28:44 GMT
Last-Modified: Wed, 03 Jan 2024 07:28:44 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H3 200 GKNcrQjoAp6Z98cDDrrto_NSSHU.js Show response
www.tg-me.com/cdn-cgi/apps/head/ Frame ABE6 5 KB
2 KB 36ms
35ms Script
application/javascript 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tg-me.com/cdn-cgi/apps/head/GKNcrQjoAp6Z98cDDrrto_NSSHU.js
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1564de76f12335b86790a0aa52846be066e1945090183589e762537fe9464cfe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:43 GMT
x-amz-version-id: E1E3JGNyYHVXxbWCxajU5xVZDdmc_Ir2
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: YHGVAPSMB7J7E4JS
age: 65763
alt-svc: h3=":443"; ma=86400
x-amz-id-2: SJc5jmdx9NPkM7Kx5wB+dreLtfTiO8MVU7b8q7dQJTfWcbosHPZZ9gwQ8t8ss5bVA8E4LVK1gUk=
last-modified: Thu, 06 May 2021 08:34:07 GMT
server: cloudflare
etag: W/"8cbe5fbd6b1a135e178b1a76bcee5724"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ch6Pohckj4UtdSM%2F%2F5EbuBB3eQpLQN1OAtig%2BVajvbURePJCblofTURqRgDpNzSAKqbVrdIghG1HYb6x5SB8JfdmuKYkuJ7k1eeQQPLfehZ%2Bk0I6%2Fz9jNiQGHfRn5uo4oNELmI55X8D2ILaj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 83f986d0e9ce4bd8-BUF

GET
H3 200 style.css
www.tg-me.com/ Frame ABE6 2 KB
1 KB 36ms
35ms Stylesheet
text/css 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tg-me.com/style.css
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a9654e71938bbbd0859b8d354b0792a7286136527044e55661d6bd72a6981c4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1067779
cf-polished: origSize=2374
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Jun 2023 05:19:18 GMT
server: cloudflare
etag: W/"64782a56-946"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uG%2Bi7IoevQuA1WZ0Dn3ZbaN8sihedQP%2BI%2BsE7II9tNihU7ab7F4Oxlqbv2%2BIUlFvvhlJENDwVy1%2FNKkUH6zwEyKRYlsMIJIpsRDqqrfR6aQnClqby2D0a55cM%2F5a5oMC1fn7PCqB7sQjFYO4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 83f986d0e9d04bd8-BUF

GET
H3 200 widget-frame.css
www.tg-me.com/ Frame ABE6 32 KB
7 KB 37ms
36ms Stylesheet
text/css 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tg-me.com/widget-frame.css
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 832b09488629b668ef6de9b3f7c674ef456fb2dbbf80d5d74c0f7da334d26a78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 539403
cf-polished: origSize=37786
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Jun 2023 05:19:18 GMT
server: cloudflare
etag: W/"64782a56-939a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rp7DALsx4E1G38MhhOfOmMxSPMWFnDm4BOL%2FcG1LzDae5yzSGudRogzqEGprPZCHlHbSfcSt3W7CrZetYyOZ0NOY0GNa0lKDNj7uCyf4jBXAptzp9L1wawr2nDy%2F61bLkc%2BX%2FG0VZANlOBcm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 83f986d0e9d14bd8-BUF

GET
H3 200 web.css
www.tg-me.com/ Frame ABE6 17 KB
4 KB 38ms
37ms Stylesheet
text/css 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tg-me.com/web.css
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf1db37f5ba79db58d9c710e2cd17edcc52da87ab14685a030e2bda11d90cbf9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775686
cf-polished: origSize=20897
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Jun 2023 05:19:18 GMT
server: cloudflare
etag: W/"64782a56-51a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEd%2B8kKmfkHknqBQu9FUd%2B5E8vDRR7a1q1TRsjTeDlnJopTkjgJTvYY0cHrTcA5WfVff%2B%2FIFmKVBmM26xrCUaO1xuqreJGFSCV4l8eGuPNxq8Ke2K5GqiS2Alki%2FnqSYQcSbFzKvxY5Ow4%2BK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 83f986d0e9d24bd8-BUF

GET
H/1.1 200
OK admanager.js Show response
cdn.innity.net/ Frame ABE6 12 KB
4 KB 29ms
28ms Script
application/javascript 23.209.54.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.innity.net/admanager.js
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.209.54.115 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-54-115.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e9d627b37bb2437e38e178e2c5776d50a3163be9b0976526b4ab133922a34963

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 07:28:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Nov 2023 09:17:20 GMT
Server: Apache
ETag: "2e2f-6097852320800-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3929
Expires: Thu, 04 Jan 2024 07:28:43 GMT

GET
H2 200 BHK2-a6Cw_YGm8atHRuSE637fsrxV_ORNuFlPGXhWHGAvLY9PlhxrqUmyswtbB5uLrLHfOVbKbDp4QnSwA1LE194yWYANVZ59Mt3RPoyiYJPhqf_JaxPWtrazgc1wV-ntyrM7QKd6plsXurRzQm8_MVDCbFvkuLJuDsndkxcLYwQQ273LAs5-Gd22kIybUAMs1SoI...
photo.tg-me.com/u/cdn1.cdn-telegram.org/file/ Frame ABE6 3 KB
3 KB 318ms
293ms Image
image/jpeg 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo.tg-me.com/u/cdn1.cdn-telegram.org/file/BHK2-a6Cw_YGm8atHRuSE637fsrxV_ORNuFlPGXhWHGAvLY9PlhxrqUmyswtbB5uLrLHfOVbKbDp4QnSwA1LE194yWYANVZ59Mt3RPoyiYJPhqf_JaxPWtrazgc1wV-ntyrM7QKd6plsXurRzQm8_MVDCbFvkuLJuDsndkxcLYwQQ273LAs5-Gd22kIybUAMs1SoIpzBfaulUIGHDsg_3-AgdvTSh1262OjYKM2hR1n1BsoVBDti586bKgSIanHHIUjIwyEfeAZNGsZF6qBeKNP8N5rCSiX1jGfIXgFcbS5IHzBlWkRJE5I6RQkG8OEIidnyDgDO2MQfSzAwtaTzHg.jpg
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baecc3508c6838397382402292fbe1331e2c405a6f5f71b17d03b1466aa7ce37

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:43 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Jan 2024 20:55:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5NoWoG9%2FHfRxd4UxJaLrKAdCjfAFueAK1xuefGI71xYrltUzJweHxhgSCdxSZZML%2FHmrbT9yx4tGzykAtNlcOn94NF4ha1uvg7g66CoINV%2FRiqt%2Fm3vaLo%2F8VQmGLMZNp%2FbZNvs21x0jGM9XDNw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
cf-ray: 83f986d11fde4bd5-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ Frame ABE6 56 B
361 B 29ms
28ms Script
text/javascript 23.203.177.63
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.203.177.63 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-177-63.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:28:43 GMT
server: Oracle API Gateway
opc-request-id: /4BF820706E1D9704E3218278409015A1/51FFB3BF8B8C19CBD047DE829DCBC78C
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
d37tb4r0t9g99j.cloudfront.net/ Frame ABE6 354 KB
115 KB 49ms
49ms Script
text/plain 2600:9000:210b:ee00:9:81e3:f9c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:ee00:9:81e3:f9c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9709911218b377be3da0f3ce799a5f4074b45c8e76186e935f3d0b9ae1cbfebf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 07:28:40 GMT
content-encoding: gzip
via: 1.1 b107b2437bbcbc926a3b733dc72fd52a.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
age: 3
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 117322
x-amz-cf-id: Z7KUTM-64dO1xpqbjzTDDakkoRra474HceWDLeNx0KSDVCw1U8IVsg==

GET
H3 200 mttil_w5gfRQoMK9J5wSEV0yOJQ.js Show response
www.tg-me.com/cdn-cgi/apps/body/ Frame ABE6 4 KB
2 KB 35ms
34ms Script
application/javascript 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tg-me.com/cdn-cgi/apps/body/mttil_w5gfRQoMK9J5wSEV0yOJQ.js
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/cdn-cgi/apps/head/GKNcrQjoAp6Z98cDDrrto_NSSHU.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0c8ae28caaea979ac1a1b6c668726fe721704bc34bf50d882cb35a212516cf7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:43 GMT
x-amz-version-id: yTUDbCChusb22oEAAiuOhIKs2DMdoM2X
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: RNQAEHH4SSF7HJ59
age: 282141
alt-svc: h3=":443"; ma=86400
x-amz-id-2: k/eo8GiTKnOfs1FVzJ9bh/Qf5Q71IAAisImVWICM+9lP3z/4HISR796BWxsFZpjm2VwzQxahK5o=
last-modified: Thu, 06 May 2021 08:34:06 GMT
server: cloudflare
etag: W/"906771a682327b7ef80896da1bda8167"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5ebFcIeJrxzWtNCqcUgj%2BrGMWnx6hzbXfrNl2n5qwwkmA4JOxqf%2FNjDb%2FkeQ4TkICSwsQiqNna0eBbkaxOi6UbB%2B1xr1%2BRqr58rwoRn8bAJ4Ut3V8flUWJY%2FBQKTnjqnR8fEhx0RxGSf3d0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 83f986d2ea654bd8-BUF

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ Frame ABE6 1 KB
1 KB 261ms
261ms Script
text/javascript 47.254.199.63
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1704266923696&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98812&output=js&flash=0&url=www.tg-me.com&width=*&height=*&vpw=1600&vph=1200&auction=98ce2c2-194c1a1&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL1RlbGVncmFtK05ld3MvY29tLnRlbGVncmFt
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.254.199.63 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 99e3b84079b2557053a0844659e5eebabf5504ad0401b551a466ed4abbaeacbb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 07:28:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Jan 2024 07:28:43 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Length: 695
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ Frame ABE6 1 KB
1 KB 520ms
260ms Script
text/javascript 47.254.199.63
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1704266923697&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98814&output=js&flash=0&url=www.tg-me.com&width=*&height=*&vpw=1600&vph=1200&auction=98ce2c2-194c1a1&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL1RlbGVncmFtK05ld3MvY29tLnRlbGVncmFt
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.254.199.63 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 2d404eb1f767f21a06d748b86927c9b1a98da296821a9d3d241fe83b3945b3a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 07:28:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Jan 2024 07:28:44 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Length: 695
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK analytics.js Show response
cdn.innity.net/ Frame ABE6 301 B
547 B 27ms
26ms Script
application/javascript 23.209.54.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.innity.net/analytics.js
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.209.54.115 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-54-115.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 03d0e8a81b76b97330c387401f890774b9d88750ea2d7b7d85da4851ca2ef3ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 07:28:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Oct 2023 08:05:30 GMT
Server: Apache
ETag: "12d-606df78894680-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 175
Expires: Thu, 04 Jan 2024 07:28:44 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame ABE6 241 KB
84 KB 39ms
38ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H9DDVMTLKY

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/cdn-cgi/apps/body/mttil_w5gfRQoMK9J5wSEV0yOJQ.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9e500e53d3cc560a95504fb9def7a590996efd03ec4617a9933ed42e3affe08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85469
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 Jan 2024 07:28:44 GMT

GET
H/1.1 200
OK /
optimize.innity.com/ Frame ABE6 43 B
452 B 233ms
233ms Image
image/gif 8.218.26.252
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimize.innity.com/?pubid=3686&zoneid=98812&cb=1704266924040
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 8.218.26.252 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 07:28:44 GMT
Last-Modified: Wed, 03 Jan 2024 07:28:44 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 43
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H2 200 /
optimize2.innity.com/ Frame ABE6 43 B
347 B 269ms
269ms Image
image/gif 47.250.12.214
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimize2.innity.com/?pubid=3686&zoneid=98812&cb=1704266924040
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.250.12.214 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: / PHP/8.2.5
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 07:28:44 GMT
last-modified: Wed, 03 Jan 2024 07:28:44 GMT
x-powered-by: PHP/8.2.5
content-type: image/gif
p3p: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 8A8F 0
128 B 40ms
25ms Script
text/plain 162.248.18.34
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=163515&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:44 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 204 collect
www.google-analytics.com/g/ Frame ABE6 0
45 B 39ms
38ms Ping
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H9DDVMTLKY&gtm=45je3bt0v882766043&_p=1704266924012&gcd=11l1l1l1l1&dma=0&cid=311929231.1704266922&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704266921&sct=1&seg=1&dl=https%3A%2F%2Fwww.tg-me.com%2Fus%2FTelegram%2BNews%2Fcom.telegram%2Fwebview%3Fembed%3D1&dr=https%3A%2F%2Fwww.tg-me.com%2Fus%2FTelegram%2BNews%2Fcom.telegram&dt=Telegram%20News%20Telegram%20Web&en=page_view&_ee=1&tfd=1805
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H9DDVMTLKY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 07:28:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tg-me.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.0 204
No Content /
avd.innity.com/dc/ Frame 0E09 0
91 B 1319ms
244ms Image
text/html 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/dc/?cl=0&cuid=f2bb895346ba119aabdc4f1adae334bc&cb=1704266924154&douid=&sess=119541599.0.1704266923395&dur=1&ref=https%3A%2F%2Fwww.tg-me.com%2Fus%2FTelegram%2BNews%2Fcom.telegram&srf=&pk=&pt=Telegram%20News%20Telegram&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Connection: close
Cache-Control: no-cache
Content-Type: text/html

GET
H/1.1 200
OK /
optimize.innity.com/ Frame ABE6 43 B
452 B 455ms
234ms Image
image/gif 8.218.26.252
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimize.innity.com/?pubid=3686&zoneid=98814&cb=1704266924222
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 8.218.26.252 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 07:28:44 GMT
Last-Modified: Wed, 03 Jan 2024 07:28:44 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 43
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H2 200 /
optimize2.innity.com/ Frame ABE6 43 B
347 B 270ms
269ms Image
image/gif 47.250.12.214
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimize2.innity.com/?pubid=3686&zoneid=98814&cb=1704266924222
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.250.12.214 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: / PHP/8.2.5
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 07:28:44 GMT
last-modified: Wed, 03 Jan 2024 07:28:44 GMT
x-powered-by: PHP/8.2.5
content-type: image/gif
p3p: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame ABE6 157 KB
57 KB 44ms
44ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TS87BVL

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f29471601251108bc682c20d5b2c5dc07b21ee6b9fd711d4229aae55b1e25a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58653
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Jan 2024 07:28:44 GMT

GET
H2 206 575079340d.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 607 KB
0 435ms
357ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1.cdn-telegram.org/file/575079340d.mp4?token=H9kOXPIDR-LxTtgJwDu-635tqX4Q-D2Y1qhvHr9lHqfjPPYywjbbI_gcT6qWxkKbTidgEC6CDBNAdLcLuii1K7_EwlDJsIcPmgsxvocDHcwE0RfIkny0GMe47Z-cxIC9ND3pSup_7jw9exSYZHfYF1QXHVRKCsWhwpNDvMn0ig-ni6TsONNp-Xa32Kd8ZuN1CwK-E_0Qz5O3bKVfeBrxUbw7xxgst48FJgm4n2KKPSg6djvzoaokWJ6epRO-VzTQKc0uT9xxNpizToVSd9QkVUmOw_zfU-RE2nEV_vAomk1MefoMgNLLb3WydgSEV9Gv1eHmff3Es_QIYtBtm9xoEA

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 03 Jan 2024 07:28:44 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
Content-Range: bytes 0-4761085/4761086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 4761086
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "3b7959a91e009aa7b95dde6eb47b1fb6ba1b6afa"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H2 206 575079340d.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 31 KB
0 2406ms
2329ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:28:44 GMT
via: 1.1 google
age: 1
Content-Range: bytes 0-4761085/4761086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 4761086
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "3b7959a91e009aa7b95dde6eb47b1fb6ba1b6afa"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H2 206 1ceb2bf674.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 256 KB
0 277ms
200ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1.cdn-telegram.org/file/1ceb2bf674.mp4?token=U6gbYEyoN98QLWzmP5pVN60VRRDdXKrAzMEb2STMk3ZXRmmLvkGc3-wK_Jdnkfh5Uz3wrTGDVgQV7qeTY_08QFK7qrE4wMHn7OeUJ1S2GsTxDAYct6ZoA4N21s4tZnq-r2OCgnODvHvY8shLiPobUsYzpRg1qK3654rA5OB4SU1HjF3Fu0cXATKC6R6-sGPr4q3JtqI0hjn4O55pPBciUVacRlPiQ_JhsKPN4J9Oa-t1VOy1yfmYt61vfSDvTt3QKH7n4aQOoZhw0UaNghPBlPmzt6QzU8YcLuuStf9G99NhFNHJzPS-a1zsXJR0uwbkkW4NTMw7nKyJJVjmuwuaAw

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:43 GMT
via: 1.1 google
age: 1621
Content-Range: bytes 0-5236216/5236217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 5236217
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "6d3994aa24b6cf04365302fc1c46e9fb530feca3"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H2 206 1ceb2bf674.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 448 KB
0 235ms
159ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:43 GMT
via: 1.1 google
age: 1621
Content-Range: bytes 0-5236216/5236217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 5236217
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "6d3994aa24b6cf04365302fc1c46e9fb530feca3"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H2 206 414e2594e0.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 96 KB
0 235ms
159ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1.cdn-telegram.org/file/414e2594e0.mp4?token=FHSJAAEaPqlI-_rO2d_pq6njhEpbXJzBo1D9uA9lhScCg5woBiHzHiFnCBYdy9hRSSeXs8fo5kU-ZEO_tMXoGoOGYZqHKrR26SVWyvj2xVyhOI90a_1TtmAAsbqZV5oxSSFJHvY_NqOlRpvj6EWJmzvnbuBX7t_uybey6CadFx6ckY_Xma9HIlUJh1kIJr7z2iEXehSTZiKuv4fZ1Ck1i3FCKOE1MCgJzstQT27pzsUSM08zLZcyXeY4MApw1GLICAogLEZfBMQRmxoS2Gt5G9CdN5OjlBecVXHaM-tP_Ik2WE2xrGtu-aWEk06EcJs1LFoEI7czlhXnONxutDTm7A

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:42 GMT
via: 1.1 google
age: 1622
Content-Range: bytes 0-4658151/4658152
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 4658152
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "d23faa3107ca390123839be37264e39afd4e33f9"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H2 206 414e2594e0.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 347 KB
0 123ms
47ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:42 GMT
via: 1.1 google
age: 1622
Content-Range: bytes 0-4658151/4658152
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 4658152
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "d23faa3107ca390123839be37264e39afd4e33f9"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H2 404 2a91e76d9c.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 0
0 438ms
434ms Media
text/html 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.cdn-telegram.org/file/2a91e76d9c.mp4?token=N0RQT-JxlQUm3lA5Xke2M7hz39LHTn1jIrZqd0Y1vwYNXFasqKZt1gJvo341vsHSWtl31VcNAmbxyLbwFSaaUtn_e_I7Fqiwkcs831wq2-SbUOHvAfCh41hzrsfvINN1wvnGUIHkQX4dL4mlnAr6nmIF1xyCSYv45IWt0BskhwbnOqjS4XSx79ktbfGeNiu7yrFR56QUaorQmQOIY5eIYFH8E-1lFkqeS2efAwh891C9ATEgrYttzcOtaevdbKgfzUoVpwQXp4Sckau_K64NUDO9p4yqcQsUxcB74UkGxGgxCp086uPrM6wdRwjHGs-nN32FWSWyt-l4HkM6AAV5nw
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.15.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

GET
H2 404 2a91e76d9c.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 0
0 607ms
603ms Media
text/html 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.cdn-telegram.org/file/2a91e76d9c.mp4?token=N0RQT-JxlQUm3lA5Xke2M7hz39LHTn1jIrZqd0Y1vwYNXFasqKZt1gJvo341vsHSWtl31VcNAmbxyLbwFSaaUtn_e_I7Fqiwkcs831wq2-SbUOHvAfCh41hzrsfvINN1wvnGUIHkQX4dL4mlnAr6nmIF1xyCSYv45IWt0BskhwbnOqjS4XSx79ktbfGeNiu7yrFR56QUaorQmQOIY5eIYFH8E-1lFkqeS2efAwh891C9ATEgrYttzcOtaevdbKgfzUoVpwQXp4Sckau_K64NUDO9p4yqcQsUxcB74UkGxGgxCp086uPrM6wdRwjHGs-nN32FWSWyt-l4HkM6AAV5nw
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.15.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

GET
H2 206 19469d5de0.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 0
0 245ms
241ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1.cdn-telegram.org/file/19469d5de0.mp4?token=vTmPMHcrzHRgdaZZpNiJzchwOEx506CwoIT7e_czP-kpdBIfO79QDtnXyj3wiEPP3bAw3WZ3DGIBU5eAIRaGC36TuiRwRNE9atxDRi0tuXmOcRqprSy12GovKICZkP6syO9d7thXlB8EDz1vCe99efqwe0OOpAOoXl8N4TtMiIN77m4d-pXz3CtsUd5cxJH5YtexhE1WKlTFdaXwxHWj70LNp8chKicDCwIwIQQJK6wqpPhetOsHxDh2tpH274PQCycqpdfeIR2dgnvf_QIdZPnCppzEYL_gsiJ8TzpubGx_thYf9p7P6n4E_Ff6WRRqX9ZfdVxnd0do6WYMaemALQ

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:43 GMT
via: 1.1 google
age: 1621
Content-Range: bytes 0-3579968/3579969
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 3579969
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "cb9409a2d44ecdb91655b4a36e243edc9a3d0561"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H2 206 19469d5de0.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 256 KB
0 247ms
243ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:43 GMT
via: 1.1 google
age: 1621
Content-Range: bytes 0-3579968/3579969
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 3579969
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "cb9409a2d44ecdb91655b4a36e243edc9a3d0561"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H2 206 78f54bd0b3.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 0
0 244ms
240ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1.cdn-telegram.org/file/78f54bd0b3.mp4?token=DRCf6s9EtheZHkt7pssDRfViO3cuf_zl2NdmqPClednk0vp3Hi1Dj4vRiXy3eQdTU3g5L2XZ5fNU_IcVn81YleU2Y-nMybC9Df_WScO7jcxylKEycDmspPyX8JBGvbtxrDmgfmffZ6tdn8vTEtujpFSNVQELcuZttqIrC4bIKcEcI2I5PpBoNmthxsWjxUumdBtEUe4QFdNbFBc_g4pB9H80-RevkiJbZWnECvfAY-fuTbNRRlPOr6rX-M5yZBEACWrSbAMgNqpiJWk-rjEUKp80f0x612z9FDyu9oOt9GM-P23lQ7JT-JPPjeDsLGr_KLb54C5T5dZ4jR906I-1Mw

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:42 GMT
via: 1.1 google
age: 1622
Content-Range: bytes 0-4296944/4296945
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 4296945
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "ebddb8065881ee58d95be51a45430ed5002a42fe"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H2 206 78f54bd0b3.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 64 KB
0 247ms
243ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:42 GMT
via: 1.1 google
age: 1622
Content-Range: bytes 0-4296944/4296945
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 4296945
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "ebddb8065881ee58d95be51a45430ed5002a42fe"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H2 206 a7dcbdf9e2.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 0
0 244ms
240ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1.cdn-telegram.org/file/a7dcbdf9e2.mp4?token=WeoOKWE6zU32n9lROtaiVoVsIGuCsuhhPiu-SE1sCqZheBEaDJAYcxRmzYftj4jzx7S7qVolPFFEpicSFmBi5A8EPR7b88pCu4RsWiYIznhz30Q8RfWh8NrFM5SKwW4DKS2ACLauGq_hbI4XBOfJoKtp-v6UNyaXzgEGoH_GSu7BoXKdF7yI8ZJ-g7FZMKHeXEQfoudJFv0rhF2qZvD501MZbcC14F9cEr1-9uyvhLJinDT3ye7dWh2ClK2Cy_jZsymP_6qTJFaqNESb84fXXaTvFGfBTWZZz5gXCyeNoB_4thglxQ2jtQyAtWtShwaKtHmaJz0Hv2jjuCZbRnjVWQ

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:43 GMT
via: 1.1 google
age: 1621
Content-Range: bytes 0-2839959/2839960
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 2839960
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "28808c3265aa5dafb976ea20946ab6c03e836015"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H2 206 a7dcbdf9e2.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 256 KB
0 307ms
303ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:43 GMT
via: 1.1 google
age: 1621
Content-Range: bytes 0-2839959/2839960
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 2839960
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "28808c3265aa5dafb976ea20946ab6c03e836015"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H2 206 dc3f643185.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 0
0 420ms
416ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1.cdn-telegram.org/file/dc3f643185.mp4?token=rSOtwwZMT1EXiSpwmcYsnEiCAT9jnQ29W5NZ1KDyznrKcs_xpbQ-_MGmtwugXjRlvzgFR-NW7P_XffhQUGHkC9gMRfQQnJY2EllAw4TbSU62BWpJNG-iwC7sEnTOGYXBYjo5D1m1S6Vb0ozLMcihcA1Q0DhfTSPPSSHqLp15sHdQLyW72Ocnil6Wik2kl-rqQtBGHyUuujB9Dcfr_srjfLO2BTKr_N2y7yKGDtMmDUVzaF9VJ1FY3rgfBt5rEZtFPKNe2H6e6Vw-44xzJ0bLlVVN9-1RJqtJz4grP2V7YBwFBfZ5zrACcGDFAQHD7HRNZiv7Z0oRQ73mw0FVjd6tlg

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:43 GMT
via: 1.1 google
age: 1621
Content-Range: bytes 0-2719245/2719246
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 2719246
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "9c75671d566fa59ac276956494da6c23ee3ae065"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H2 206 dc3f643185.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 512 KB
0 425ms
422ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:43 GMT
via: 1.1 google
age: 1621
Content-Range: bytes 0-2719245/2719246
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 2719246
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "9c75671d566fa59ac276956494da6c23ee3ae065"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ Frame ABE6 1 KB
1 KB 264ms
264ms Script
text/javascript 47.254.199.63
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1704266924247&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98811&output=js&flash=0&url=www.tg-me.com&width=300&height=250&vpw=1600&vph=1200&auction=98ce2c2-194c1a1&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL1RlbGVncmFtK05ld3MvY29tLnRlbGVncmFt
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.254.199.63 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 63d9312ebf7f04f07c6d493ac77ae1b5a248d273dddb7171c6fcba4168a002b8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 07:28:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Jan 2024 07:28:44 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Length: 603
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H2 200 K82Js8AYBVF87-N0zrA1PicF5EbMXmBBrqx-1WGry2TKEU3OeRcM6K4XbHWksJrCm9KVBWV3V0inHl0WJkgM50aWY80gKgnR5--4SnqA99SgYYSVTVkQkEo68cl7QrQnaqTcr4GPPwM_pM58QqCDLarQgh05muqSWQObna3gGshQdYeYfxgas9Dn8z2CElFCzUdl6...
cdn1.cdn-telegram.org/file/ Frame ABE6 12 KB
12 KB 180ms
158ms Image
image/jpeg 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.cdn-telegram.org/file/K82Js8AYBVF87-N0zrA1PicF5EbMXmBBrqx-1WGry2TKEU3OeRcM6K4XbHWksJrCm9KVBWV3V0inHl0WJkgM50aWY80gKgnR5--4SnqA99SgYYSVTVkQkEo68cl7QrQnaqTcr4GPPwM_pM58QqCDLarQgh05muqSWQObna3gGshQdYeYfxgas9Dn8z2CElFCzUdl6XImFpBn4MVCMh1Y3BCCSm69-mWdkPTB_Sg0kvRRyvKkyzrnCnMQGh0hjAO17z-dAe2vVfpa1PK_15plxQfpu2oUdl6KkL87KFQa_D0RgLUuCazGzWfkD1zL-SCc9bSENZSl3go3HLPXe6lOAA

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

08b393cb87f028c1e6c12c346fbd70f7a9eee8b97d000ffe8a8fcbbde5f1eac2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:44 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12054
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "fc860938ef9bbc217da569cc7cf656b7f9826cbe"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H3 200 play.png
www.tg-me.com/img/tgme/ Frame ABE6 450 B
905 B 277ms
276ms Image
image/png 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tg-me.com/img/tgme/play.png
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/widget-frame.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee45620b6f37d05b7d9a6c4e99c2dcd0bfb9d6b476fbe473a9b60b185c421ce9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/widget-frame.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:44 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Oct 2022 11:10:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "635915b9-1c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SO3AWnxOK9hdE3CNp731iKCLCmli%2FCYi0AGoc24sj4YiLaV5BGTRbJu7dIRIs3GFBNWS69mnL118VVof7xhT0HOsTsHMCIiLYrwG5oX4xc%2FaJYcJrCtvpNR%2FKh7gQJWAGMF%2Ffinv1XlDAtYI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 83f986d4aae64bd8-BUF
alt-svc: h3=":443"; ma=86400
content-length: 450

GET https://telegram%20news/com.telegram.org/img/emoji/40/E2AD90.png
https://telegram%20news/com.telegram.org/img/emoji/40/E2AD90.png Frame ABE6 0
0

GET
H3 200 eye.png
www.tg-me.com/img/tgme/ Frame ABE6 450 B
911 B 35ms
35ms Image
image/png 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tg-me.com/img/tgme/eye.png
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/widget-frame.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95b4e9ce820122f8de8c83e64b4efa8013bb8db9b4fa7dfdb02f4cb47931303f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/widget-frame.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:44 GMT
cf-cache-status: HIT
last-modified: Wed, 26 Oct 2022 11:10:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 481015
etag: "635915b9-1c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHHoUijAj7lrc60kCNpatQUV9zsZl9lABjAO06cnEsEj6PEBXUaCS3FrKkJKA9O6HxWQqM3wYKsRH6BmV0ozxqpWSQaEx3%2F0FYDR1sL4JUBq8q0Xpyvq%2FmdfRxdcbixbKEkekx1iG%2BNzaUEF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 83f986d4aae74bd8-BUF
alt-svc: h3=":443"; ma=86400
content-length: 450

GET
H3 200 ma_SjtputYV8c-IplABTw7nTKQ6XyaMltO_vuuFNfjQZkZeiAoENvajnxpxTt2zo2GXB-fPup-3SCRDwHdXTkbbZvFFbLeCbeLlN_ESciwyaRSUvIr4JNfAYIiyGxp7WOsK5OMZoLqkVRs_pyBFO1eNTnVealzEZNxWeQqEY1fjyAHXar2Cwcz011xP0Nrch8FER7...
photo.tg-me.com/u/cdn4.cdn-telegram.org/file/ Frame ABE6 127 KB
128 KB 1063ms
1062ms Image
image/jpeg 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo.tg-me.com/u/cdn4.cdn-telegram.org/file/ma_SjtputYV8c-IplABTw7nTKQ6XyaMltO_vuuFNfjQZkZeiAoENvajnxpxTt2zo2GXB-fPup-3SCRDwHdXTkbbZvFFbLeCbeLlN_ESciwyaRSUvIr4JNfAYIiyGxp7WOsK5OMZoLqkVRs_pyBFO1eNTnVealzEZNxWeQqEY1fjyAHXar2Cwcz011xP0Nrch8FER72HfLK1RevCmM_7rtVIY7fdbnTC5yt-NNmIZtF-UXi7kSxRdyatMD9jtyRoQFlTV_CD-D-d5anxpTtouEC1_8tighETQYtPxarLGibAwB2rKMlkfDCZ-IrrFKdhND-tsEn1g_SdIK-l_lA-0Gg.jpg
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72f875fd72333b45c137bfe5aed57c50900f88c96503e635c5ee7124794c6cb0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:45 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Jan 2024 00:18:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9ZePA3NqNBZKn2GJmDB9VbrTDxLybVAoLvwNMnKjmrEDrUA1llT8D8CO9sBn3AdlTyrfKdQD3VBLizHlosjf3k6DZuS26wnNDAHgkJJQRmA3wFh2673rHbr%2B5KTZMci6cQ1VwtHc9bYsvq%2F7ZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
cf-ray: 83f986d4aae84bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 PyGRCk_AnunnC9h81-cCDS3SMsjJuBjqiuyto2BtEXdDYOkLN6ewle4s_OfSQ0tdugpkm6_aF2okAEcSzEmg-eFuhe8L9H2LU_KNSJcagvWoLJsptWt-TAuUMmiNcXwvXikQoGF7GjjD3SnU2OWEZrk5nblR4kqi6ktjK1y2S_DNXs_GYxi3felWiV1_IHzdZUn--...
cdn1.cdn-telegram.org/file/ Frame ABE6 15 KB
15 KB 439ms
435ms Image
image/jpeg 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.cdn-telegram.org/file/PyGRCk_AnunnC9h81-cCDS3SMsjJuBjqiuyto2BtEXdDYOkLN6ewle4s_OfSQ0tdugpkm6_aF2okAEcSzEmg-eFuhe8L9H2LU_KNSJcagvWoLJsptWt-TAuUMmiNcXwvXikQoGF7GjjD3SnU2OWEZrk5nblR4kqi6ktjK1y2S_DNXs_GYxi3felWiV1_IHzdZUn--SPpIJvRh7AAxtXNe12MSgvlC4OtbYWjLD2MmQWhHEXGVSnbF8JY07ZfjRPd8cge0zrtv12cE26iLiFwY3JNfHFy7DFRuz_OPGecRRRaGNqnNlJKicXg33J7HceYdxCTc6aA0pQTHK-NXPzb7w

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

572b7430baa972ba9711a99afe77792beb8fdc59b60cc800340a3e1f1f4527af

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:44 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15324
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "23f6ff3af33e6dfd420b50a519a1c41767171c72"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H2 200 qU1YwK1G9o-51Fx7BSz2NAgABt0KPg4IkHyiKNncL7fmfm04SkirhSb7Dnqh0jB1hSQEY_YcrPx4W0jXaH10lcDj2gZQCuz0RtBZHvPiN2WhKC4EnnHuPllL8lDbQHrG6YS5f3hEWIPqzg896S37sTfYCrfzbSHyTgUyKEUgYVYyCmAVLMfufUYYOe9crnHw51bYu...
cdn1.cdn-telegram.org/file/ Frame ABE6 10 KB
10 KB 244ms
241ms Image
image/jpeg 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.cdn-telegram.org/file/qU1YwK1G9o-51Fx7BSz2NAgABt0KPg4IkHyiKNncL7fmfm04SkirhSb7Dnqh0jB1hSQEY_YcrPx4W0jXaH10lcDj2gZQCuz0RtBZHvPiN2WhKC4EnnHuPllL8lDbQHrG6YS5f3hEWIPqzg896S37sTfYCrfzbSHyTgUyKEUgYVYyCmAVLMfufUYYOe9crnHw51bYuTjcPBT5g8K9qDnszK8kTariGEPub5byro1jmSw3Hm8rpV182nYhOU1SA4P9GHYoVgXC-YqpuxdisxznQnQq3Tn1OTnzvp2EDEXEjBDmwGG8CnqT0daY4wASuPvXKHHY1z1suYMzz02GW_rfZw

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

7b1ba6e67e27cfb6caaeab89a20f656ffa837d4657f609ef99d3402d2f6b7263

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:44 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10457
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "46d6906906210c93f99ab22141335acc663bf5de"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H3 200 fqAr4JGriP3C2dR8P6Guug-Q7RE1ryteVxht7eStK1q4SyP_-t5r2T5ga9o-F3FJiFbgy6dPfau6DQ_nVy5Q1mQ6S_gDJQ94sJeN0uYwecMPrApooaPmJFsW0o5iJ1dgw4CrCDJzJqKTQAZEmVriitGpzObosPef207ElQ3hjloWMeQ7aTDZPYXYLEF0tMCHOrPEe...
photo.tg-me.com/u/cdn1.cdn-telegram.org/file/ Frame ABE6 66 KB
67 KB 1064ms
1064ms Image
image/jpeg 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo.tg-me.com/u/cdn1.cdn-telegram.org/file/fqAr4JGriP3C2dR8P6Guug-Q7RE1ryteVxht7eStK1q4SyP_-t5r2T5ga9o-F3FJiFbgy6dPfau6DQ_nVy5Q1mQ6S_gDJQ94sJeN0uYwecMPrApooaPmJFsW0o5iJ1dgw4CrCDJzJqKTQAZEmVriitGpzObosPef207ElQ3hjloWMeQ7aTDZPYXYLEF0tMCHOrPEeE3B9coIiqW8rG7QqrmbeH4JnOCmD_eqtvhocGugAWcVJXQLYZOoVtYWxCCQAqZ8m5NpAHRNDd1wZE63yEq1ThOFZS5vbT28jlg6qT22hPSKFI8Lp4KfWWmfFbjiS8vzu3eZgIZPLiZx1Ba9LQ.jpg
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c8e2788f67e273cb32b7290c1604bfab87c19a365b9200d83701a8eab9ad6cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:45 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Jan 2024 00:18:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2B%2FVHdYWMxM%2BgZe68ozgPHgf3SPkpaS5lX8QEYW9hV1Eb769tKsFNM%2BV7R0q8fHk6ZxAQBqOpf7v4Zhioa7jr3l1LOmSOO%2FNHmfnqp8wM79IE87pZcz6wB8a1z5x9LbC662934krHw8Fq9sT6K4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
cf-ray: 83f986d4aaea4bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 dh396Dm1yDv6ZKwm_49pyofyonhlijzhixQHslx-2wYvp1kADMTssm41z54w3r2j8O6bd-UvqaCQBYa-UnzugKqS21hc6bXT5BhSDUiqTc0emlGMVbyNb4MMgfjN4xgXtvH1xx5EmOOkU2DpDuIjGVwUjpsfV2wsrQ4PKomlSoJG_0apHv7-ZKdVmt6_7AFPZz0Y4...
photo.tg-me.com/u/cdn4.cdn-telegram.org/file/ Frame ABE6 124 KB
125 KB 361ms
361ms Image
image/jpeg 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo.tg-me.com/u/cdn4.cdn-telegram.org/file/dh396Dm1yDv6ZKwm_49pyofyonhlijzhixQHslx-2wYvp1kADMTssm41z54w3r2j8O6bd-UvqaCQBYa-UnzugKqS21hc6bXT5BhSDUiqTc0emlGMVbyNb4MMgfjN4xgXtvH1xx5EmOOkU2DpDuIjGVwUjpsfV2wsrQ4PKomlSoJG_0apHv7-ZKdVmt6_7AFPZz0Y4Vo3Xdjr1wqEpGEPLzgKAzBwHTO8EXYSFAE5cY_iVUtEzjYBbQmLXaBGYuvapHMiywk5SJ3WAL4v8bci8ctJVHttvE2ahXQQHhbpa8PDETtnfoUJYjikG6rFwJom-zxPYcM4SwS5WdRwdt7smg.jpg
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f9b5f29cc0ecd7d94a539a9d43eb78417fa5d964302b70821f52a111f6cdcf1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:44 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Jan 2024 00:03:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYSwjHEtZa2aRuOVKC26vv2Hf5moixd%2Fyo%2BTfSmZhOsNz5UaJSq8n%2FpeNnsdA1XNYoB9vgUfJCEtKplshoKJ%2FBzUuE%2Bi7TqA7thB7uUeXBw3VifhO49d43z2kGFmk869ok%2FIAGB1SRD15kjINQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
cf-ray: 83f986d4aaeb4bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 404 v8cEKLZDeDfO9XoLvSbL0O76uS-6zDgHD67bjLffW7F1b_IZYWbDhLx5Blh2U0wXNbC6jXDgOVCF7F5Rlxd5LFvePhliCSEp8IODWKulUfVEhEXjGiujOyndRb1f4fbTUVMlRai7W03jsq452pckpPuxFBXjyANu423qzInevFzmImEalEItZNYopsgdla-E_WR6g...
cdn1.cdn-telegram.org/file/ Frame ABE6 0
0 424ms
421ms Image
text/html 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.cdn-telegram.org/file/v8cEKLZDeDfO9XoLvSbL0O76uS-6zDgHD67bjLffW7F1b_IZYWbDhLx5Blh2U0wXNbC6jXDgOVCF7F5Rlxd5LFvePhliCSEp8IODWKulUfVEhEXjGiujOyndRb1f4fbTUVMlRai7W03jsq452pckpPuxFBXjyANu423qzInevFzmImEalEItZNYopsgdla-E_WR6gL33HvckimJ2XX7hwEBEpXXpQCav-VnG6chSZC6kckb3GCoEQ6v9Ld01CygbRy2BHsppHqIUc-PNkJMZMQDiyVplZCD6cHA-OUQ1XLwcaTezk59LH5SasSIENJq19WIzbadiCGccDedrjgDX8A
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.15.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 ExUsO0cMBd-38Z_mRE8DFqu8_9RgB3oEF6FoiQGvbMVxdEvHvdhg3ohrzCOhtPd9mWChV8w5LxlEkXxrSZh1ZfEj0qXOdTBXlmDkey10_2cze_N6alidTYr_VGujK-4W6EX6QK8J_YmSZgzDKdqpDhtYD2KLPFNphgcPEbZYHbMjdEPlc8B4B1GVFxfU53VihVnSl...
cdn1.cdn-telegram.org/file/ Frame ABE6 12 KB
12 KB 440ms
437ms Image
image/jpeg 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.cdn-telegram.org/file/ExUsO0cMBd-38Z_mRE8DFqu8_9RgB3oEF6FoiQGvbMVxdEvHvdhg3ohrzCOhtPd9mWChV8w5LxlEkXxrSZh1ZfEj0qXOdTBXlmDkey10_2cze_N6alidTYr_VGujK-4W6EX6QK8J_YmSZgzDKdqpDhtYD2KLPFNphgcPEbZYHbMjdEPlc8B4B1GVFxfU53VihVnSlHJUr-z5EVUSoCKh9ojkbSztClzFth1j0M4SiWTeFZ1YUjURRwUKfq_dO30G3MMrvMDv0YdEvUmVcrAns-xT0HUr0_FBWJXGRMAllvtBoT85mcr3S2sWpvEaN5NiKYSV1dvKu-8ozhQQbLHr-A

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

5e043a68471b8fa27cd8d771a3ede3548eb1111dff4725088856dd1f5d59cfcf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:44 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12173
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "41816ad552effb55449971d259e395625a5ffd80"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H3 200 OLsOywtPrw_a9H_k2IWyFLaJhLKyEoAoHz_vgOgFxzNbsRdi7MYfHCZ_EvOSjDOoxWJDhgCARDg72iEXeNeeZc2JulGFiHqzypNtBIcYM-V6usGzC0i16yEFRyyy0oXj_KwYFRAoK11IonlfaFFIaZv_sUuU-JXK6JtvORhv3kuCIw5jLJsA0ML7ZkyCR1TRr8u0_...
photo.tg-me.com/u/cdn1.cdn-telegram.org/file/ Frame ABE6 74 KB
75 KB 390ms
389ms Image
image/jpeg 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo.tg-me.com/u/cdn1.cdn-telegram.org/file/OLsOywtPrw_a9H_k2IWyFLaJhLKyEoAoHz_vgOgFxzNbsRdi7MYfHCZ_EvOSjDOoxWJDhgCARDg72iEXeNeeZc2JulGFiHqzypNtBIcYM-V6usGzC0i16yEFRyyy0oXj_KwYFRAoK11IonlfaFFIaZv_sUuU-JXK6JtvORhv3kuCIw5jLJsA0ML7ZkyCR1TRr8u0_kBrTFYgtLkLbiussmc-8tGCfidZ8QSyWGoIx6GkCAIcQNNFO5t9ZHwluthgZtH1DzFTHDSBu6rLi1qs4GKu-bGvcC3uwetAHHp9gxYXjQim2x524PQT2jBR0gJzjaU2kY2VL8z8hel8pKoj6w.jpg
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fa99b29f200fcdaaeae49aa9d7d1241f072cd04fdd06241e25a18dde2311ed0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:44 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Jan 2024 00:31:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H62qlv0qG36DOJLW07l7qxL%2FQ%2BDuymI%2FHAeBq0lHl8WazYLKdpsGNajMzha%2FXRfgDs564e9UbyoYHr0JbnDBfNEKO0l%2BBVvuFovu5vqYj8ai%2BRHfaxxRFcwBmPC95jDVkbSYNtpPq0N1l%2FErAKU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
cf-ray: 83f986d4baec4bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 Jeu69vEQmYGyLFiCUWkV5OO5zbRsgbZREaKhZVOnYvbsg6an1IGauO1Qu_RysxgBPmyX9Pvfnmg2R2X7xYULMqdx5RpWsqyIuiP0Xw1nsmxPfgmJMOXoC4bhhKm6Q0rHjwoLWLdJLQjAaRpgUvADDt6pdaNPZ7UHjBCsJ7DJwyej-9fo-XuH5HpFhgWrJRlF56gyy...
photo.tg-me.com/u/cdn4.cdn-telegram.org/file/ Frame ABE6 124 KB
125 KB 1065ms
1064ms Image
image/jpeg 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo.tg-me.com/u/cdn4.cdn-telegram.org/file/Jeu69vEQmYGyLFiCUWkV5OO5zbRsgbZREaKhZVOnYvbsg6an1IGauO1Qu_RysxgBPmyX9Pvfnmg2R2X7xYULMqdx5RpWsqyIuiP0Xw1nsmxPfgmJMOXoC4bhhKm6Q0rHjwoLWLdJLQjAaRpgUvADDt6pdaNPZ7UHjBCsJ7DJwyej-9fo-XuH5HpFhgWrJRlF56gyyVqufHR5jdoxy-RyV1SCsoO0bTfIoUkKBE1bfr-3uXJKp-kl-c4kEbJcgCHFYIObPyV1k-TMYRAjh7WnxAoOF2AspJzdgAKYYdYj-S2uuOqlRXlqKZwHWzuFCdyIrlg9M9PdFIdLc7kNOnluVw.jpg
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d0481d3cf4bc68f17698bd59f71c32d784ef71b6f1d29ef8f58c3f141236d3b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:45 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Jan 2024 00:18:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xb5vAA0yb9%2FobejXrclxfTFRGs0zcwyykkzEE9tLhTSJ%2FHC%2BztPWbvN5xyljWtgdqgh6Hb8Etnkvj9wyrO1wVQtCQZONDEfYCTrI%2FB0paQUT2cKtLxh0ACClrmwYqgSJKeRuG4BKqrN3jf6C0A0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
cf-ray: 83f986d4baed4bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 b4VaPfGL7f10xfWpYHHzF_sfUtJNP72mcn5eCzyvCmXwd4VXddPKzex73Xb8wLkdpg5su4KCgEpI_Dfuu1T69RmHYJ_Md2eop93dTT3A21-LQEBqu_t36AKtIsr8a8gSciiPdxojKi213VLA4RHSA2qtQTIJrselSedx8iQWYc4uik0hyJmKIgz6p_VPNJ2YPBIz3...
cdn1.cdn-telegram.org/file/ Frame ABE6 12 KB
12 KB 439ms
436ms Image
image/jpeg 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.cdn-telegram.org/file/b4VaPfGL7f10xfWpYHHzF_sfUtJNP72mcn5eCzyvCmXwd4VXddPKzex73Xb8wLkdpg5su4KCgEpI_Dfuu1T69RmHYJ_Md2eop93dTT3A21-LQEBqu_t36AKtIsr8a8gSciiPdxojKi213VLA4RHSA2qtQTIJrselSedx8iQWYc4uik0hyJmKIgz6p_VPNJ2YPBIz3Pl6RroK7EQ1jV8eBM8OvI5F1YBY6LvxCJIbtSBH8fJzZIAKNDht7wNKsSUO27z9xlAA-3f8Eh23r_gdpFxxqFrFKAx3-utbjYIu7dYSKpoDXu60L8bVHFPnkUsY9QBFZcKFE_cP-pgmooZpoA

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

6b0ee3b61fe0a5b35cde4ba10106b69e6f470f04c512be40f4e3e8444436be78

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:44 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12315
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "c7a8a7ff4fafc73f2cd87eeacdc22ed33ad1077b"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET https://telegram%20news/com.telegram.org/img/emoji/40/F09F8FA1.png
https://telegram%20news/com.telegram.org/img/emoji/40/F09F8FA1.png Frame ABE6 0
0

GET https://telegram%20news/com.telegram.org/img/emoji/40/E29D84.png
https://telegram%20news/com.telegram.org/img/emoji/40/E29D84.png Frame ABE6 0
0

GET https://telegram%20news/com.telegram.org/img/emoji/40/F09F9A97.png
https://telegram%20news/com.telegram.org/img/emoji/40/F09F9A97.png Frame ABE6 0
0

GET
H2 200 E-Ji_p1HghC1OVjZz6aipC1UYbH1AtmqHYFGu4Ok1OEkryRhdT8Ft9sysoC2WIM06HRkT4N_CluLdbcragRqHrHGpofy73Bj6ddpnILywQB1RzS7oMW-glLfZpnx03NLPOTPnG6exHQnhuxTx665YW7h80u515uvhz-S8VD51ug_ZXtJswEHMQtSy17Wh4lJhpAJ3...
cdn1.cdn-telegram.org/file/ Frame ABE6 16 KB
16 KB 148ms
146ms Image
image/jpeg 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.cdn-telegram.org/file/E-Ji_p1HghC1OVjZz6aipC1UYbH1AtmqHYFGu4Ok1OEkryRhdT8Ft9sysoC2WIM06HRkT4N_CluLdbcragRqHrHGpofy73Bj6ddpnILywQB1RzS7oMW-glLfZpnx03NLPOTPnG6exHQnhuxTx665YW7h80u515uvhz-S8VD51ug_ZXtJswEHMQtSy17Wh4lJhpAJ3P8Qw_3WncA4DAjBG-X3HbsmDfyp-7KGVxejLERF9xyi1pqD1_IkMML4pQ2NxBsbyPkeOATXH6K4Jfvxv5NCKKyynNDxYFwYl86Qwg_0HIngMF76i4y6BCZpw1Qlo9NBTWGQn1Wlxw7gS_AuWA

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

1ceac9371ec6f4da3bf92f3d411bbeea28ecb6898cc6dd5c34793e6184003896

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:42 GMT
via: 1.1 google
age: 1622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16635
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "adeffc536b7edc8b6e04be23d874c82c69fc278b"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET https://telegram%20news/com.telegram.org/img/emoji/40/F09F8CB2.png
https://telegram%20news/com.telegram.org/img/emoji/40/F09F8CB2.png Frame ABE6 0
0

GET
H2 200 NPf_D21KavKersPgpvcbyHgJ18_77qdcO_9h-9RGFmcdz1TEi-TOj2Cbjf4w5_fyvCYZa-RXJk_hoTK8DMUFeGH6MnqATqf3xcpsLjdPDyYB8ZR5XCggFGspfvwqFsfgM2MCXYh64_ONjwaExnQORba8l0lg7zbOm1mhoFbmwvgZKVK8XPUtZIZQGr8zUBYN3F6eY...
cdn1.cdn-telegram.org/file/ Frame ABE6 12 KB
12 KB 149ms
147ms Image
image/jpeg 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.cdn-telegram.org/file/NPf_D21KavKersPgpvcbyHgJ18_77qdcO_9h-9RGFmcdz1TEi-TOj2Cbjf4w5_fyvCYZa-RXJk_hoTK8DMUFeGH6MnqATqf3xcpsLjdPDyYB8ZR5XCggFGspfvwqFsfgM2MCXYh64_ONjwaExnQORba8l0lg7zbOm1mhoFbmwvgZKVK8XPUtZIZQGr8zUBYN3F6eYL9abakmtYzMoyuxvMquTYhArCns-7TttzwkrlQJvOzF_c_aL7Wju4kBgKGbgDfkd0A-pA_PViG7KwE5ROagcFrXtyVDXBjiRJlMNby0JuswozwMveBPSIN7EKKOtMNER6CM0tXm4QYAexKHTw

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

5b1319b48058262a1e83b6a9c81dc8dffa55837203a77401e7ddc3df4430adc0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:42 GMT
via: 1.1 google
age: 1622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12223
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "f37ae18dda9804140f967751c0ceef32804e673e"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET https://telegram%20news/com.telegram.org/img/emoji/40/E29883.png
https://telegram%20news/com.telegram.org/img/emoji/40/E29883.png Frame ABE6 0
0

GET https://telegram%20news/com.telegram.org/img/emoji/40/F09F9BB7.png
https://telegram%20news/com.telegram.org/img/emoji/40/F09F9BB7.png Frame ABE6 0
0

GET https://telegram%20news/com.telegram.org/img/emoji/40/F09F9494.png
https://telegram%20news/com.telegram.org/img/emoji/40/F09F9494.png Frame ABE6 0
0

GET https://telegram%20news/com.telegram.org/img/emoji/40/F09F8E84.png
https://telegram%20news/com.telegram.org/img/emoji/40/F09F8E84.png Frame ABE6 0
0

GET
H2 200 A4CbyQfHJE5cJUc_1OyRk80w7d9HGnBg88gK40IInA8k9AFVJCw9CRLl73Capx_MpQnpw483CBcmJkHJhbDmLwIxes3hi7piX50_u5KaHojJdCr2NrkPjGkhqMZSDTa93ugZ0hJMgrEAd9v3YRczBJi-GSXcMRxsz2nMpAVkdJtfyWt4NjPhrvWkDlGhjdGjIwQLj...
cdn1.cdn-telegram.org/file/ Frame ABE6 14 KB
14 KB 151ms
149ms Image
image/jpeg 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.cdn-telegram.org/file/A4CbyQfHJE5cJUc_1OyRk80w7d9HGnBg88gK40IInA8k9AFVJCw9CRLl73Capx_MpQnpw483CBcmJkHJhbDmLwIxes3hi7piX50_u5KaHojJdCr2NrkPjGkhqMZSDTa93ugZ0hJMgrEAd9v3YRczBJi-GSXcMRxsz2nMpAVkdJtfyWt4NjPhrvWkDlGhjdGjIwQLjVGpR6CUcXZtvbC7qi5GZsWJ5gYqHQk9uRDgCslbx4hGg69oJqUR5-DxYD73IoGS5OEoLPaQm-v8tSvGKOWu8jFXV137fIrQI_pHAUEyMEvTlmXxbq2vY3M0Pyy4n8nGvmy0LlcTaOu5QYPnxA

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

152732dba335c16fa7a48b4c6051701a957e702d371fbd00d4c8be0285de0394

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:42 GMT
via: 1.1 google
age: 1622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14478
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "246de9bb9585dfeacedc9e64b731d92209b11d8a"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET https://telegram%20news/com.telegram.org/img/emoji/40/F09F8E81.png
https://telegram%20news/com.telegram.org/img/emoji/40/F09F8E81.png Frame ABE6 0
0

GET https://telegram%20news/com.telegram.org/img/emoji/40/F09FA7A6.png
https://telegram%20news/com.telegram.org/img/emoji/40/F09FA7A6.png Frame ABE6 0
0

GET https://telegram%20news/com.telegram.org/img/emoji/40/F09F8DAA.png
https://telegram%20news/com.telegram.org/img/emoji/40/F09F8DAA.png Frame ABE6 0
0

GET https://telegram%20news/com.telegram.org/img/emoji/40/F09F8E85.png
https://telegram%20news/com.telegram.org/img/emoji/40/F09F8E85.png Frame ABE6 0
0

GET
H3 200 dX6pjorz5E2NJoKRAJUGV8DYSuKxCGf0VWkqYM8EOuZJZMlLmW8h0IO7-MYprl4x8LkRs93Z5OgbMu3fZdp86Z-cOIelhH9ant2WyS3FDy8wg8tur-wuSx4uU7jwzxqH2Rm_EpL8j6-vpIFQhukaD8BViYWV-UkoVZI8A5tDCmSMkg1DFbfGpSaJrHfqXHf6GrBgp...
photo.tg-me.com/u/cdn4.cdn-telegram.org/file/ Frame ABE6 73 KB
74 KB 1272ms
1270ms Image
image/jpeg 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo.tg-me.com/u/cdn4.cdn-telegram.org/file/dX6pjorz5E2NJoKRAJUGV8DYSuKxCGf0VWkqYM8EOuZJZMlLmW8h0IO7-MYprl4x8LkRs93Z5OgbMu3fZdp86Z-cOIelhH9ant2WyS3FDy8wg8tur-wuSx4uU7jwzxqH2Rm_EpL8j6-vpIFQhukaD8BViYWV-UkoVZI8A5tDCmSMkg1DFbfGpSaJrHfqXHf6GrBgpToRF5eHObliPaSKBKjkJ384zZhuH7D4WETsbs3RO2VDgRtu-UoMOIDrlua8Lnlspp7v0K-3NrIM2u4S1RscyBUCAilfKjGd-3ThNZ5m7itLHBRGxW0vYYGyT8GnewlKjxGTMQHhh1SSzRlKpQ.jpg
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e16cae9c69a42b5658f559d3daa77f6960c4eda605938b995a05bde6474ebb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:45 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Jan 2024 00:07:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3Rfh6hpkB1MZm1hYPJlqz9FIJgowDh%2FtUv0nib%2FSmvm1gNUoW3dIcLpJYwD01DPdzuUuBaCza%2FO4WZw2o7kY3%2FmNi0kWQY3TJHrA8FFaa7tOMLU%2BOb6aRqriuPdLZY3oXO7C8IZSCBcolquXqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
cf-ray: 83f986d4baf04bd8-BUF
alt-svc: h3=":443"; ma=86400

GET https://telegram%20news/com.telegram.org/img/emoji/40/F09F8EA9.png
https://telegram%20news/com.telegram.org/img/emoji/40/F09F8EA9.png Frame ABE6 0
0

GET https://telegram%20news/com.telegram.org/img/emoji/40/F09F9882.png
https://telegram%20news/com.telegram.org/img/emoji/40/F09F9882.png Frame ABE6 0
0

GET https://telegram%20news/com.telegram.org/img/emoji/40/F09F918B.png
https://telegram%20news/com.telegram.org/img/emoji/40/F09F918B.png Frame ABE6 0
0

GET https://telegram%20news/com.telegram.org/img/emoji/40/F09F8C9F.png
https://telegram%20news/com.telegram.org/img/emoji/40/F09F8C9F.png Frame ABE6 0
0

GET https://telegram%20news/com.telegram.org/img/emoji/40/F09F95AF.png
https://telegram%20news/com.telegram.org/img/emoji/40/F09F95AF.png Frame ABE6 0
0

GET https://telegram%20news/com.telegram.org/img/emoji/40/F09FA5B6.png
https://telegram%20news/com.telegram.org/img/emoji/40/F09FA5B6.png Frame ABE6 0
0

GET https://telegram%20news/com.telegram.org/img/emoji/40/F09F91BC.png
https://telegram%20news/com.telegram.org/img/emoji/40/F09F91BC.png Frame ABE6 0
0

GET https://telegram%20news/com.telegram.org/img/emoji/40/F09F94A4.png
https://telegram%20news/com.telegram.org/img/emoji/40/F09F94A4.png Frame ABE6 0
0

GET
H2 200 ArtbEYEd5b2Os6GfcdFP7qS-6FkO4SVIJ6pzbyuNvqw20LY95EZBy_fEThQL5y06E65EDbAB7i3pjykYGJlsIHqDtWtYrcZEehNGPHnmTKNltu_-04IxsbWjlzB-52WAal3Zv2yO4whMSYWZBxcUaXcgsdi0xM4c8NkG_MfLzFre1GRXxu6uYufk19-4tC67aWZxm...
cdn1.cdn-telegram.org/file/ Frame ABE6 13 KB
13 KB 152ms
149ms Image
image/jpeg 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.cdn-telegram.org/file/ArtbEYEd5b2Os6GfcdFP7qS-6FkO4SVIJ6pzbyuNvqw20LY95EZBy_fEThQL5y06E65EDbAB7i3pjykYGJlsIHqDtWtYrcZEehNGPHnmTKNltu_-04IxsbWjlzB-52WAal3Zv2yO4whMSYWZBxcUaXcgsdi0xM4c8NkG_MfLzFre1GRXxu6uYufk19-4tC67aWZxmRk02CaWQn_XMlxu3uMCxA3aDkhFQVoacjTIux5FzK238cdYNnOWgFHdh9-PVKzS27bSzcNSdnYk-DnJBVLQ0R-RbPOsVC_XcG7WIPT4sc6CUbCv5PpPO1tZicAhOIUWoUar1s8nHfp5VUTUzQ

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

553457c15fb591b8701239ccf22db0c8ea7717522fe92c1bebcca225c649e22b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:43 GMT
via: 1.1 google
age: 1621
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13379
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "9aa8bdeccfcfa76e5abce86f1e61429a5d642509"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H2 200 X2ka6hJaTiyAM8kO9NOTSLrkUfxRs3eBAAAsqkO8rp8_9seryKaN9qHl8QaL9IXWPGWMfH5yV0Yvm8iL5B_UHfwc11HSekLr7WIco5SDWO5EptcmBsxgjPcJK2jSalbqLW13B1xszjLOTN0i-SQyjQt9yx-ElJtxyFq_vBVkh1DUUTHjhO2mv-zeYIll2RUbrl_Zx...
cdn1.cdn-telegram.org/file/ Frame ABE6 24 KB
24 KB 153ms
150ms Image
image/jpeg 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.cdn-telegram.org/file/X2ka6hJaTiyAM8kO9NOTSLrkUfxRs3eBAAAsqkO8rp8_9seryKaN9qHl8QaL9IXWPGWMfH5yV0Yvm8iL5B_UHfwc11HSekLr7WIco5SDWO5EptcmBsxgjPcJK2jSalbqLW13B1xszjLOTN0i-SQyjQt9yx-ElJtxyFq_vBVkh1DUUTHjhO2mv-zeYIll2RUbrl_ZxWX8Z4FnvdZBk5cGA_OFblEurqoYv8dtMNfUXXWJ946Mq8AK51u5ooptaIEP_oHEJMEn9ZnpEfrU09q5dfmlcWdDpHxAEKJy_KpH_oN2C5fW4yOXqznPWDjnXaUu2VSpz8toyrPplzcSMwH-Ow

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

04d4d8b4595f2614f2dd7989d96c8fef9c6beed9cae74ce092f13d261a180e6d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:43 GMT
via: 1.1 google
age: 1621
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24264
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "a131a0933f2788aebec51df7a73b7269f6ef8341"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H2 200 l_FT72HS0Y00P_cnsdJmwmgo4INlgstv_MiV3dPI90bWAJfsi7RJX7_RZxC1wMk3KD-jlnOoaKhHOM0WI0xP_Fu2BM05ZomF2QSqX330xPCI-h_tXu45NdLPfCPhNJp_X9qZyr5fJTyw7vbodi2zvbyNV7krxGPe_ckPUyIdXOwG4TASLyqjsVAvDuASaxayl7KQJ...
cdn1.cdn-telegram.org/file/ Frame ABE6 19 KB
19 KB 153ms
151ms Image
image/jpeg 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.cdn-telegram.org/file/l_FT72HS0Y00P_cnsdJmwmgo4INlgstv_MiV3dPI90bWAJfsi7RJX7_RZxC1wMk3KD-jlnOoaKhHOM0WI0xP_Fu2BM05ZomF2QSqX330xPCI-h_tXu45NdLPfCPhNJp_X9qZyr5fJTyw7vbodi2zvbyNV7krxGPe_ckPUyIdXOwG4TASLyqjsVAvDuASaxayl7KQJ_DsWvplxHY4WqdYR2dPKe7UIZfAXkXxYzc8CL77ufe1oTz0O6TJ94RcGRtNOWCGjfaeI6EIjtE30ETRN543-v9NgsSDBrV4NU2DOV6BEM2RwJrTC8obkcpim340b_GRJb56t-1cPaf6Ge06Fw

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

df7cc140e66688011ad9040460d88f318ee9f20972e12f812ef8100b7e46e56d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:43 GMT
via: 1.1 google
age: 1621
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19359
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "0be6039ec87d04d133afa0efbae2eeef854989a6"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H3 200 K13oioRgI_xIadRJ8VbRfYEFthxSmRBtmn4C6HuBnpAjgZrtEXuOFOaa4_mDMUPBLwso1x_Uhz8c9kzgrfE0CRoh0AxMFXDOM2lndQuXnL-BUIPOnIL0_7ghcuJWrD6ZaGZLPWRu9Fj0PpefFW6Oo3KPjAOYI9iKhBPohJsaeytZsoqf_yNhTBZGVOPg1ga02qY5f...
photo.tg-me.com/u/cdn4.cdn-telegram.org/file/ Frame ABE6 73 KB
74 KB 382ms
382ms Image
image/jpeg 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photo.tg-me.com/u/cdn4.cdn-telegram.org/file/K13oioRgI_xIadRJ8VbRfYEFthxSmRBtmn4C6HuBnpAjgZrtEXuOFOaa4_mDMUPBLwso1x_Uhz8c9kzgrfE0CRoh0AxMFXDOM2lndQuXnL-BUIPOnIL0_7ghcuJWrD6ZaGZLPWRu9Fj0PpefFW6Oo3KPjAOYI9iKhBPohJsaeytZsoqf_yNhTBZGVOPg1ga02qY5fsiVts1fLKcmhH8SM52n91vGogCE35GiS4goHLu4apUiOWWNIks_uwRA8I-MEYXTElSyWaoW5V70ZIiMSZnq7ll4U2lhEXjGrb4k4NdWUHMTvRcZRoiI20LAceB7fiwZj9sgsm2CDfdQoR5Y0g.jpg
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0a5b19e9550cc19dac92f5a4b1fe301cd6b5d4593a19a074b72ec5ffe16577c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:44 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Jan 2024 00:18:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2ysubNJdbUMKUI0H7oMxa4%2FC1F5hQf1Ez1tUzZ5dnyienlPEMq7DqWHesKIWlJczS9ckqXERVYqcY%2F9NrcaOoMsRlFDPU2T3HTvAAxOfVjYrGpw%2BfcfCjSZstwpTTTAqPkQWWZt9P0RUwAr3%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
cf-ray: 83f986d4baf24bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 206 bb8f695e9d.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 64 KB
0 420ms
418ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1.cdn-telegram.org/file/bb8f695e9d.mp4?token=iVEsehs1zhjEbDoGiWkuPIvMiHE27XTMpXsYG7qBAEMmWFFROOEpr2gQVWXCNOvIs2fJ7HwIbMhOSU-9wGI7fSiLaqczoPINJ1ZfR5mxtvYXQh28ey3NJgnNe1wBejCG0Q4fOaBrivkIOZDJ2dfzKCwpGbD8eHyJWXMacBwIi07IFlC1V5vTY5Wq8kXlNlCpsmHXHLANwl7ukhAfW-D3dBZ-RJLBJskuKCtQDufaiD3Jfe0a9bnTodpWX02OVtZRXBEvDSZgMVK_NoDPOI8l2l7VWdXCqU1QOVIGAyGy5dtmB3QilwtU6n9jRbhGvgLnVlwob3XGN5uLjcqBharz3A

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:43 GMT
via: 1.1 google
age: 1621
Content-Range: bytes 0-1917026/1917027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 1917027
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "98551905dd2f0393ac6b19be306c13638139c4be"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H2 206 e11c57a711.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 0
0 420ms
417ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1.cdn-telegram.org/file/e11c57a711.mp4?token=lLviZqv_MRVn2sq97-6eR15eqWdZAitw6hhpdwt75PUDOrm0TU3zWicr_liVwysGK8oJS0kDMtQmklu7UF_2w_tVgBvPkLh9QTQKp-JB77m_p-h46AKS5vgCMXjNXaR6dZRNLsYkeewrjCFb662hJqpXCmydHM2oFc--DHjE1oOAO-oxzI-SIdVwmdX1614jjIFTwPaUFqyQbbeKB84pbFRz6_L3u-gBFx9jfLrD8AePffbXC_xPPQjs1_CeBq_WvDWADY6eo5-9Oh4Z4BQ_S-fTCEii0E_wfU2SsFUyPB7pMki2o0JwnuhnXT-28ZswfGWiXT-E24U0FbKMlneqAA

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:43 GMT
via: 1.1 google
age: 1621
Content-Range: bytes 0-5448509/5448510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 5448510
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "6f0f2797fffb46384c9f1c37bd8d9cbb4035d09d"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H2 206 e11c57a711.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 256 KB
0 424ms
422ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:43 GMT
via: 1.1 google
age: 1621
Content-Range: bytes 0-5448509/5448510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 5448510
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "6f0f2797fffb46384c9f1c37bd8d9cbb4035d09d"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H2 206 42e2fc7346.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 847 KB
0 441ms
438ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1.cdn-telegram.org/file/42e2fc7346.mp4?token=ZJIeIfvd1sa2yvsbhqwCMNtkusMUdsn9gPKNtIdsIrz1TddrexUg2UWBHQw6DgYZdopKJqLxLf4s2QDQmdjezGvuAIK2LvGhfYwOfrjz-_Zu2rE33AZTL8plNIgjZUmwDVUrbXq1SHcsTW1XKlvxDQYkHqYy_ASqG6SmPuFEHRw32Dtwf5eKLdsPw80aW5TbRgrawDByI7Z9NcjxN9sxbW5ZlqPM0-oAdlOTWFZIBxhZuWNwe0LIPhv61wmiUc5ML6GxbwfMiB-mATXBWQNs6L1yQ15lPA1bCKgxNi79vT_e_vXQG-2MbjdXL2vY284l6tgahu3kRE9dO7aJrxdpRQ

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:43 GMT
via: 1.1 google
age: 1621
Content-Range: bytes 0-2426639/2426640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 2426640
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "e8accda1fc6e1012fe5368d4a6ad48cebe949f53"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H2 206 57fddaa3c6.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 65 KB
0 306ms
303ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1.cdn-telegram.org/file/57fddaa3c6.mp4?token=fC-VL1J2Q_HZusJwV-Sxep0BOwgFaLEds0kbahmw-F1r3T2mNommnn2RbJ_YGDs-y5yLLiTr9YuzhZye3edkoP8nWU2UNMrFifzrN1X7fWcvLSuG-rQ0xovtNxf0vq11tsPnTEYfN9nwaMN3UxpxtdA0HrmC5WC6lMvvfw3eHK4uaGtV1SVqBiIBH_r5JqFEzGoHLA-4GDqbE5PWYdATvPPgcy3h3aCJKztjw2Ylo3VGvLUBJsebJtocFZ0RMa2bo6R8HpISJhujCanWCnmLNjJFPX7blFADFLjoPKhBlpXskNEaSZGVlsN02r965ukIRBKd7urP5NKchfYFArMv9A

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:01:43 GMT
via: 1.1 google
age: 1621
Content-Range: bytes 0-1744205/1744206
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 1744206
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "cafd42281ba4296c4c100d213f5c4fa6ba30dd91"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H/1.1 200
OK adj Show response
grid.bidswitch.net/ Frame ABE6 22 B
235 B 379ms
378ms Script
text/javascript 35.211.93.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/adj?auid=373595
Requested by: Host: as.innity.com
URL: https://as.innity.com/synd/?cb=1704266924247&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98811&output=js&flash=0&url=www.tg-me.com&width=300&height=250&vpw=1600&vph=1200&auction=98ce2c2-194c1a1&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL1RlbGVncmFtK05ld3MvY29tLnRlbGVncmFt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.93.27 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.93.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 18c983c761fdf75fb946aa47edc930cbf2f88bc7948ebc7bc6f699aa19628eb8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 07:28:44 GMT
cache-control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 22
Content-Type: text/javascript; charset=UTF-8

GET
H3 206 78f54bd0b3.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 36 KB
36 KB 136ms
135ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

ce76ecc04036bfc45db669dff776316954aed69c0cdc585ae84895feb006184b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=4259840-

Response headers

date: Wed, 03 Jan 2024 07:28:44 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
Content-Range: bytes 4259840-4296944/4296945
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 37105
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "ebddb8065881ee58d95be51a45430ed5002a42fe"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H3 206 57fddaa3c6.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 39 KB
39 KB 167ms
161ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

3254c77dcb58dc83b677c1fab3238de8a7c3943006643985c6bbc15dca414200

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=1703936-

Response headers

date: Wed, 03 Jan 2024 07:28:44 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
Content-Range: bytes 1703936-1744205/1744206
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 40270
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "cafd42281ba4296c4c100d213f5c4fa6ba30dd91"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H3 206 bb8f695e9d.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 16 KB
16 KB 106ms
104ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

0e9567a7344ae70249d426ae80d68f3606e5f193d679d7bd5795b4fd13dc7846

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=1900544-

Response headers

date: Wed, 03 Jan 2024 07:28:44 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
Content-Range: bytes 1900544-1917026/1917027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 16483
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "98551905dd2f0393ac6b19be306c13638139c4be"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H3 206 78f54bd0b3.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 462 KB
0 202ms
202ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=65536-

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:28:44 GMT
via: 1.1 google
age: 0
Content-Range: bytes 65536-4296944/4296945
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 4231409
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "ebddb8065881ee58d95be51a45430ed5002a42fe"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H/1.1 200
OK container_576b5a051c51b1c0244bca09.js Show response
ssl-avd.innity.net/1/ Frame 74B3 11 KB
4 KB 30ms
26ms Script
application/javascript 23.209.54.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.209.54.115 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-54-115.deploy.static.akamaitechnologies.com
Software: nginx/1.24.0 /
Resource Hash: fcbfe3701531c9c0a1cdf0f9adaf43370498a8a46185ec0639f844a14f1f5541

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 07:28:44 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Oct 2023 07:45:31 GMT
Server: nginx/1.24.0
ETag: "6528f59b-2aa5-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1353239
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3678
Expires: Thu, 18 Jan 2024 23:22:43 GMT

GET
H3 206 e11c57a711.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 41 KB
41 KB 101ms
98ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

59af1cdc6b2e497ffa5f6c2edc98f44df086fe7be933b5d9b2e062f7bf8e9418

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=5406720-

Response headers

date: Wed, 03 Jan 2024 07:28:45 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
Content-Range: bytes 5406720-5448509/5448510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 41790
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "6f0f2797fffb46384c9f1c37bd8d9cbb4035d09d"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H2 204 utx Show response
moonheappyr.com/ Frame ABE6 0
536 B 33ms
33ms XHR
text/plain 13.32.208.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://moonheappyr.com/utx?cb=kj5m2CGRpA22&top=www.tg-me.com&tid=994291
Requested by: Host: d37tb4r0t9g99j.cloudfront.net
URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.208.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-208-102.iad66.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 07:28:44 GMT
via: 1.1 063f496e2a2a07219bf3fbec39d54de4.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: IAD66-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tg-me.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: tY0Ug_PHpp43PJXisXTTqopl9T5a6c4ePkH3P1DY3AtI6R2XyrEQnA==

GET
H2 200 BgJoIGwrHlV3CA4bSgIOWi5BaDIZNVc+ZR4oVAEAHSBeLWwOLHc2Hg Show response
moonheappyr.com/WjlOWGo7Wy01VTsELH4fKFVzfVgcHHweDmkOOjpeKAk6YQ1jACR2CTZWOzwMKFYgLEQ0XDp9WBxVFDYaEnQ0PywcaiIOKCJwGhEdbnsWaF9reik0Kx99HDs8MmMGFVocbwULIy1qGGAsDlAAHg4yDXYBPz56DzMOK3gpMCscUBQ8MmtNLREGa... Frame 3CA9 3 KB
2 KB 40ms
37ms Document
text/html 13.32.208.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://moonheappyr.com/WjlOWGo7Wy01VTsELH4fKFVzfVgcHHweDmkOOjpeKAk6YQ1jACR2CTZWOzwMKFYgLEQ0XDp9WBxVFDYaEnQ0PywcaiIOKCJwGhEdbnsWaF9reik0Kx99HDs8MmMGFVocbwULIy1qGGAsDlAAHg4yDXYBPz56DzMOK3gpMCscUBQ8MmtNLREGa1sZaB4ybCIvLwgKAw4+GGAYFCtvaQg/UjZqfmg7GVB/OiIydCw9Bm9hBhonKGF/NC4JeAsfLDZjKDw7F2gLCicqb387OBluBxopG14BAQ0fcBhoGip4Nmk8FX4HGikYfBoTOw90H2gBHH8pKD0bV2MdIh9sABEOa3MHHgIDUBweWh98HW0iEm8fYAk9eB4LLzZBCD8aDWwnIAgOeD0PMz1/eQlaMgoWaS8UcXwRKBl4Cz4gHFEWDFtjCA9pGRV6DTAPAmwAESsLcAUOBggKBglfDWh9bA4ZbxwcMz18Bx44KVEbMwUKYX0OWx5vGBYLC3gBCStjDw8/BgJoIGwrHlV3CA4bSgIOWi5BaDIZNVc+ZR4oVAEAHSBeLWwOLHc2Hg
Requested by: Host: d37tb4r0t9g99j.cloudfront.net
URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.208.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-208-102.iad66.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 80b329f025e359a54ff197bda74c74c530eaa4218079f756d3a4b8e688ab1cd9

Request headers

Referer: https://www.tg-me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1259
content-type: text/html
date: Wed, 03 Jan 2024 07:28:45 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 063f496e2a2a07219bf3fbec39d54de4.cloudfront.net (CloudFront)
x-amz-cf-id: pokZCpa_2uzAnK7cKtfE519NWU4ecCycozM2ATRpNDeNTB3OPAXgQg==
x-amz-cf-pop: IAD66-C1
x-cache: Miss from cloudfront

GET
H2 204 utx Show response
moonheappyr.com/ Frame ABE6 0
538 B 70ms
69ms XHR
text/plain 13.32.208.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://moonheappyr.com/utx?cb=NLlndiO56xU3&top=www.tg-me.com&tid=997292
Requested by: Host: d37tb4r0t9g99j.cloudfront.net
URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.208.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-208-102.iad66.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 07:28:45 GMT
via: 1.1 063f496e2a2a07219bf3fbec39d54de4.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: IAD66-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.tg-me.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: KUYPeHl-rTa8wzjqPEUGZTxSjp55N-nvPSTSg5BLa2W6tF9sykNjHg==

GET
H2 200 V3RUMkk2FjdfdjZJNhQ8JRhpF3sRUWZ0LWRDIFB9JUQgCy5uTT4cKjsbIVYvJRs6Rmc5ESAXexEFN2U9Yzo4XRoVNg5jEwYhF3oIIx4HdDEcMGZaERYlIGgHFjIDcx4eUWZwDi4EH3AhHkwEdyEDEhVnGx81IAEYEQAxZSMkEhB3HAYkLAoABSUwCgwWTDVxe2IsH... Show response
moonheappyr.com/ Frame 6644 3 KB
2 KB 65ms
64ms Document
text/html 13.32.208.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://moonheappyr.com/V3RUMkk2FjdfdjZJNhQ8JRhpF3sRUWZ0LWRDIFB9JUQgCy5uTT4cKjsbIVYvJRs6Rmc5ESAXexEFN2U9Yzo4XRoVNg5jEwYhF3oIIx4HdDEcMGZaERYlIGgHFjIDcx4eUWZwDi4EH3AhHkwEdyEDEhVnGx81IAEYEQAxZSMkEhB3HAYkLAoABSUwCgwWTDVxe2IsHEUhDTkBRSoUMRkGCgVAG2AjFi4AY3gPLixFDBYYbAABBgQwcAsvMQZnLgMVEXQNE0VsAg8GJQRgEW4wA0oTFBJkfCsEJQ4CGAJBGFYBbjADRXAxOhFWLw8lAWsfERgdZiQvMgVeZGcxNVoINTcSXWxlMhZVfTYsAH8PAx8kRStnPjdkLgEHAnQlHjw+dxMfDAJTL2c5O2oYBQUcYwADIWcLDQAMbWYGBRsRZxsZGwVjLgYmEGcqExhkdwESNg5hCz8FDAN4HjBmfC8AHztiL2c6NnF4NEwRcCIFMWZVeg8fJ3AtEj4waiIZGgV0OR0wOXwKDyERdigCGA1hGDMHclg6OBokDzADED5ze2c8GWV5Mg
Requested by: Host: d37tb4r0t9g99j.cloudfront.net
URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.208.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-208-102.iad66.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: a7471c3bf5dbd28cf1edceac3157c30c60c5dfed307620609255ecb88855a3f8

Request headers

Referer: https://www.tg-me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1253
content-type: text/html
date: Wed, 03 Jan 2024 07:28:45 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 063f496e2a2a07219bf3fbec39d54de4.cloudfront.net (CloudFront)
x-amz-cf-id: -NeqvJ-htpwODFuyvLYsbhpxEalWbjDevQagSuFWEJXCSbpGb87yIQ==
x-amz-cf-pop: IAD66-C1
x-cache: Miss from cloudfront

GET
H2 200 Kj0+VBIVFQs8LxMFGjQJER4VID8QLBtUahASGQsvd3UaMHcbDwIIEh0DaCBwGxIaMyM8CX1XAQQWLAYXAS8ZMxYHPxMkHh8QNlwoBHY8Mhc4fxMmKxA9PhwJBQVqPy0EEjMhHTwVOzYWACw8IAUEBQswNBMwAi0XYC8ALBYQKz0OMwcGayRzBQEBIB1hETszBhwxP... Show response
moonheappyr.com/UkdYZUczJTsIeDN6OkMyICtlQHUUYmojI2FwLAdzIHcsXCBrfjJLJD4oLQEhICg2EWk8IixAdRQ/Dg52Ph0iMHYbICsnBDsOMyQRPQo6VisKHz8BMBg/ASwQKx0vLi4QBRwdcx4GCSAgERYeJxYBMCgyAj0CAgg0GAU0Fj8xAhUmECgRLzMCF... Frame 6A8A 3 KB
2 KB 48ms
47ms Document
text/html 13.32.208.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://moonheappyr.com/UkdYZUczJTsIeDN6OkMyICtlQHUUYmojI2FwLAdzIHcsXCBrfjJLJD4oLQEhICg2EWk8IixAdRQ/Dg52Ph0iMHYbICsnBDsOMyQRPQo6VisKHz8BMBg/ASwQKx0vLi4QBRwdcx4GCSAgERYeJxYBMCgyAj0CAgg0GAU0Fj8xAhUmECgRLzMCFBIVDH4LEiAoLR4BPy4QOzAzJhYmEjtWfzgSMBEqMwE8PQ8BAjMmMBwmETFyExEJMHMdEhozBQUjYTZ2MRYCNH4TEQkwLxgGLDcGCgl9VwUYdxEtHTgRDDA/Kj0+VBIVFQs8LxMFGjQJER4VID8QLBtUahASGQsvd3UaMHcbDwIIEh0DaCBwGxIaMyM8CX1XAQQWLAYXAS8ZMxYHPxMkHh8QNlwoBHY8Mhc4fxMmKxA9PhwJBQVqPy0EEjMhHTwVOzYWACw8IAUEBQswNBMwAi0XYC8ALBYQKz0OMwcGayRzBQEBIB1hETszBhwxPSMdNAU1AX8HMH4PND0pKFgIFTMBNik0cy4hIw
Requested by: Host: d37tb4r0t9g99j.cloudfront.net
URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.208.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-208-102.iad66.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 977a20ed93d5d2ced16a87f1892bc0f8de374a38e15050d360e103fb87dcccca

Request headers

Referer: https://www.tg-me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1234
content-type: text/html
date: Wed, 03 Jan 2024 07:28:45 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 063f496e2a2a07219bf3fbec39d54de4.cloudfront.net (CloudFront)
x-amz-cf-id: rKV9jveeiC8ZwC-olDMb9k3l2Cs8lst1fTci1hvoCFUdOMpYlgjwWw==
x-amz-cf-pop: IAD66-C1
x-cache: Miss from cloudfront

GET
H3 204 M3QxbzgcS1IcBVEzXl9iWDpnOGlpLFReUFY1ZzUPZBhWK25rORcbUVdJCFYMAU0ASUhaEAxeHkAAUBtNQEkASVFdEl5SHkVJAEELB1oCWxYDUkRSCQJFCVYLBU0EXAAARQBZHkcEUAgFAlJBG0xfSQBYCAdGB1kBAUAIWgs
yistkechauk.org/ Frame ABE6 0
409 B 52ms
49ms Image
text/plain 172.67.161.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yistkechauk.org/M3QxbzgcS1IcBVEzXl9iWDpnOGlpLFReUFY1ZzUPZBhWK25rORcbUVdJCFYMAU0ASUhaEAxeHkAAUBtNQEkASVFdEl5SHkVJAEELB1oCWxYDUkRSCQJFCVYLBU0EXAAARQBZHkcEUAgFAlJBG0xfSQBYCAdGB1kBAUAIWgs
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qgBAQwSdDMEFo1mAulELCdoXPUHO5Q66FV5zTJGusv8eDiY%2FnYYU3zaepYAGBs8Fpyg6taemEIhc0O0VDzCStrw25Ph4pLUHkHk8i383mMahEzY7X8ucryN%2BlEMDkjj3ak%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 83f986d97eb6a1db-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ Frame ABE6 0
0 90ms
85ms Image
text/html 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/ Frame ABE6
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp1xQM1aYYy8zfrhpa8eSsAVR9LgZQbVGCWNDjiC2i6h3FEMNBQ7cTqNDTx...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3p2pgb7RT-et0lKpQhus0rn34K3FmxCEKGJo8KZPUPNE6yfjxZjCwt1Zg5ACus5cjxie5M&passive=...

0
0

80ms
79ms

Image
text/html

2607:f8b0:4006:80f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3p2pgb7RT-et0lKpQhus0rn34K3FmxCEKGJo8KZPUPNE6yfjxZjCwt1Zg5ACus5cjxie5M&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-771514079%3A1704266925213000&theme=glif
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H3
Server: 2607:f8b0:4006:80f::200d , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Redirect headers

date: Wed, 03 Jan 2024 07:28:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-vvQqLGRZGBsdeN19ap-hsw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3p2pgb7RT-et0lKpQhus0rn34K3FmxCEKGJo8KZPUPNE6yfjxZjCwt1Zg5ACus5cjxie5M&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-771514079%3A1704266925213000&theme=glif
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/ Frame ABE6
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1H_jFTsnbuubIOxKi5NLN-M5d_gxarH22NoLg_zskgy1P0e5W1Mjb...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1wcxfdhDZwNfUjW_No_aldEOdHU2rdY5_wrmlR7N_2xzvrs2BP33SpcLauNgXt9Q_CmLmz&passive...

0
0

83ms
82ms

Image
text/html

2607:f8b0:4006:80f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1wcxfdhDZwNfUjW_No_aldEOdHU2rdY5_wrmlR7N_2xzvrs2BP33SpcLauNgXt9Q_CmLmz&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S2097738661%3A1704266925119423&theme=glif
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H3
Server: 2607:f8b0:4006:80f::200d , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Redirect headers

date: Wed, 03 Jan 2024 07:28:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-8sRcC1Y88OQDpYPhHSKdgA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 405
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1wcxfdhDZwNfUjW_No_aldEOdHU2rdY5_wrmlR7N_2xzvrs2BP33SpcLauNgXt9Q_CmLmz&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S2097738661%3A1704266925119423&theme=glif
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 cUpma2pedQUYVyR5AVo5GgANOA0VcwMGGjsLLhtbKx9eLww5C0AfAxV3X1JdQ3NUTRoYLltaTAI+Bx8fAndXTQMfLAlWTAd3V0VZRWRVX0RBbBNWW0B7XlJZR3NTWFJCe1ddTAU6BwxXQGwWHx4dd1dcWkV4UF1TQ35fU1w
yistkechauk.org/ Frame ABE6 0
380 B 51ms
48ms Image
text/plain 172.67.161.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yistkechauk.org/cUpma2pedQUYVyR5AVo5GgANOA0VcwMGGjsLLhtbKx9eLww5C0AfAxV3X1JdQ3NUTRoYLltaTAI+Bx8fAndXTQMfLAlWTAd3V0VZRWRVX0RBbBNWW0B7XlJZR3NTWFJCe1ddTAU6BwxXQGwWHx4dd1dcWkV4UF1TQ35fU1w
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GdHHQYh47Zu55%2B8FeJ6uju%2Bip7j8WFidINBAy0QEKI5of%2FlAWuqB19uNEX5Ynw1l1Za%2FhUrsFqR%2BGZaE0CNJItBLY4vPt9co5vW7Ghqx7MrWUKJX3nqTNEnM10M%2FUGJYTN8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 83f986d97eb9a1db-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 204 Lnx1R3t2c3JGcnB0dEB9
yistkechauk.org/S0JBRHBkfSI3TRgpCwIpIC5kdjYoGhsSFngyNiImCXYkKjYyFAkBVj8rJXlJcnZzfUJtMiggTXp6ZzcEKjY0N016ZCgqFiR/ZzJNemxxakJldmcxTXpzcHxJeHR4cUNzcXB1Rm02MSUXdnNnNAQ/ Frame ABE6 0
372 B 52ms
49ms Image
text/plain 172.67.161.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yistkechauk.org/S0JBRHBkfSI3TRgpCwIpIC5kdjYoGhsSFngyNiImCXYkKjYyFAkBVj8rJXlJcnZzfUJtMiggTXp6ZzcEKjY0N016ZCgqFiR/ZzJNemxxakJldmcxTXpzcHxJeHR4cUNzcXB1Rm02MSUXdnNnNAQ/Lnx1R3t2c3JGcnB0dEB9
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jAKizmTd6YpBXDriidawZh5NiR7KfS2YC07rmMsbF1f1Zx0rWPO75NBncd%2B2TToxhhSqnVfE3Cn9j7fS88wapcApXjK54d7j7bDtld45KGmFIhKNSCQ5yXmFzw838d%2B032s%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 83f986d97ebaa1db-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3

200

main.js Show response
www.tg-me.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame C79C
Redirect Chain

https://www.tg-me.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.tg-me.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
4 KB

37ms
36ms

Script
application/javascript

2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tg-me.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Server

2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdb27d7902719a05445f356ce91c915301334acae7cf77564da74ecb51fad5d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:45 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yWYU5LTLBK1TNVKA2MJbCAkZMPBinZO4dMgOKJbO%2Fon7btBdJr4ESYARqHROPy6cQ2%2BFDJt%2BjKGBJnFhqLJQJ3FYnl3y2dxJXOR%2FzxlcJuYaa1U6%2B%2FREdfjHMI1cxzOVumYKMeemrWktgWrU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 83f986d9fcc64bd8-BUF
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 03 Jan 2024 07:28:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCyj4YGipdlCjs23pwnq3p6dN4%2FmISK8MyjWG8BAa00cyVnSwWEGlCoC8LXiQTfgVuZG1NiTHSSYDKFTtPVeSRyHHcY8RVlhg6y7Jij4ftaBKccnG9DGfKR7ZvEyGzJtVKRdGqtbSH%2FChadB"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
cache-control: max-age=300, public
cf-ray: 83f986d9ac924bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 lZnpHMzgFFSlVBxITIw4BX051CglAEDRcVhZHM0FVKSIwSV8FTiNFdh48YUdCAkdqAghAFiZdX1tcIl1bW0thUlwER3MVTBYVLA5PFg8lS00QCi1bHhMbel5XHBMrX1lDSAEGFlZfdQMQERMpV1cRCWIBCAgOYgEIV0ppAx1VOGIBCBETKQUMQ0kFFgpWAn-EHEUN... Show response
d37tb4r0t9g99j.cloudfront.net/ Frame 3CA9 699 B
788 B 96ms
95ms Script
text/plain 2600:9000:210b:ee00:9:81e3:f9c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d37tb4r0t9g99j.cloudfront.net/lZnpHMzgFFSlVBxITIw4BX051CglAEDRcVhZHM0FVKSIwSV8FTiNFdh48YUdCAkdqAghAFiZdX1tcIl1bW0thUlwER3MVTBYVLA5PFg8lS00QCi1bHhMbel5XHBMrX1lDSAEGFlZfdQMQERMpV1cRCWIBCAgOYgEIV0ppAx1VOGIBCBETKQUMQ0kFFgpWAn-EHEUNId1JIFhYiRF0EES5HHVQ8cgAPSElxFgpWUixbTAsWYgF7Q0h3X1ENH2IBCAEfJFhXT191A1sOCCheXUNIAQIKVlR3HQ5WQ34dCVRDYgEIFRshUkoPX3V1DVVNaQAOQA96AglXQn4ADl9PdAsLV0tx
Requested by: Host: moonheappyr.com
URL: https://moonheappyr.com/WjlOWGo7Wy01VTsELH4fKFVzfVgcHHweDmkOOjpeKAk6YQ1jACR2CTZWOzwMKFYgLEQ0XDp9WBxVFDYaEnQ0PywcaiIOKCJwGhEdbnsWaF9reik0Kx99HDs8MmMGFVocbwULIy1qGGAsDlAAHg4yDXYBPz56DzMOK3gpMCscUBQ8MmtNLREGa1sZaB4ybCIvLwgKAw4+GGAYFCtvaQg/UjZqfmg7GVB/OiIydCw9Bm9hBhonKGF/NC4JeAsfLDZjKDw7F2gLCicqb387OBluBxopG14BAQ0fcBhoGip4Nmk8FX4HGikYfBoTOw90H2gBHH8pKD0bV2MdIh9sABEOa3MHHgIDUBweWh98HW0iEm8fYAk9eB4LLzZBCD8aDWwnIAgOeD0PMz1/eQlaMgoWaS8UcXwRKBl4Cz4gHFEWDFtjCA9pGRV6DTAPAmwAESsLcAUOBggKBglfDWh9bA4ZbxwcMz18Bx44KVEbMwUKYX0OWx5vGBYLC3gBCStjDw8/BgJoIGwrHlV3CA4bSgIOWi5BaDIZNVc+ZR4oVAEAHSBeLWwOLHc2Hg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:ee00:9:81e3:f9c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ae0a7281818db43ff600ba08a47ec7ab14a1ca445a7d2fded908c17072298584

Request headers

accept-language: en-US,en;q=0.9
Referer: https://moonheappyr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:45 GMT
content-encoding: gzip
via: 1.1 b107b2437bbcbc926a3b733dc72fd52a.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 511
x-amz-cf-id: AhsFkzwOJjgYQVjSp8mN0JNrKhxnRGfalgXagD4EBvDFaiVEcNsQsw==

GET
H/1.1 200
OK dc.js Show response
avd.innity.net/lib/ Frame 74B3 20 KB
7 KB 29ms
28ms Script
application/javascript 23.209.54.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/lib/dc.js
Requested by: Host: ssl-avd.innity.net
URL: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.209.54.115 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-54-115.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 07:28:45 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Oct 2021 06:40:46 GMT
Server: nginx/1.20.2
ETag: "61725cee-5149-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1357040
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6412
Expires: Fri, 19 Jan 2024 00:26:05 GMT

GET
H3 206 bb8f695e9d.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 266 KB
0 153ms
152ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=65536-

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:28:44 GMT
via: 1.1 google
age: 1
Content-Range: bytes 65536-1917026/1917027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 1851491
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "98551905dd2f0393ac6b19be306c13638139c4be"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H3 206 57fddaa3c6.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 92 KB
0 201ms
200ms Media
video/mp4 34.111.15.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.15.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.15.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tg-me.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=65536-

Response headers

content-security-policy: default-src 'none'; sandbox
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 07:28:44 GMT
via: 1.1 google
age: 1
Content-Range: bytes 65536-1744205/1744206
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 1678670
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "cafd42281ba4296c4c100d213f5c4fa6ba30dd91"
x-frame-options: DENY
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes

GET
H2 200 Bg4aXTMFTkpwb0JcVgVsVFlIHjEZHxVaf0MoXQRqHQITU39DWx9TORoEURNoQQgQRDUcDl0EHEBZSBhqX11ID2NfWkoPf0NbC1c8EBkRE2g3XksBdEJdXkNnQFpJDmNCXUEDaUlYSQds Show response
d37tb4r0t9g99j.cloudfront.net/qcWt4NloSBBZQZQUCHAtjSFxKD2hXAQtZNAFWAWI+GypKBhI8PEhTfAURHAt3QFteWjsfDEUQPx8IRQd8EA8aC25XHwhZMUwcCEM4CR4ORjAZTQ1XZxwEAl82HQpdBBxERUgTaEFDD180FQQPRX9DWxZCf0NbSQZ0QU5LdH... Frame 6644 704 B
790 B 122ms
122ms Script
text/plain 2600:9000:210b:ee00:9:81e3:f9c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d37tb4r0t9g99j.cloudfront.net/qcWt4NloSBBZQZQUCHAtjSFxKD2hXAQtZNAFWAWI+GypKBhI8PEhTfAURHAt3QFteWjsfDEUQPx8IRQd8EA8aC25XHwhZMUwcCEM4CR4ORjAZTQ1XZxwEAl82HQpdBBxERUgTaEFDD180FQQPRX9DWxZCf0NbSQZ0QU5LdH9DWw9fNEdfXQUYVFlITmxFQl-0EahAbCFo/Bg4aXTMFTkpwb0JcVgVsVFlIHjEZHxVaf0MoXQRqHQITU39DWx9TORoEURNoQQgQRDUcDl0EHEBZSBhqX11ID2NfWkoPf0NbC1c8EBkRE2g3XksBdEJdXkNnQFpJDmNCXUEDaUlYSQds
Requested by: Host: moonheappyr.com
URL: https://moonheappyr.com/V3RUMkk2FjdfdjZJNhQ8JRhpF3sRUWZ0LWRDIFB9JUQgCy5uTT4cKjsbIVYvJRs6Rmc5ESAXexEFN2U9Yzo4XRoVNg5jEwYhF3oIIx4HdDEcMGZaERYlIGgHFjIDcx4eUWZwDi4EH3AhHkwEdyEDEhVnGx81IAEYEQAxZSMkEhB3HAYkLAoABSUwCgwWTDVxe2IsHEUhDTkBRSoUMRkGCgVAG2AjFi4AY3gPLixFDBYYbAABBgQwcAsvMQZnLgMVEXQNE0VsAg8GJQRgEW4wA0oTFBJkfCsEJQ4CGAJBGFYBbjADRXAxOhFWLw8lAWsfERgdZiQvMgVeZGcxNVoINTcSXWxlMhZVfTYsAH8PAx8kRStnPjdkLgEHAnQlHjw+dxMfDAJTL2c5O2oYBQUcYwADIWcLDQAMbWYGBRsRZxsZGwVjLgYmEGcqExhkdwESNg5hCz8FDAN4HjBmfC8AHztiL2c6NnF4NEwRcCIFMWZVeg8fJ3AtEj4waiIZGgV0OR0wOXwKDyERdigCGA1hGDMHclg6OBokDzADED5ze2c8GWV5Mg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:ee00:9:81e3:f9c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: db0d1d4a88c5b5634835187cf09b3a9f1cf24afd47c0ce064cbc3ae6160c3ce1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://moonheappyr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:45 GMT
content-encoding: gzip
via: 1.1 b107b2437bbcbc926a3b733dc72fd52a.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 513
x-amz-cf-id: x-Qo0icbW2X2wssLdEZdCUsDhrPPG_PHOuAkmsF-4PayHOMZ13mTbQ==

GET
H2 200 VQtcPShAVQUxKAYMWn9oV1dWPj8KClBzfyNWB2ZjVUkDZnRcSQRkdEBVBSUsAwZHP2hXIQBlektUA3A4WFYEZ3VcVANveFZfBmd8Uw Show response
d37tb4r0t9g99j.cloudfront.net/xVk1lZzU1IgsBCiIkAVoMb3lXXgdwJxYIWyZwKiBBDx4LAQEgCQFBQSwpWEoEZmsJBlsxcEMCWzVwVEFUMi9YUxMjLFgKWiwkCQtUc38jUhtmaFdXHSEkCwNaIT5AVQU4OUBVBWd9S1cQZQ9AVQUhJAtRAXN+J0IHZjVTUx... Frame 6A8A 187 B
459 B 116ms
115ms Script
text/plain 2600:9000:210b:ee00:9:81e3:f9c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d37tb4r0t9g99j.cloudfront.net/xVk1lZzU1IgsBCiIkAVoMb3lXXgdwJxYIWyZwKiBBDx4LAQEgCQFBQSwpWEoEZmsJBlsxcEMCWzVwVEFUMi9YUxMjLFgKWiwkCQtUc38jUhtmaFdXHSEkCwNaIT5AVQU4OUBVBWd9S1cQZQ9AVQUhJAtRAXN+J0IHZjVTUxxzf1UGRSYhABBQNCYMExBkC1-BUAnh+U0IHZmUOD0E7IUBVdnN/VQtcPShAVQUxKAYMWn9oV1dWPj8KClBzfyNWB2ZjVUkDZnRcSQRkdEBVBSUsAwZHP2hXIQBlektUA3A4WFYEZ3VcVANveFZfBmd8Uw
Requested by: Host: moonheappyr.com
URL: https://moonheappyr.com/UkdYZUczJTsIeDN6OkMyICtlQHUUYmojI2FwLAdzIHcsXCBrfjJLJD4oLQEhICg2EWk8IixAdRQ/Dg52Ph0iMHYbICsnBDsOMyQRPQo6VisKHz8BMBg/ASwQKx0vLi4QBRwdcx4GCSAgERYeJxYBMCgyAj0CAgg0GAU0Fj8xAhUmECgRLzMCFBIVDH4LEiAoLR4BPy4QOzAzJhYmEjtWfzgSMBEqMwE8PQ8BAjMmMBwmETFyExEJMHMdEhozBQUjYTZ2MRYCNH4TEQkwLxgGLDcGCgl9VwUYdxEtHTgRDDA/Kj0+VBIVFQs8LxMFGjQJER4VID8QLBtUahASGQsvd3UaMHcbDwIIEh0DaCBwGxIaMyM8CX1XAQQWLAYXAS8ZMxYHPxMkHh8QNlwoBHY8Mhc4fxMmKxA9PhwJBQVqPy0EEjMhHTwVOzYWACw8IAUEBQswNBMwAi0XYC8ALBYQKz0OMwcGayRzBQEBIB1hETszBhwxPSMdNAU1AX8HMH4PND0pKFgIFTMBNik0cy4hIw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:ee00:9:81e3:f9c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1c26c0700d50c4bf66bd7c2e9618cd0e8d6cf8cc61bd1c4b8e63dde7ebbca243

Request headers

accept-language: en-US,en;q=0.9
Referer: https://moonheappyr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:45 GMT
content-encoding: gzip
via: 1.1 b107b2437bbcbc926a3b733dc72fd52a.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 181
x-amz-cf-id: Z9Am_wL4RJwHAR_4_yMnw6DCHfLPw5Bl5CJoqgwmHz4z-32e4eFwOQ==

GET
H/1.1 200
OK /
avd.innity.com/dc/ Frame 74B3 43 B
471 B 995ms
251ms Image
image/gif 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/dc/?cl=1&cuid=f2bb895346ba119aabdc4f1adae334bc&cb=1704266925124&douid=&sess=119541599.1.1704266925122&dur=0&ref=https%3A%2F%2Fwww.tg-me.com%2Fus%2FTelegram%2BNews%2Fcom.telegram&srf=&pk=&pt=Telegram%20News%20Telegram&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 07:28:46 GMT
Last-Modified: Wed, 03 Jan 2024 07:28:46 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

POST
H3 200 83f986cc089e4bd8 Show response
www.tg-me.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame C79C 0
548 B 49ms
48ms XHR
text/plain 2606:4700:3037::6815:40c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tg-me.com/cdn-cgi/challenge-platform/h/g/jsd/r/83f986cc089e4bd8
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:40c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Jan 2024 07:28:45 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qwzzDQz69g93F80%2BZtWtLJZhRaMriUduVT4IWCn9GGctvVH9Gz1mW4Z1vpaaTiHmow%2FOKNT9U3exbmVkt%2Fso7uXPpnIoLFCa64jLq0P4st4tHcF8q5R8xqqHTbAdgLchEQsu0YLAz7A4j5q"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 83f986db0d1c4bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 8A8F 2 KB
2 KB 31ms
27ms Script
text/html 8.28.7.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=9803606&p=163515&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 3f9f2e7f3e45fa77e6fcc81a0571c376c4f8a6e49de5c0fb890c9133b2c7aeb6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 03 Jan 2024 07:28:44 GMT
content-length: 1917
content-type: text/html; charset=UTF-8

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 47E3
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4690175777796740270&gdpr=0&gdpr_consent=

42 B
218 B

31ms
30ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4690175777796740270&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 03 Jan 2024 07:28:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: b537bc36-5127-4625-bba8-b689cdb4fd52
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Wed, 03 Jan 2024 07:28:45 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4690175777796740270&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 96.9.249.42; 96.9.249.42; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame CA82
Redirect Chain

https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=ba84da06-aa09-11ee-b5a6-b787ee51105f

42 B
322 B

29ms
29ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=ba84da06-aa09-11ee-b5a6-b787ee51105f
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 02 Jan 2024 20:57:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 0
content-type: image/gif
date: Wed, 03 Jan 2024 07:28:45 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=ba84da06-aa09-11ee-b5a6-b787ee51105f
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: lga-delivery-2

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame E25C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
236 B

39ms
38ms

Document
image/png

151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZZUMrQALt7iULQBH
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Wed, 03 Jan 2024 07:28:45 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-yyz4583-YYZ
x-timer: S1704266926.560753,VS0,VE21

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Wed, 03 Jan 2024 07:28:45 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZZUMrQALt7iULQBH
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-yyz4583-YYZ
x-timer: S1704266925.411622,VS0,VE20

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame C6D9
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1Dq3c9Js7yLPN-p-hGujIts873fPP7gl1jggKzIS

42 B
416 B

27ms
24ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1Dq3c9Js7yLPN-p-hGujIts873fPP7gl1jggKzIS
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 03 Jan 2024 07:28:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Wed, 03 Jan 2024 07:28:45 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1Dq3c9Js7yLPN-p-hGujIts873fPP7gl1jggKzIS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B0BF
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ee41876f-4704-476d-8848-1b48c3febeeb&gdpr=0&gdpr_consent=&gdpr_pd=
https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_8ef85975-0cd0-4b75-ba78-ef223dc7592d&bsw_param=ee41876f-4704-476d-8848-1b48c3febeeb&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ee41876f-4704-476d-8848-1b48c3febeeb&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

1 B
245 B

31ms
28ms

Document
text/html

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ee41876f-4704-476d-8848-1b48c3febeeb&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Wed, 03 Jan 2024 07:28:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Wed, 03 Jan 2024 07:28:45 GMT
Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ee41876f-4704-476d-8848-1b48c3febeeb&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Server: nginx

GET
H/1.1 200
OK / Show response
avd.innity.com/uidsync/mapuid/ Frame 5606 43 B
471 B 513ms
247ms Document
image/gif 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.com/uidsync/mapuid/?pid=1056&puuid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Wed, 03 Jan 2024 07:28:45 GMT
Expires: Wed, 04 Aug 1985 12:59:00 GMT
Last-Modified: Wed, 03 Jan 2024 07:28:45 GMT
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Pragma: no-cache
Server: Apache

GET
H2

200

insync
thrtle.com/ Frame 8A8F
Redirect Chain

https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&gdpr=0&gdpr_consent=
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&vxii_pid=12&vxii_pid1=10067&vxii_rcid=b8ae2b3e-ffd0-4ef3-9c9f-3e2800fd60da

43 B
296 B

43ms
42ms

Image
image/gif

50.17.254.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&vxii_pid=12&vxii_pid1=10067&vxii_rcid=b8ae2b3e-ffd0-4ef3-9c9f-3e2800fd60da
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H2
Server: 50.17.254.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-254-219.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Wed, 03 Jan 2024 07:28:45 GMT
content-length: 43
content-type: image/gif

Redirect headers

location: https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&vxii_pid=12&vxii_pid1=10067&vxii_rcid=b8ae2b3e-ffd0-4ef3-9c9f-3e2800fd60da
date: Wed, 03 Jan 2024 07:28:45 GMT
content-type: text/html; charset=utf-8
content-length: 211
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8A8F
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=540245193&val=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&gdpr=0&gdpr_consent=
https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&gdpr=0&gdpr_consent=

43 B
171 B

58ms
57ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&gdpr=0&gdpr_consent=
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 07:28:45 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&gdpr=0&gdpr_consent=
date: Wed, 03 Jan 2024 07:28:45 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 Martin
crb.kargo.com/api/v1/dsync/ Frame 8A8F 43 B
359 B 257ms
36ms Image
image/gif 34.199.50.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/Martin?exid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&gdpr=0&gdpr_consent=
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.50.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-50-181.compute-1.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 07:28:45 GMT
x-accel-expires: 0
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 204 sync
sync.bfmio.com/ Frame 8A8F 0
425 B 302ms
43ms Image
text/plain 52.73.1.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=187&uid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&gdpr=0&gdpr_consent=
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.1.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-1-8.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 03 Jan 2024 07:28:44 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8A8F
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=4d015793671c14ed&is_secure=true&networkId=17100&version=1&nuid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFribkwlBA5wMYTNG7AAAAAAA&expiration=1704353325&nuid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&...

42 B
375 B

29ms
29ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFribkwlBA5wMYTNG7AAAAAAA&expiration=1704353325&nuid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&is_secure=true&gdpr_consent=&gdpr=0
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 03 Jan 2024 07:28:44 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 07:28:45 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFribkwlBA5wMYTNG7AAAAAAA&expiration=1704353325&nuid=75D8FBE6-12FA-4625-ADD2-EDAB7C317F51&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H/1.1

200
OK

sn.ashx
pmp.mxptint.net/ Frame 8A8F
Redirect Chain

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CAB_10EB2C41F_D1BF51C5&r=https://pmp.mxptint.net/sn.ashx?ak=1
https://pmp.mxptint.net/sn.ashx?ak=1

43 B
266 B

33ms
33ms

Image
image/gif

38.68.201.140
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pmp.mxptint.net/sn.ashx?ak=1

Requested by

Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram

Protocol

HTTP/1.1

Server

38.68.201.140 Ashburn, United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=-387271725; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires: -1
Pragma: no-cache
Date: Wed, 03 Jan 2024 07:28:44 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=-387271725; includeSubDomains
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://pmp.mxptint.net/sn.ashx?ak=1
date: Wed, 03 Jan 2024 07:28:43 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 8A8F 0
35 B 259ms
38ms Image
text/plain 3.223.16.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.16.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-16-170.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:28:45 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8A8F
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4278568244899564815&gdpr=0&gdpr_consent=&us_privacy=

1 B
280 B

34ms
33ms

Image
text/html

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4278568244899564815&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 02 Jan 2024 20:58:06 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4278568244899564815&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 03 Jan 2024 07:28:44 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 8A8F
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=35830fbf-51fa-4f5d-b539-47d4f58f71ef-65950cad-5553&gdpr=0&gdpr_consent=

42 B
265 B

29ms
29ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=35830fbf-51fa-4f5d-b539-47d4f58f71ef-65950cad-5553&gdpr=0&gdpr_consent=
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 03 Jan 2024 07:28:45 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 07:28:45 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=35830fbf-51fa-4f5d-b539-47d4f58f71ef-65950cad-5553&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3 200 popunder.gif
yistkechauk.org/ Frame ABE6 35 B
494 B 24ms
23ms Image
image/gif 172.67.161.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yistkechauk.org/popunder.gif
Requested by: Host: www.tg-me.com
URL: https://www.tg-me.com/us/Telegram+News/com.telegram/webview?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Wed, 03 Jan 2024 07:28:45 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Jan 2024 01:40:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 20888
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0PTxN6OW27F12Lms%2FzepL9sI2qD8%2FJfYFUtJcigZz%2FP0BKcCIsMUG%2Fw7NNxC0Jhb0nPA5CuqxpxSI6M0xMWtPdjrckpY0G1AwLXJsYDyOEFE1GibquWmFpNOTWu8LHimpc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 83f986dcc914a1db-YYZ
alt-svc: h3=":443"; ma=86400

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 45ms
44ms Ping
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H9DDVMTLKY&gtm=45je3bt0v882766043&_p=1704266921416&gcd=11l1l1l1l1&dma=0&cid=311929231.1704266922&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1704266921&sct=1&seg=0&dl=https%3A%2F%2Fwww.tg-me.com%2Fus%2FTelegram%2BNews%2Fcom.telegram&dt=Telegram%20News%20Telegram&en=scroll&epn.percent_scrolled=90&_et=6&tfd=8353
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H9DDVMTLKY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.tg-me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 07:28:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tg-me.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame 61AD
Redirect Chain

https://www.facebook.com/v8.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cc018fb0cdf14%26domain%3Dwww.tg-me.com%2...
https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cc018fb0cdf14%26domain%3Dwww.tg-me.com%26is_ca...
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cc018fb0cdf14%26domain%3Dwww.tg-me.com%26is_ca...

178 KB
37 KB

131ms
131ms

Document
text/html

2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cc018fb0cdf14%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff2e7628aafdf67%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2FTelegram%2BNews%2Fcom.telegram&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=52361bd515bff3d7f74c7d2d167d2ebc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

abe2a8a6829dbc56b71245082b1a6760bd4b13df50fedfcf17bc7cfe5fff4170

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tg-me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Wed, 03 Jan 2024 07:28:46 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 4P6S0ErKgseZgIMHUzmGAux0X60qEnvxifZ64mDsP7Q3dZh493oCqqpN58TaUc9q2k89oT7F+1AvAMJCTDao3Q==
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 03 Jan 2024 07:28:46 GMT
location: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cc018fb0cdf14%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff2e7628aafdf67%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2FTelegram%2BNews%2Fcom.telegram&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width
origin-agent-cluster: ?0
priority: u=0,i
reporting-endpoints
strict-transport-security: max-age=15552000; preload
x-fb-debug: dNX3SohYJ01PJV1GTviOexnkzSGbEIPRoihUnRHeYc2o6SO4SN6fKtXydg6ICOJRKjBYxGc5Wi7BNu+s9mq+Vg==

GET 575079340d.mp4
cdn1.cdn-telegram.org/file/ Frame ABE6 0
0

GET
H2 200 Mk94vMMnE0_.css
static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/ Frame 61AD 721 B
591 B 131ms
67ms Stylesheet
text/css 2a03:2880:f012:10c:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/Mk94vMMnE0_.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cc018fb0cdf14%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff2e7628aafdf67%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2FTelegram%2BNews%2Fcom.telegram&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 03 Jan 2024 07:28:47 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 8PXgZwd+47LIQZAIO7K6FA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 393
reporting-endpoints
x-fb-debug: CQBGCzPoX7BoRMfqnNgF4Ip1Jj5ESqKhIkO9I9yr4guRZzlThPfITwNvAK+fQHyILCp3IXceC/3NhODnVR88og==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 31 Dec 2024 01:28:45 GMT

GET
H2 200 OkQEuDSv139.css
static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/ Frame 61AD 110 KB
19 KB 93ms
30ms Stylesheet
text/css 2a03:2880:f012:10c:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/OkQEuDSv139.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

077ba19da8900544b2adaca3f2da24093b15b172bdd262cb65dde9eb84f3188a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 03 Jan 2024 07:28:47 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 2DOqnFPPeWyHmYcrdmZmcg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18936
reporting-endpoints
x-fb-debug: RBK5XUETHOAPDlbejEgLzvAul3iZ9Z45wWXANf8RyxQtMQoqfaJS5XvHKdaPHGC01q83BykIcpYd+8tYoQDGgQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 31 Dec 2024 17:35:36 GMT

GET
H2 200 cURB-vlgrTv.js
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame 61AD 353 KB
0 175ms
112ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/cURB-vlgrTv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 03 Jan 2024 07:28:47 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: o4gFY0UieA05p/qPG2b3Mg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93563
reporting-endpoints
x-fb-debug: B2beqfOSwA3jtqCUYTR8dzWf1u6fvXxV86Huby18n/n4Bqx8Io90SeaMtYWgSRRYjAxLopB/+coo9JQ5b+wRQQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 01 Jan 2025 23:10:47 GMT

GET
H2 200 nqAOgRwO4r-.js Show response
static.xx.fbcdn.net/rsrc.php/v3ij9m4/ye/l/en_GB/ Frame 61AD 149 KB
42 KB 157ms
94ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ij9m4/ye/l/en_GB/nqAOgRwO4r-.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

ed22f60a0a54b63f84e742330ddc053dc8aa72cabf2023afab6459a61ddba040

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 03 Jan 2024 07:28:47 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6Btj4dzDDBUIVwYp8KbPiQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 42759
reporting-endpoints
x-fb-debug: Ja/zOET55aYW+jlLeEytyCpmBVidVSGnndaIZVXwiOqCkisHqLFh0LOFSd9D8vW0ZTZ9A1RQBsvdWfgVRo5+5A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 01 Jan 2025 03:51:36 GMT

GET
H2 200 hGLWAN2qwB7.js Show response
static.xx.fbcdn.net/rsrc.php/v3iMWt4/y_/l/en_GB/ Frame 61AD 1 MB
283 KB 174ms
111ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iMWt4/y_/l/en_GB/hGLWAN2qwB7.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

f66b69f48b6cc2d70e1141f6fffb1434dfb7e9ac0edcf202cc10c3fad6ee6e89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 03 Jan 2024 07:28:47 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: tBZ0iGq1Kw/9wogCIXwYvA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 288946
reporting-endpoints
x-fb-debug: qZSGmvA78xY22JwkxgxdgPNjYAOYPocf55FulhxoGsogZ0+42FT5gKgPPu4xSyUV8MegTt16yQiUPj2qj4TRzw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 02 Jan 2025 01:56:08 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 61AD 507 B
488 B 129ms
66ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 03 Jan 2024 07:28:47 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: yn8T7iP3FdcM5eoLpyLKCc3Jr3ECjl5SirPq3Gv6alzw8ycgYT+n5PKlIruuoLuApYUCU78PH6tjRs/l2b+ubQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 19 Dec 2024 20:06:55 GMT

GET
H2 200 UJXYgemRRzw.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame 61AD 32 KB
10 KB 121ms
59ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/UJXYgemRRzw.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

50ee3d45d8548f00dafb5e53efa12a3d1b4206695f070f141a0e331b8fece453

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 03 Jan 2024 07:28:47 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cOPHLCh2gOQj620M1pJW+w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9833
reporting-endpoints
x-fb-debug: y5x7Kl7tL6YJJV+Etxnvzker+ViAm9vA4WNvZ/Cf3BjTqnDiniLDVYBMvdiUPsU63h8nUdlqkZ6geGkm8/X3+w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 23 Dec 2024 16:38:25 GMT

GET
H2 200 A26OeqL15Mp.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ Frame 61AD 58 KB
16 KB 149ms
87ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yJ/r/A26OeqL15Mp.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

d6cddb0acb8765d10d69cd416b80ae7c8a9cb35333f4569c4aac932c2e396ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 03 Jan 2024 07:28:47 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: hAHu/efVQlxvbPr8YcLnNg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16011
reporting-endpoints
x-fb-debug: gm9FWbddgPvEQAaEgvE6CwssuCkTClfennoYT46gCf3t4hylddcYhen2bpYEdrh2yrb54ldiftDXz8zjaMZI7A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 27 Dec 2024 23:41:47 GMT

GET
H2 200 5GNyB6TDiVZ.js Show response
static.xx.fbcdn.net/rsrc.php/v3iCwx4/yU/l/en_GB/ Frame 61AD 44 KB
13 KB 129ms
67ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iCwx4/yU/l/en_GB/5GNyB6TDiVZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

0e486b72c643803b3be1e9831107d7e5eb6c2d4b92c5ed2db34be933ef118513

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 03 Jan 2024 07:28:47 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 35nEkQrciWmxhRqQ2fGYHA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13333
reporting-endpoints
x-fb-debug: FBIzi0sn++2i6AngzXIVIPPhdDUNSFzkQhHAOoRAxXSHCzjz4MJ8QNTZOK7JyxB5K9QAEq4dqtQQ5awxOm06dA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 02 Jan 2025 06:17:47 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: telegram
URL: https://telegram%20news/com.telegram.org/img/emoji/40/E2AD90.png

Domain: telegram
URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F8FA1.png

Domain: telegram
URL: https://telegram%20news/com.telegram.org/img/emoji/40/E29D84.png

Domain: telegram
URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F9A97.png

Domain: telegram
URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F8CB2.png

Domain: telegram
URL: https://telegram%20news/com.telegram.org/img/emoji/40/E29883.png

Domain: telegram
URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F9BB7.png

Domain: telegram
URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F9494.png

Domain: telegram
URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F8E84.png

Domain: telegram
URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F8E81.png

Domain: telegram
URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09FA7A6.png

Domain: telegram
URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F8DAA.png

Domain: telegram
URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F8E85.png

Domain: telegram
URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F8EA9.png

Domain: telegram
URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F9882.png

Domain: telegram
URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F918B.png

Domain: telegram
URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F8C9F.png

Domain: telegram
URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F95AF.png

Domain: telegram
URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09FA5B6.png

Domain: telegram
URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F91BC.png

Domain: telegram
URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F94A4.png

Domain: cdn1.cdn-telegram.org
URL: https://cdn1.cdn-telegram.org/file/575079340d.mp4?token=H9kOXPIDR-LxTtgJwDu-635tqX4Q-D2Y1qhvHr9lHqfjPPYywjbbI_gcT6qWxkKbTidgEC6CDBNAdLcLuii1K7_EwlDJsIcPmgsxvocDHcwE0RfIkny0GMe47Z-cxIC9ND3pSup_7jw9exSYZHfYF1QXHVRKCsWhwpNDvMn0ig-ni6TsONNp-Xa32Kd8ZuN1CwK-E_0Qz5O3bKVfeBrxUbw7xxgst48FJgm4n2KKPSg6djvzoaokWJ6epRO-VzTQKc0uT9xxNpizToVSd9QkVUmOw_zfU-RE2nEV_vAomk1MefoMgNLLb3WydgSEV9Gv1eHmff3Es_QIYtBtm9xoEA

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

108 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.innity.com/	1970-01-20 17:25:53	Name: iGEO Value: US%7ENY
.innity.com/	1970-01-21 03:00:26	Name: iUUID Value: f2bb895346ba119aabdc4f1adae334bc
.tg-me.com/	1970-01-21 03:00:26	Name: _ga Value: GA1.1.311929231.1704266922
.innity.com/	1970-01-20 17:25:53	Name: iSync Value: 1
.www.tg-me.com/	1970-01-20 17:25:53	Name: freq.5e661e8b47e7043d03000003 Value: 1
.www.tg-me.com/	1970-01-20 17:25:53	Name: freq.5f462d2c47e7044a01000002 Value: 1
.www.tg-me.com/	1970-01-20 17:25:53	Name: freq.65279e2647e7041906000000 Value: 1
.pubmatic.com/	1970-01-21 02:10:02	Name: KADUSERCOOKIE Value: 75D8FBE6-12FA-4625-ADD2-EDAB7C317F51
.deepintent.com/	1970-01-21 03:00:26	Name: CDIUSER Value: di_6dd006fcb9384423b2871
.deepintent.com/	1970-01-21 03:00:26	Name: CDIPARTNERS Value: %7B%221%22%3A%2220240103%22%7D
.simpli.fi/	1970-01-21 02:11:29	Name: suid Value: B650E4619727464B94F3E35E9B35A6B7
.3lift.com/	1970-01-20 19:34:02	Name: tluid Value: 1282629991020154658570
.tapad.com/	1970-01-20 18:50:50	Name: TapAd_TS Value: 1704266922276
.tapad.com/	1970-01-20 18:50:50	Name: TapAd_DID Value: 52de7b38-f135-4d9a-b891-8965b4e40076
.adsrvr.org/	1970-01-21 02:11:29	Name: TDID Value: a9e24617-9faf-4e3d-8c2b-e0b124563b02
.yahoo.com/	1970-01-21 02:10:24	Name: A3 Value: d=AQABBKoMlWUCEMVXVnZL0mToVUubzYkqwsUFEgEBAQFelmWeZdxH0iMA_eMAAA&S=AQAAAtFPrW_L80b0rFwn6_zKvQc
.amazon-adsystem.com/	1970-01-20 23:56:07	Name: ad-id Value: A-gqbUo1uU5ci0q09VQQALE
.amazon-adsystem.com/	1970-01-21 03:00:26	Name: ad-privacy Value: 0
.doubleclick.net/	1970-01-21 03:00:26	Name: IDE Value: AHWqTUkcEYWm5L2QUzHiqkx7Vgu_zCxj226IrEOuazoit5Z_6CGCrcsbUHVkDaXXZFI
.bidr.io/	1970-01-21 02:52:56	Name: bito Value: AAGkQU7LKhkAABaMGDBQ3g
.bidr.io/	1970-01-21 02:52:56	Name: bitoIsSecure Value: ok
.pubmatic.com/	1970-01-20 18:07:38	Name: KRTBCOOKIE_148 Value: 19421-uid:B650E4619727464B94F3E35E9B35A6B7&KRTB&23486-uid:B650E4619727464B94F3E35E9B35A6B7&KRTB&23489-uid:B650E4619727464B94F3E35E9B35A6B7&KRTB&23539-uid:B650E4619727464B94F3E35E9B35A6B7
.pubmatic.com/	1970-01-20 19:34:02	Name: KRTBCOOKIE_80 Value: 22987-CAESEBC7uIdt55I7TmdQ6lUbymk&KRTB&23025-CAESEBC7uIdt55I7TmdQ6lUbymk&KRTB&23386-CAESEBC7uIdt55I7TmdQ6lUbymk
.analytics.yahoo.com/	1970-01-21 02:10:02	Name: IDSYNC Value: 18z8~2fyv
.adsrvr.org/	1970-01-21 02:11:29	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwjepKPR9I3GPBAFEhQKBXRhcGFkEgsI-tDp0fSNxjwQBRgBIAEoAjILCJrH7P6KjsY8EAU4AVoFdGFwYWRgAg..
.ipredictive.com/	1970-01-21 02:10:02	Name: cu Value: dd23d9c5-ee2b-4efe-b1a8-d27a906b57aa\|1704266922426
.pubmatic.com/	1970-01-20 19:34:02	Name: KRTBCOOKIE_377 Value: 6810-a9e24617-9faf-4e3d-8c2b-e0b124563b02&KRTB&22918-a9e24617-9faf-4e3d-8c2b-e0b124563b02&KRTB&22926-a9e24617-9faf-4e3d-8c2b-e0b124563b02&KRTB&23031-a9e24617-9faf-4e3d-8c2b-e0b124563b02
pogothere.xyz/	1970-01-21 02:02:50	Name: csu Value: 840744478000062@1@1704266922
.pubmatic.com/	1970-01-20 18:07:38	Name: KRTBCOOKIE_279 Value: 22890-dd23d9c5-ee2b-4efe-b1a8-d27a906b57aa&KRTB&23011-dd23d9c5-ee2b-4efe-b1a8-d27a906b57aa&KRTB&23355-dd23d9c5-ee2b-4efe-b1a8-d27a906b57aa
.tapad.com/	1970-01-20 18:50:50	Name: TapAd_3WAY_SYNCS Value: 1!79
.smartadserver.com/	1970-01-21 02:54:41	Name: pid Value: 8876973003597357306
.smartadserver.com/	1970-01-21 02:54:41	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 02:11:29	Name: csync Value: 127:AAGkQU7LKhkAABaMGDBQ3g
.technoratimedia.com/	1970-01-21 03:00:26	Name: tads_uidp_16 Value: 1547975003335
.technoratimedia.com/	1970-01-21 03:00:26	Name: tads_uidp_37 Value: 998b9e8e-8ce3-3747-a043-3b771ab547ab
.technoratimedia.com/	1970-01-21 03:00:26	Name: tads_uidp_44 Value: KULGUCH5-19-LS6R
.technoratimedia.com/	1970-01-21 03:00:26	Name: tads_uidp_45 Value: A6016292-7C09-4AAF-B0D3-62E359EF2284
.technoratimedia.com/	1970-01-21 03:00:26	Name: tads_uidp_46 Value: 7275403011361990079
.technoratimedia.com/	1970-01-21 03:00:26	Name: tads_uidp_48 Value: d25fe073-ef08-44b5-936e-519782a87488
.technoratimedia.com/	1970-01-21 03:00:26	Name: tads_uidp_49 Value: AAAB2qs0N-8NGwN6rYA3AAAAAAA
.technoratimedia.com/	1970-01-21 03:00:26	Name: tads_uidp_50 Value: ddb7c380-c9d3-4556-8312-02a14a2e0acf
.technoratimedia.com/	1970-01-21 03:00:26	Name: tads_uidp_61 Value: 212406105649451
.technoratimedia.com/	1970-01-21 03:00:26	Name: tads_uidp_62 Value: 3472590716634218000V10
.technoratimedia.com/	1970-01-21 03:00:26	Name: tads_uidp_64 Value: 03Zk-J7g-X-LVgv2ej2caJoYa5EMoQ8p
.technoratimedia.com/	1970-01-21 03:00:26	Name: tads_uidp_7 Value: 74b8f135-0cc3-44a1-8ad6-bf9afbf23fa9
.technoratimedia.com/	1970-01-21 03:00:26	Name: tads_uidp_70 Value: 1674043991941-957306093047-001464-009-005972
.technoratimedia.com/	1970-01-21 03:00:26	Name: tads_uidp_73 Value: AAGkQU7LKhkAABaMGDBQ3g
.technoratimedia.com/	1970-01-21 03:00:26	Name: tads_uidp_76 Value: RX-41821f57-c782-4ecd-8e88-52524ab4599e-005
.technoratimedia.com/	1970-01-20 17:28:46	Name: tads_uidp_77 Value: BWKd5WLUkj8SQR8QZf3QeHgkp9os5bgJI2FilAmSNeY
.technoratimedia.com/	1970-01-20 17:28:46	Name: tads_uidp_79 Value: d1d972d5-08fa-4c26-9f56-2e49833cdbbd
.technoratimedia.com/	1970-01-20 17:28:46	Name: tads_uidp_80 Value: y-emw3Xb5E2uHyLGReBNKPs3NxTmuRwpPg~A
.technoratimedia.com/	1970-01-20 17:28:46	Name: tads_uidp_82 Value: YWManw57CNBkCMn8TV9a9gAA&468
.technoratimedia.com/	1970-01-20 17:28:46	Name: tads_uidp_83 Value: ELWDeiSWkKiw
.technoratimedia.com/	1970-01-20 17:28:46	Name: tads_uidp_88 Value: 4284442991872749534107
.technoratimedia.com/	1970-01-21 03:00:26	Name: tads_uidp_90 Value: 62420b2c-93b6-4958-86ee-d0a539a95879
.technoratimedia.com/	1970-01-20 17:28:46	Name: tads_uidp_91 Value: 6493335838109300398brt76151639261561881074b6
.technoratimedia.com/	1970-01-21 03:00:26	Name: tads_uid Value: 8CE378EAE95441B39DD53EA5D416451C
.technoratimedia.com/	1970-01-21 03:00:26	Name: tads_uid_cd Value: 20230814222851+0000
.technoratimedia.com/	1970-01-21 03:00:26	Name: tads_zora Value: 2
.technoratimedia.com/	1970-01-20 17:25:53	Name: envelope_liveramp.com Value: 1693142250488
avd.innity.com/	1970-01-20 17:25:53	Name: geo Value: NA%3BUnited%20States%3BUS%3B%3B%3B
.bidswitch.net/	1970-01-21 02:10:02	Name: tuuid Value: ee41876f-4704-476d-8848-1b48c3febeeb
.bidswitch.net/	1970-01-21 02:10:02	Name: c Value: 1704266923
.bidswitch.net/	1970-01-21 02:10:02	Name: tuuid_lu Value: 1704266923
.contextweb.com/	1970-01-21 02:02:50	Name: V Value: d8IwMEnhYfKa
.contextweb.com/	1970-01-21 02:10:02	Name: pb_rtb_ev Value: 3-1owq\|7dN.0.AAGkQU7LKhkAABaMGDBQ3g
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 021193bd698dd205
.pubmatic.com/	1970-01-20 19:34:02	Name: KRTBCOOKIE_699 Value: 22727-AAGkQU7LKhkAABaMGDBQ3g
.tg-me.com/	1970-01-21 03:00:26	Name: iUUID Value: f2bb895346ba119aabdc4f1adae334bc
.tg-me.com/	1970-01-20 17:24:28	Name: innity.dmp.0.sess.id Value: 119541599.0.1704266923395
.tg-me.com/	1970-01-20 17:25:53	Name: innity.dmp.cks.innity Value: 1
.tg-me.com/	1970-01-21 03:00:26	Name: _ga_H9DDVMTLKY Value: GS1.1.1704266921.1.1.1704266924.0.0.0
.tg-me.com/	1970-01-20 17:24:28	Name: innity.dmp.0.sess Value: 2.1704266923395.1704266923395.1704266924153
.pubmatic.com/	1970-01-20 18:07:38	Name: SPugT Value: 1704266924
.tg-me.com/	1970-01-20 17:24:28	Name: innity.dmp.1.sess Value: 1.1704266925122.1704266925122.1704266925122
.tg-me.com/	1970-01-20 17:24:28	Name: innity.dmp.1.sess.id Value: 119541599.1.1704266925122
.ads.pubmatic.com/	1970-01-20 17:25:53	Name: KCCH Value: YES
.tg-me.com/	1970-01-21 02:10:02	Name: cf_clearance Value: UvEfEmxa_vnstbK2VXNS59INBA8hN9H.NyM.jQcj7EU-1704266925-0-2-bd7e2088.f8d0ba39.d9e7b333-0.2.1704266925
.pubmatic.com/	1970-01-20 19:34:02	Name: chkChromeAb67Sec Value: 2
.pubmatic.com/	1970-01-20 17:25:53	Name: pi Value: 163515:4
.pubmatic.com/	1970-01-20 19:34:02	Name: DPSync3 Value: 1704844800%3A265%7C1704326400%3A248%7C1705449600%3A259_263_201_262_261_260
.pubmatic.com/	1970-01-20 19:34:02	Name: SyncRTB3 Value: 1704844800%3A223_2_15%7C1705449600%3A21_13_3_178_165_22_220_104_71_55_54_48_250_231_166_8%7C1705104000%3A63
.everesttech.net/	1970-01-21 02:10:02	Name: everest_g_v2 Value: g_surferid~ZZUMrQALt7iULQBH
.mxptint.net/	1970-01-21 03:00:26	Name: mxpim Value: R35CAB_10EB2C41F_D1BF51C5.1.000000000000000065950CAD
.pubmatic.com/	1970-01-20 18:07:38	Name: KRTBCOOKIE_52 Value: 22772-R35CAB_10EB2C41F_D1BF51C5&KRTB&23092-R35CAB_10EB2C41F_D1BF51C5
.sitescout.com/	1970-01-21 02:10:02	Name: ssi Value: 35830fbf-51fa-4f5d-b539-47d4f58f71ef#1704266925567
.adgrx.com/	1970-01-21 02:53:14	Name: ADGRX_UID Value: ba84da06-aa09-11ee-b5a6-b787ee51105f
.quantserve.com/	1970-01-20 19:34:02	Name: d Value: EIIBCwHoKvijAA
.quantserve.com/	1970-01-21 02:54:41	Name: mc Value: 65950cad-8d8fd-d93a1-06c47
.kargo.com/	1970-01-21 02:10:02	Name: ktcid Value: d74a5c1a-86eb-0640-524e-caf756b0af5e
.taptapnetworks.com/	1970-01-21 02:10:02	Name: SONATA_ID Value: csonata_8ef85975-0cd0-4b75-ba78-ef223dc7592d
.openx.net/	1970-01-21 02:10:02	Name: i Value: 46677fff-b0e8-4524-9657-50ff1c217687\|1704266925
.turn.com/	1970-01-20 21:43:38	Name: uid Value: 4278568244899564815
.sitescout.com/	1970-01-20 18:07:38	Name: _ssuma Value: eyI0NSI6MTcwNDI2NjkyNTU5NX0
.adnxs.com/	1970-01-20 19:34:02	Name: uuid2 Value: 4690175777796740270
.adgrx.com/	1970-01-20 17:25:53	Name: ADGRX_CM_PUBMATIC_BRIDGED Value: 1
.pubmatic.com/	1970-01-20 19:34:02	Name: KRTBCOOKIE_153 Value: 1923-1Dq3c9Js7yLPN-p-hGujIts873fPP7gl1jggKzIS&KRTB&19420-1Dq3c9Js7yLPN-p-hGujIts873fPP7gl1jggKzIS&KRTB&22979-1Dq3c9Js7yLPN-p-hGujIts873fPP7gl1jggKzIS&KRTB&23462-1Dq3c9Js7yLPN-p-hGujIts873fPP7gl1jggKzIS
.pubmatic.com/	1970-01-20 19:34:02	Name: KRTBCOOKIE_188 Value: 3189-35830fbf-51fa-4f5d-b539-47d4f58f71ef-65950cad-5553&KRTB&23418-35830fbf-51fa-4f5d-b539-47d4f58f71ef-65950cad-5553
.bfmio.com/	1970-01-21 02:10:02	Name: __187_cid Value: 75D8FBE6-12FA-4625-ADD2-EDAB7C317F51
.bfmio.com/	1970-01-21 02:10:02	Name: __io_cid Value: eda59d8cd276c627a35c2d0d3edea324b6e87ad2
.pubmatic.com/	1970-01-20 18:07:38	Name: KRTBCOOKIE_22 Value: 14911-4278568244899564815&KRTB&23150-4278568244899564815&KRTB&23527-4278568244899564815
.thrtle.com/	1970-01-20 22:12:26	Name: mc Value: eyJpZCI6ImI4YWUyYjNlLWZmZDAtNGVmMy05YzlmLTNlMjgwMGZkNjBkYSIsImwiOjE3MDQyNjY5MjU2MzIsInQiOjF9
.pubmatic.com/	1970-01-20 19:34:02	Name: KRTBCOOKIE_1003 Value: 22761-ba84da06-aa09-11ee-b5a6-b787ee51105f&KRTB&23275-ba84da06-aa09-11ee-b5a6-b787ee51105f
.pubmatic.com/	1970-01-20 19:34:02	Name: KRTBCOOKIE_466 Value: 16530-ee41876f-4704-476d-8848-1b48c3febeeb
.pubmatic.com/	1970-01-20 19:34:02	Name: KRTBCOOKIE_57 Value: 22776-4690175777796740270&KRTB&23339-4690175777796740270
.dotomi.com/	1970-01-20 17:24:26	Name: DotomiTest Value: 4d015793671c14ed
.pubmatic.com/	1970-01-20 19:34:02	Name: KRTBCOOKIE_32 Value: 11175-AAAFribkwlBA5wMYTNG7AAAAAAA&KRTB&22713-AAAFribkwlBA5wMYTNG7AAAAAAA&KRTB&22715-AAAFribkwlBA5wMYTNG7AAAAAAA&KRTB&23519-AAAFribkwlBA5wMYTNG7AAAAAAA
.pubmatic.com/	1970-01-20 18:07:38	Name: PugT Value: 1704266924

40 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://cdn.innity.net/admanager.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://as.innity.com/synd/?cb=1704266920288&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93378&output=js&flash=0&url=www.tg-me.com&width=&height=&vpw=1600&vph=1200&auction=33675fa-22520b2&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL1RlbGVncmFtK05ld3MvY29tLnRlbGVncmFt, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.innity.net/admanager.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://as.innity.com/synd/?cb=1704266920288&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93378&output=js&flash=0&url=www.tg-me.com&width=&height=&vpw=1600&vph=1200&auction=33675fa-22520b2&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL1RlbGVncmFtK05ld3MvY29tLnRlbGVncmFt, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.innity.net/admanager.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://as.innity.com/synd/?cb=1704266920291&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93380&output=js&flash=0&url=www.tg-me.com&width=&height=&vpw=1600&vph=1200&auction=33675fa-22520b2&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL1RlbGVncmFtK05ld3MvY29tLnRlbGVncmFt, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.innity.net/admanager.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://as.innity.com/synd/?cb=1704266921421&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98814&output=js&flash=0&url=www.tg-me.com&width=300&height=250&vpw=1600&vph=1200&auction=33675fa-22520b2&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL1RlbGVncmFtK05ld3MvY29tLnRlbGVncmFt, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.innity.net/admanager.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://as.innity.com/synd/?cb=1704266921421&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98814&output=js&flash=0&url=www.tg-me.com&width=300&height=250&vpw=1600&vph=1200&auction=33675fa-22520b2&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL1RlbGVncmFtK05ld3MvY29tLnRlbGVncmFt, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.innity.net/admanager.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://as.innity.com/synd/?cb=1704266921743&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98811&output=js&flash=0&url=www.tg-me.com&width=300&height=250&vpw=1600&vph=1200&auction=33675fa-22520b2&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL1RlbGVncmFtK05ld3MvY29tLnRlbGVncmFt, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn.innity.net/admanager.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://as.innity.com/synd/?cb=1704266921743&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98811&output=js&flash=0&url=www.tg-me.com&width=300&height=250&vpw=1600&vph=1200&auction=33675fa-22520b2&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL1RlbGVncmFtK05ld3MvY29tLnRlbGVncmFt, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://as.innity.com/synd/?cb=1704266921743&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98811&output=js&flash=0&url=www.tg-me.com&width=300&height=250&vpw=1600&vph=1200&auction=33675fa-22520b2&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL1RlbGVncmFtK05ld3MvY29tLnRlbGVncmFt Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://grid.bidswitch.net/adj?auid=373595, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://as.innity.com/synd/?cb=1704266921743&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98811&output=js&flash=0&url=www.tg-me.com&width=300&height=250&vpw=1600&vph=1200&auction=33675fa-22520b2&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL1RlbGVncmFtK05ld3MvY29tLnRlbGVncmFt Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://grid.bidswitch.net/adj?auid=373595, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2075D8FBE6-12FA-4625-ADD2-EDAB7C317F51&rnd=RND Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0CcKJ7vb2GOXvztGX7qgYXRNQx_9KSbg0Sny8S6Gdb6ih-ny6RC96so4DlVmqPnuQgufolhQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1157709681%3A1704266922982719&theme=glif Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1THAFgFHSJDRWBwn4eZf24tiRQrfZRg8jAHcUcv72GpUap3vTBjgJ3rd-b2Wtf96sk_ygp&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S688240098%3A1704266923067671&theme=glif Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://telegram%20news/com.telegram.org/img/emoji/40/E2AD90.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F8FA1.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://telegram%20news/com.telegram.org/img/emoji/40/E29D84.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F9A97.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F8CB2.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://telegram%20news/com.telegram.org/img/emoji/40/E29883.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F9BB7.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F9494.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F8E84.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F8E81.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09FA7A6.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F8DAA.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F8E85.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F8EA9.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F9882.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F918B.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F8C9F.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F95AF.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09FA5B6.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F91BC.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://telegram%20news/com.telegram.org/img/emoji/40/F09F94A4.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn1.cdn-telegram.org/file/v8cEKLZDeDfO9XoLvSbL0O76uS-6zDgHD67bjLffW7F1b_IZYWbDhLx5Blh2U0wXNbC6jXDgOVCF7F5Rlxd5LFvePhliCSEp8IODWKulUfVEhEXjGiujOyndRb1f4fbTUVMlRai7W03jsq452pckpPuxFBXjyANu423qzInevFzmImEalEItZNYopsgdla-E_WR6gL33HvckimJ2XX7hwEBEpXXpQCav-VnG6chSZC6kckb3GCoEQ6v9Ld01CygbRy2BHsppHqIUc-PNkJMZMQDiyVplZCD6cHA-OUQ1XLwcaTezk59LH5SasSIENJq19WIzbadiCGccDedrjgDX8A Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn1.cdn-telegram.org/file/2a91e76d9c.mp4?token=N0RQT-JxlQUm3lA5Xke2M7hz39LHTn1jIrZqd0Y1vwYNXFasqKZt1gJvo341vsHSWtl31VcNAmbxyLbwFSaaUtn_e_I7Fqiwkcs831wq2-SbUOHvAfCh41hzrsfvINN1wvnGUIHkQX4dL4mlnAr6nmIF1xyCSYv45IWt0BskhwbnOqjS4XSx79ktbfGeNiu7yrFR56QUaorQmQOIY5eIYFH8E-1lFkqeS2efAwh891C9ATEgrYttzcOtaevdbKgfzUoVpwQXp4Sckau_K64NUDO9p4yqcQsUxcB74UkGxGgxCp086uPrM6wdRwjHGs-nN32FWSWyt-l4HkM6AAV5nw Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn1.cdn-telegram.org/file/2a91e76d9c.mp4?token=N0RQT-JxlQUm3lA5Xke2M7hz39LHTn1jIrZqd0Y1vwYNXFasqKZt1gJvo341vsHSWtl31VcNAmbxyLbwFSaaUtn_e_I7Fqiwkcs831wq2-SbUOHvAfCh41hzrsfvINN1wvnGUIHkQX4dL4mlnAr6nmIF1xyCSYv45IWt0BskhwbnOqjS4XSx79ktbfGeNiu7yrFR56QUaorQmQOIY5eIYFH8E-1lFkqeS2efAwh891C9ATEgrYttzcOtaevdbKgfzUoVpwQXp4Sckau_K64NUDO9p4yqcQsUxcB74UkGxGgxCp086uPrM6wdRwjHGs-nN32FWSWyt-l4HkM6AAV5nw Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3p2pgb7RT-et0lKpQhus0rn34K3FmxCEKGJo8KZPUPNE6yfjxZjCwt1Zg5ACus5cjxie5M&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-771514079%3A1704266925213000&theme=glif Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1wcxfdhDZwNfUjW_No_aldEOdHU2rdY5_wrmlR7N_2xzvrs2BP33SpcLauNgXt9Q_CmLmz&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S2097738661%3A1704266925119423&theme=glif Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acceptable.a-ads.com
accounts.google.com
ad.turn.com
ads.pubmatic.com
as.innity.com
avd.innity.com
avd.innity.net
bh.contextweb.com
cdn.innity.net
cdn1.cdn-telegram.org
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
crb.kargo.com
d37tb4r0t9g99j.cloudfront.net
eb2.3lift.com
grid.bidswitch.net
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img.tg-me.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
moonheappyr.com
optimize.innity.com
optimize2.innity.com
photo.tg-me.com
pixel-sync.sitescout.com
pixel.tapad.com
pmp.mxptint.net
pogothere.xyz
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
rtb-csync.smartadserver.com
rtb.adentifi.com
s.amazon-adsystem.com
s7.addthis.com
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssl-avd.innity.net
static.xx.fbcdn.net
sync-tm.everesttech.net
sync.bfmio.com
sync.ipredictive.com
sync.technoratimedia.com
telegram
thrtle.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.tg-me.com
x.bidswitch.net
yistkechauk.org
cdn1.cdn-telegram.org
telegram
104.21.24.208
119.81.216.16
13.32.208.102
142.251.40.194
144.76.38.164
15.197.193.217
151.101.130.49
162.248.18.34
162.248.18.37
169.197.150.8
172.67.161.57
173.231.178.77
198.148.27.131
207.198.113.88
23.105.14.105
23.203.177.63
23.209.54.115
23.51.57.13
2600:1f18:4e9:5a01:b190:a784:2195:7e31
2600:9000:210b:ee00:9:81e3:f9c0:21
2603:c020:400d:3000:7130:bb0b:d7e:bee2
2606:4700:3037::6815:40c7
2606:ae80:1451:19::1400
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::200d
2607:f8b0:4006:816::200e
2620:112:f002:bbbb::21
2620:116:800b:21:b08a:1dc5:659b:4055
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f103:181:face:b00c:0:25de
3.223.16.170
3.225.218.10
34.111.113.62
34.111.15.3
34.199.50.181
35.194.66.159
35.211.178.172
35.211.93.27
35.244.159.8
38.68.201.140
40.76.134.238
44.219.82.214
47.250.12.214
47.254.199.63
50.17.254.219
52.223.22.214
52.46.128.147
52.73.1.8
52.86.74.151
54.146.98.73
68.67.160.75
8.218.26.252
8.28.7.81
8.28.7.83
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda
0223270cf3581102b039b72fb5507e357a7f122e5f55dfe6710f198962832590
03d0e8a81b76b97330c387401f890774b9d88750ea2d7b7d85da4851ca2ef3ac
047e8a3087729539ea3a0be160a2f2fdb4dcc21f9690e2ae5866d010af1e94c8
04d4d8b4595f2614f2dd7989d96c8fef9c6beed9cae74ce092f13d261a180e6d
077ba19da8900544b2adaca3f2da24093b15b172bdd262cb65dde9eb84f3188a
08b393cb87f028c1e6c12c346fbd70f7a9eee8b97d000ffe8a8fcbbde5f1eac2
0b8b8f7c41b69b113ad7c5e0915dbaad6b405ad762559c6ea69b5c485b198f18
0e486b72c643803b3be1e9831107d7e5eb6c2d4b92c5ed2db34be933ef118513
0e9567a7344ae70249d426ae80d68f3606e5f193d679d7bd5795b4fd13dc7846
0fa99b29f200fcdaaeae49aa9d7d1241f072cd04fdd06241e25a18dde2311ed0
116ae0d4bc21f6afd35f95a372d012c06f189e585b63e5815c755049d10ace7f
152732dba335c16fa7a48b4c6051701a957e702d371fbd00d4c8be0285de0394
1564de76f12335b86790a0aa52846be066e1945090183589e762537fe9464cfe
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c983c761fdf75fb946aa47edc930cbf2f88bc7948ebc7bc6f699aa19628eb8
1c26c0700d50c4bf66bd7c2e9618cd0e8d6cf8cc61bd1c4b8e63dde7ebbca243
1ceac9371ec6f4da3bf92f3d411bbeea28ecb6898cc6dd5c34793e6184003896
1dacb40a6bd2a5cd93380f50c073e162a34ff4049e99d94118babdaf6b349b7d
2d404eb1f767f21a06d748b86927c9b1a98da296821a9d3d241fe83b3945b3a5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e16cae9c69a42b5658f559d3daa77f6960c4eda605938b995a05bde6474ebb7
3254c77dcb58dc83b677c1fab3238de8a7c3943006643985c6bbc15dca414200
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f9f2e7f3e45fa77e6fcc81a0571c376c4f8a6e49de5c0fb890c9133b2c7aeb6
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4aa85434c5cd8c425d779bc1ddc5a2975592558a2afce31d4e7fdc977eef96f3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50ee3d45d8548f00dafb5e53efa12a3d1b4206695f070f141a0e331b8fece453
53fe7d39c572d9188a39b0cfbf8d7d68d25049ef7b9dfc1e024ba46bbd38c712
553457c15fb591b8701239ccf22db0c8ea7717522fe92c1bebcca225c649e22b
56774e2029289862e17c64b243ac49106ed48e771bc7d49c3fb3aa3631803fd1
572b7430baa972ba9711a99afe77792beb8fdc59b60cc800340a3e1f1f4527af
59af1cdc6b2e497ffa5f6c2edc98f44df086fe7be933b5d9b2e062f7bf8e9418
5b1319b48058262a1e83b6a9c81dc8dffa55837203a77401e7ddc3df4430adc0
5c1b8adff1fd7c2cdc9e2114d14afb02bc95e5f83f065715856ca7f24f05cd94
5d0481d3cf4bc68f17698bd59f71c32d784ef71b6f1d29ef8f58c3f141236d3b
5e043a68471b8fa27cd8d771a3ede3548eb1111dff4725088856dd1f5d59cfcf
637b4a8d95328034af7e48f62995ae823b8128dbd5696e71952dbe464d9197e4
63d9312ebf7f04f07c6d493ac77ae1b5a248d273dddb7171c6fcba4168a002b8
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6a9654e71938bbbd0859b8d354b0792a7286136527044e55661d6bd72a6981c4
6b0ee3b61fe0a5b35cde4ba10106b69e6f470f04c512be40f4e3e8444436be78
6bda77c658db6264264c14430c8dc4300b528c901836544babe6987f292074f6
6d82e21331aeb7b154ce45f18bc4a76893c17b1e2db85c4b40397fabfc0b023e
7004e9ae4f9726964c635759c7dc31f1d03dcc4c8c9669c4ee7d573b0d95d2cf
71f7f9a794e9467fe550136c5ecdd65f83345bb2c588e431b5607a29ba49c63a
72f875fd72333b45c137bfe5aed57c50900f88c96503e635c5ee7124794c6cb0
76bf228a948f84324a44bb664d7ec959bc6f5bcd79b5c0bbf8e12c110d3c45d2
7b1ba6e67e27cfb6caaeab89a20f656ffa837d4657f609ef99d3402d2f6b7263
80b329f025e359a54ff197bda74c74c530eaa4218079f756d3a4b8e688ab1cd9
82caa5ebaf5d0ab9ce3a22ba0c0f9c27a67e0e2bde0c98fb80e34c9dbaf17912
832b09488629b668ef6de9b3f7c674ef456fb2dbbf80d5d74c0f7da334d26a78
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f9b5f29cc0ecd7d94a539a9d43eb78417fa5d964302b70821f52a111f6cdcf1
95b4e9ce820122f8de8c83e64b4efa8013bb8db9b4fa7dfdb02f4cb47931303f
9709911218b377be3da0f3ce799a5f4074b45c8e76186e935f3d0b9ae1cbfebf
977a20ed93d5d2ced16a87f1892bc0f8de374a38e15050d360e103fb87dcccca
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99e3b84079b2557053a0844659e5eebabf5504ad0401b551a466ed4abbaeacbb
9c8e2788f67e273cb32b7290c1604bfab87c19a365b9200d83701a8eab9ad6cc
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a424b624519f437f8d07988f6be571b11e51e88b098b30866912300d7f3955da
a718b13d3fd81253de7f20c5b19de4a621574c09c43e2caaf38d5c8f57e23c22
a7471c3bf5dbd28cf1edceac3157c30c60c5dfed307620609255ecb88855a3f8
abe2a8a6829dbc56b71245082b1a6760bd4b13df50fedfcf17bc7cfe5fff4170
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae0a7281818db43ff600ba08a47ec7ab14a1ca445a7d2fded908c17072298584
baecc3508c6838397382402292fbe1331e2c405a6f5f71b17d03b1466aa7ce37
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbfd11be8ef21e1c20fcbb1a97d6e90e07784a8b824d4ff3e76b2600527388f9
bd21af8d422403bd8e42df9da7cda432c81c76da81e830d3571e17c5d0edbd8c
bf1db37f5ba79db58d9c710e2cd17edcc52da87ab14685a030e2bda11d90cbf9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c886556689c2545a7a04f45a73d746bbe6ec98053c0560dd79b5e022d277c94d
cdb27d7902719a05445f356ce91c915301334acae7cf77564da74ecb51fad5d2
ce76ecc04036bfc45db669dff776316954aed69c0cdc585ae84895feb006184b
d017da012e2658b78412555628ed5fbe42276d27db9a3b6efa550977de4dc524
d0a5b19e9550cc19dac92f5a4b1fe301cd6b5d4593a19a074b72ec5ffe16577c
d16227677095de7d78fe63b771b683b3f6bd1d559dbb82e4ab557c7bde2952ba
d6cddb0acb8765d10d69cd416b80ae7c8a9cb35333f4569c4aac932c2e396ea9
db0d1d4a88c5b5634835187cf09b3a9f1cf24afd47c0ce064cbc3ae6160c3ce1
dc60e6f6e60e1cc56e2ebfc8d51811b55fc04a29e0a383dfceba765c2e870ba6
df7cc140e66688011ad9040460d88f318ee9f20972e12f812ef8100b7e46e56d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9a0812f16f2f727b9edc9cc17f56b02c25280785f8e220d45b224dfc172b5f1
e9d627b37bb2437e38e178e2c5776d50a3163be9b0976526b4ab133922a34963
ed22f60a0a54b63f84e742330ddc053dc8aa72cabf2023afab6459a61ddba040
ee45620b6f37d05b7d9a6c4e99c2dcd0bfb9d6b476fbe473a9b60b185c421ce9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c8ae28caaea979ac1a1b6c668726fe721704bc34bf50d882cb35a212516cf7
f29471601251108bc682c20d5b2c5dc07b21ee6b9fd711d4229aae55b1e25a5c
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f66b69f48b6cc2d70e1141f6fffb1434dfb7e9ac0edcf202cc10c3fad6ee6e89
f9e500e53d3cc560a95504fb9def7a590996efd03ec4617a9933ed42e3affe08
fcbfe3701531c9c0a1cdf0f9adaf43370498a8a46185ec0639f844a14f1f5541
fcee70ee4dde68151cd2665fce43d542b0e11521ffeade1cab4ce9d17955f0a1
fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e
ff8bb48e9a326072aa26e7300806a9f5f12223e73158e1c75a1513cbd01ebc9e

www.tg-me.com Open in urlscan Pro 2606:4700:3037::6815:40c7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

225 Requests

80 %HTTPS

24 %IPv6

47 Domains

61 Subdomains

39 IPs

6 Countries

2477 kBTransfer

10822 kBSize

108 Cookies

1 Outgoing links

Page URL History

Redirected requests

225 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tg-me.com Open in urlscan Pro
2606:4700:3037::6815:40c7 Public Scan

Screenshot
Live screenshot

Full Image

225
Requests

80 %
HTTPS

24 %
IPv6

47
Domains

61
Subdomains

39
IPs

6
Countries

2477 kB
Transfer

10822 kB
Size

108
Cookies

225 HTTP transactions
1 data transactions