telemetr.me Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

22 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

• https://mc.yandex.ru/watch/46317153?wmode=7&page-url=https%3A%2F%2Ftelemetr.me%2Fcontent%2Fcybersquattingchannel&charset=utf-8&browser-info=pv%3A1%3Avf%3A1l80sle48p8z49iczwckpz%3Afp%3A1530%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A1%3Adp%3A0%3Als%3A1436415901661%3Ahid%3A1009615206%3Az%3A0%3Ai%3A20230321130350%3Aet%3A1679403831%3Ac%3A1%3Arn%3A573198161%3Arqn%3A1%3Au%3A1679403831520710299%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A23%2C55%2C1110%2C3%2C%2C0%2C%2C320%2C0%2C%2C%2C%2C1552%3Aco%3A0%3Acpf%3A1%3Ans%3A1679403829009%3Arqnl%3A1%3Ast%3A1679403831%3At%3A%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20CyberSquatting%20RU%20Alerts%20-%20cybersquattingchannel&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
• https://mc.yandex.ru/watch/46317153/1?wmode=7&page-url=https%3A%2F%2Ftelemetr.me%2Fcontent%2Fcybersquattingchannel&charset=utf-8&browser-info=pv%3A1%3Avf%3A1l80sle48p8z49iczwckpz%3Afp%3A1530%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A1%3Adp%3A0%3Als%3A1436415901661%3Ahid%3A1009615206%3Az%3A0%3Ai%3A20230321130350%3Aet%3A1679403831%3Ac%3A1%3Arn%3A573198161%3Arqn%3A1%3Au%3A1679403831520710299%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A23%2C55%2C1110%2C3%2C%2C0%2C%2C320%2C0%2C%2C%2C%2C1552%3Aco%3A0%3Acpf%3A1%3Ans%3A1679403829009%3Arqnl%3A1%3Ast%3A1679403831%3At%3A%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20CyberSquatting%20RU%20Alerts%20-%20cybersquattingchannel&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 48

• https://mc.yandex.ru/watch/1264547?wmode=7&page-url=https%3A%2F%2Ftelemetr.me%2Fcontent%2Fcybersquattingchannel&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A1l80sle48p8z49iczwckpz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A2%3Adp%3A1%3Als%3A953576563562%3Ahid%3A1009615206%3Az%3A0%3Ai%3A20230321130351%3Aet%3A1679403831%3Ac%3A1%3Arn%3A10487012%3Au%3A1679403831520710299%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1679403829009%3Arqnl%3A1%3Ast%3A1679403831%3At%3A%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20CyberSquatting%20RU%20Alerts%20-%20cybersquattingchannel&t=gdpr(14)mc(p-1)clc(0-0-0)lt(20200)aw(1)ti(2) HTTP 302
• https://mc.yandex.ru/watch/1264547/1?wmode=7&page-url=https%3A%2F%2Ftelemetr.me%2Fcontent%2Fcybersquattingchannel&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A1l80sle48p8z49iczwckpz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A2%3Adp%3A1%3Als%3A953576563562%3Ahid%3A1009615206%3Az%3A0%3Ai%3A20230321130351%3Aet%3A1679403831%3Ac%3A1%3Arn%3A10487012%3Au%3A1679403831520710299%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1679403829009%3Arqnl%3A1%3Ast%3A1679403831%3At%3A%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20CyberSquatting%20RU%20Alerts%20-%20cybersquattingchannel&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29lt%2820200%29aw%281%29ti%282%29

Request Chain 60

• https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389 HTTP 307
• https://an.yandex.ru/mapuid/arcspireis/c5d2fc2a40172ce8003242

Request Chain 61

• https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D HTTP 302
• https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1 HTTP 302
• https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14 HTTP 302
• https://acint.net/rmatch?dp=14&euid=3E03420A37AB19643200487E027E8503&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D HTTP 302
• https://an.yandex.ru/mapuid/sapeis/0100007F37AB1964DB0F533702F2AE4D

Request Chain 62

• https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
• https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1 HTTP 302
• https://an.yandex.ru/mapuid/betweendigitalis/54490527-036a-5350-8422-88ece03b23db

Request Chain 63

• https://yandex.ru/an/mapuid/adobedmp/ HTTP 302
• https://dpm.demdex.net/ibs:dpid=423652&dpuuid=537366DDEBCB7C4D HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=537366DDEBCB7C4D

Request Chain 64

• https://yandex.ru/an/mapuid/azerionis/ HTTP 302
• https://match.360yield.com/match?external_user_id=3B731D4665E030C2&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 66

• https://yandex.ru/an/mapuid/betweenx/ HTTP 302
• https://ads.betweendigital.com/match?bidder_id=161&external_user_id=7B985694C2C4D2FB HTTP 302
• https://ads.betweendigital.com/match?bidder_id=161&external_user_id=7B985694C2C4D2FB&crf=1

Request Chain 67

• https://yandex.ru/an/mapuid/blueseaxcom/ HTTP 302
• https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=C375EA7B14E2B04B

Request Chain 69

• https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=A84481E209B42BD9&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 70

• https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=A84481E209B42BD9&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 71

• https://yandex.ru/an/mapuid/google/?partner-tag=yandexru HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=A84481E209B42BD9&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 72

• https://yandex.ru/an/mapuid/operacom/ HTTP 302
• https://t.adx.opera.com/sync?vendor=60143&uid=598DA3D1827E5D74

Request Chain 74

• https://cm.tns-counter.ru/yacm HTTP 302
• https://an.yandex.ru/mapuid/mediascope/6995ff64d2272d0512662b4fc666997e6b0b8dfa998dde94ca95ae95356de4e5

Request Chain 77

• https://dmg.digitaltarget.ru/1/119/i/i?i=1679403830 HTTP 307
• https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1679403831403&i=1679403830 HTTP 307
• https://an.yandex.ru/mapuid/dmpamberdata/R6OMWkWNklC3zDZ73sN.

Request Chain 78

• https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID} HTTP 302
• https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D HTTP 302
• https://an.yandex.ru/mapuid/azerionis/a3b7f13b-d923-440a-b204-3458e4087efe HTTP 302
• https://match.360yield.com/match?external_user_id=a3b7f13b-d923-440a-b204-3458e4087efe&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 79

• https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D HTTP 301
• https://an.yandex.ru/mapuid/buzzooladspis/3205f733-85ca-4e09-4ccf-64c14460479b

Request Chain 80

• https://kimberlite.io/rtb/sync/yandex HTTP 307
• https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbuzzoola%3Fu%3D%24%7BUUID%7D%26f%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsoltadspis%252FZBmrN__DT9E%26n%3D1 HTTP 301
• https://kimberlite.io/rtb/sync/buzzoola?u=f82bfb96-db06-4f5a-46cf-aebee9121614&f=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FZBmrN__DT9E&n=1 HTTP 307
• https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZBmrN__DT9E HTTP 301
• https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZBmrN__DT9E HTTP 301
• https://tech.rtb.mts.ru/?dsp_uid=eac3f2fa-f292-441b-ac63-b3042d119efe&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D59%2526em%253D1%2526ssp%253Dkonnektu%2526id%253D%257BUSER_ID%257D HTTP 302
• https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D HTTP 302
• https://sm.rtb.mts.ru/em?next=59&em=1&ssp=konnektu&id= HTTP 301
• https://kimberlite.io/rtb/sync/mts?u=eac3f2fa-f292-441b-ac63-b3042d119efe HTTP 307
• https://an.yandex.ru/mapuid/soltadspis/ZBmrN__DT9E

Request Chain 81

• https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
• https://an.yandex.ru/mapuid/targetrtbis/

Request Chain 83

• https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/ HTTP 302
• https://an.yandex.ru/mapuid/hyperdspis/248c8f67-85ca-4cd9-ad44-63b447563570

Request Chain 84

• https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
• https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 85

• https://px.adhigh.net/p/cm/yandexssp HTTP 302
• https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
• https://an.yandex.ru/mapuid/getintentis/uPSGIZVSyB8n.AikABlGHBETR_Q

Request Chain 86

• https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 307
• https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=757632399 HTTP 302
• https://an.yandex.ru/mapuid/dmpweborama/4PhZxm0Rdk111zXT6t2OZe

Request Chain 88

• https://s.uuidksinc.net/match/501 HTTP 302
• https://an.yandex.ru/mapuid/kadamis/wKfDpFUicde26tdWkh0t

Request Chain 89

• https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
• https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
• https://tech.rtb.mts.ru/?dsp_uid=eac3f2fa-f292-441b-ac63-b3042d119efe&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Feac3f2fa-f292-441b-ac63-b3042d119efe HTTP 302
• https://an.yandex.ru/mapuid/mtsdspis/eac3f2fa-f292-441b-ac63-b3042d119efe

Request Chain 96

• https://sync.gonet-ads.com/match/yandex?id=[buyerUid] HTTP 302
• https://sync.gonet-ads.com/match/yandex?id=%5BbuyerUid%5D&chk=1 HTTP 302
• https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

Request Chain 97

• https://sync.upravel.com/yandex/sync HTTP 302
• https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
• https://an.yandex.ru/mapuid/upravelis/ece9d096-c970-42a6-b695-17923cb1a0df

Request Chain 98

• https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
• https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
• https://an.yandex.ru/mapuid/dmpaidatame/I56cv%2F5Nrq1jfF2TzeeRZw?sign=1573044936

Request Chain 99

• https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
• https://an.yandex.ru/mapuid/dmpsegmento/2b-4AWBNfr8J?sign=4026941075

Request Chain 100

• https://yandex-sync.rutarget.ru/sync HTTP 302
• https://an.yandex.ru/mapuid/rutargetis/zTsYjGI9-J5H

Request Chain 113

• https://strm.yandex.ru/vh-canvas-converted/vod-content/1276749371072432771/e0894fe4-e67edb70-37fe0eb5-199072d0/webm/VP8_426_240_500.webm?vsid=d2148ddabcc4aab98c2dba22f2f12a1db2314d46852fxVASx1854x1679403830 HTTP 302
• https://strm-m9-35.strm.yandex.net/vh-canvas-converted/vod-content/1276749371072432771/e0894fe4-e67edb70-37fe0eb5-199072d0/webm/VP8_426_240_500.webm?vsid=d2148ddabcc4aab98c2dba22f2f12a1db2314d46852fxVASx1854x1679403830&noredir=1&lid=178

Request Chain 136

• https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=OasZZJrdEv6H2fcP_PequAo&random=445219274&sscte=1&crd= HTTP 302
• https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=445219274&crd=&is_vtc=1&random=3359551677 HTTP 302
• https://www.google.nl/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=445219274&crd=&is_vtc=1&random=3359551677&ipr=y

Request Chain 137

• https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=OasZZLHbEuegzAa_5JDwCg&random=1517908050&sscte=1&crd= HTTP 302
• https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1517908050&crd=&is_vtc=1&random=2532324802 HTTP 302
• https://www.google.nl/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1517908050&crd=&is_vtc=1&random=2532324802&ipr=y

162 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request cybersquattingchannel Show response telemetr.me/content/	88 KB 12 KB	1188ms 1110ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7817e2c15a9b2170f8ee788d933ebc2b20643c2e6f9b997f2f08febaaab47893 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7ab665abe8140e30-AMS content-encoding br content-type text/html; charset=UTF-8 date Tue, 21 Mar 2023 13:03:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1POIQGyqftYE5RRVr7jKmDtcdAU8IZSHW9YUfCxIAzLJXwIoMf6y5XuaXCR4xXSjpkJCus0zjb9JkW1XZQj1Agfwhl0KXZJKTstK%2FRkaKYeQX0AbS2lVwjtfD3QAokvc3Zrs7sE9SusKA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; vary Accept-Encoding x-cache MISS
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	142 KB 48 KB	279ms 154ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e8b75a4696e4cb6848bf992121804f007ea880824b314cadee68dc1118a98c4b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48671 x-xss-protection 0 server cafe etag 3307607852211299945 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Tue, 21 Mar 2023 13:03:50 GMT
GET H2	200	context.js Show response yandex.ru/ads/system/	283 KB 84 KB	245ms 86ms	Script text/javascript	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/ads/system/context.js Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 931292df7fc524b0704f113c7529e7ede02d21d0d5d1703a71880d58bd745ddd Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers content-encoding br x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT x-yandex-req-id 1679403830406035-2910840099080352160-sas2-0346-814-sas-l7-balancer-8080-BAL-879 report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Tue, 21 Mar 2023 14:03:50 GMT
GET H3	200	jquery-3.5.1.min.js Show response telemetr.me/tpl2/app/lib/jquery/js/	87 KB 32 KB	60ms 58ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telemetr.me/tpl2/app/lib/jquery/js/jquery-3.5.1.min.js Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/content/cybersquattingchannel User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT strict-transport-security max-age=31536000; content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 529274 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sun, 05 Jul 2020 17:15:38 GMT server cloudflare etag W/"5f020aba-15d84" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADBpm2klEs3UZWmR0ffYnCzbeZwPeb8%2BeOZcK7nVb9S1qpw97SVPBShmlue0PpEoxi%2BSUKxHaHu0q5ZhyjdKRyorG%2BAAVlQPctetQHxtA0mh4NBFqVtFTT7iHYyE%2BBwpeDY6Y0%2FSbkL%2FzQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=2592000 cf-ray 7ab665b46eed0e60-AMS expires Fri, 14 Apr 2023 10:02:36 GMT
GET H3	200	bootstrap.js Show response telemetr.me/tpl2/app/lib/bootstrap/js/	112 KB 21 KB	36ms 35ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telemetr.me/tpl2/app/lib/bootstrap/js/bootstrap.js Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 71577fb46a22fa031506bab9c5ddb4640e38ef10a1b4959a11288b41ce4b0757 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/content/cybersquattingchannel User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT strict-transport-security max-age=31536000; content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1672242 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sat, 17 Nov 2018 08:34:22 GMT server cloudflare etag W/"5befd28e-1c168" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BdpouTjUuvmbXftvzJg1wzxhQmGYBrDu9omVLFp8or3YpEbIMtsGAq%2FCWTw4hk%2BEMRFxzsiF6RfqenL8OYEJ%2B5r2vXejjxe6sL9l89VjrhVsrDskny3i3tVSG4Q%2BIyazsx3dLIEYXKl6oA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=2592000 cf-ray 7ab665b46ef00e60-AMS expires Sat, 01 Apr 2023 04:33:08 GMT
GET H2	200	font-awesome.css telemetr.me/tpl2/app/lib/font-awesome/css/	37 KB 8 KB	41ms 39ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telemetr.me/tpl2/app/lib/font-awesome/css/font-awesome.css?3 Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b317a70590cf774f7f4560126c4dde28e80ec2109f713f4e4ebbbd44be32da7a Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/content/cybersquattingchannel User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT strict-transport-security max-age=31536000; content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1671446 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 23 Apr 2019 09:09:42 GMT server cloudflare etag W/"5cbed656-9225" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7KICAIiiPstFfkj9F26L%2Fgn6MFNL%2BO%2F2NjPwlxkO9TDwS7OAkfwC5549NaiVWjdxCJSbMkB5kV%2BpJQBbJUEcoNn1pbvXUOdpHWk4DJBiui7oRyd2G6ANo1arK2I6k8kNDflz7JZCQhtqA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=2592000 cf-ray 7ab665b2e9920e30-AMS expires Sat, 01 Apr 2023 04:46:23 GMT
GET H2	200	ionicons.css telemetr.me/tpl2/app/lib/Ionicons/css/	56 KB 8 KB	46ms 45ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telemetr.me/tpl2/app/lib/Ionicons/css/ionicons.css Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f7fa0c3a244e21109f699c2b3e0609527d9db21b9805f8919d3c9fefd7cddfa Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/content/cybersquattingchannel User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT strict-transport-security max-age=31536000; content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1671161 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sat, 17 Nov 2018 08:34:29 GMT server cloudflare etag W/"5befd295-df69" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXfVrkPRj%2FXNZLJmYSBia8liTopmsgisLaIu5LDEoH2jtC8YkWvN5%2FtFtjUX4F3DThQMNndB5XT9JHvVDuCixxNUZXvUel441upzPG7hwBAsBMgAJK5J8yUsXG61Pk0CvrCbZfBQWuu8Gg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=2592000 cf-ray 7ab665b2e9930e30-AMS expires Sat, 01 Apr 2023 04:51:09 GMT
GET H2	200	slim.min.css telemetr.me/tpl2/app/css/	745 KB 98 KB	50ms 49ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telemetr.me/tpl2/app/css/slim.min.css Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1cf1d150cb01cc90a850ed0416c2bc67c9d0579a8cd1085207b7063f988d637f Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/content/cybersquattingchannel User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT strict-transport-security max-age=31536000; content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1670472 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sat, 17 Nov 2018 08:33:35 GMT server cloudflare etag W/"5befd25f-ba21b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VwVNl5SPzwY4bOPCROjDHyZ34%2B6qKIsV42EydCEuEJzC6YhmXLSb2jP4jBXttLqzXQUvsriPEZ9bzi2ONVvmCYwgJtf58WpCgRzQNcQPPeCpPmpBg5HAc4iMnaJ0MzDM1fU%2BRezP0VndjA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=2592000 cf-ray 7ab665b2e9940e30-AMS expires Sat, 01 Apr 2023 05:02:38 GMT
GET H2	200	my.css telemetr.me/tpl2/	3 KB 1 KB	44ms 43ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telemetr.me/tpl2/my.css?3 Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 671099c7d937dff2dba493d875aaa64441fbbcc7845c0c264bfbdbb207610933 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/content/cybersquattingchannel User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT strict-transport-security max-age=31536000; content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 530620 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sat, 06 Jul 2019 00:10:16 GMT server cloudflare etag W/"5d1fe6e8-bde" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XgZhPg1uswvmmUJ%2B1spYkX0M810sCGw2pwoNCwuhVSRQ4aUNJnNuYIOYW8JD%2BXn%2BpiuOeYs6qhQEVAeqZHAuwURveTk0w2mpt4rP7sdUj0uhtQHyZeFDWzBj7gUyVn8cjbZ9Yr5yU5Lbvg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=2592000 cf-ray 7ab665b2e9960e30-AMS expires Fri, 14 Apr 2023 09:40:10 GMT
GET H2	200	mobile.css telemetr.me/tpl2/	2 KB 957 B	41ms 40ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telemetr.me/tpl2/mobile.css?4 Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5837a526b619f847776aca3a10cba1aebf6e035996038ea9ada540b40d5966ef Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/content/cybersquattingchannel User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT strict-transport-security max-age=31536000; content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1671446 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sat, 10 Aug 2019 23:40:05 GMT server cloudflare etag W/"5d4f55d5-8be" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5I55KB9PCL5d7EyvhjNJDCjO1HvV68eBAw4kJWybjZuz8Czfn%2BoZ3WRb441YGgKlc7EQIrCf2XWRR4qOgk10bOF9yV94otd%2F8hG9S0Ju2jd5VXA6pbu3XqBkR6s6tu%2BQ5NLSv2VJ1bNQkA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=2592000 cf-ray 7ab665b2e9970e30-AMS expires Sat, 01 Apr 2023 04:46:24 GMT
GET H3	200	logo-purple-full.png telemetr.me/tpl2/	3 KB 3 KB	34ms 32ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://telemetr.me/tpl2/logo-purple-full.png Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dbde0436873431f808e3470bc9b720e865e86bcb7f61343358568352d3342bbc Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/content/cybersquattingchannel User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT strict-transport-security max-age=31536000; cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1671455 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2925 last-modified Mon, 24 Jun 2019 16:19:56 GMT server cloudflare etag "5d10f82c-b6d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJBh3ZBRLgE%2FFDChSshOESkx%2BCiYBG6CZo5QoOr2Vt4T4pYfnNFBYNlBwvoe0cjdCWJKV6QSla8sVtcyOFUWgyQYS6XSVXc9iBnYqpCRyjelm802IB3N8jJ%2Bvjj5FoygHjhDmKlv0yAyhw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 7ab665b46ef20e60-AMS expires Sat, 01 Apr 2023 04:46:15 GMT
GET H3	200	logo-purple-short.png telemetr.me/tpl2/	2 KB 2 KB	88ms 87ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://telemetr.me/tpl2/logo-purple-short.png Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd460e06b3933b6a10e52b81ce5b9873234e8660daa18c842696f5f36c0f7d94 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/content/cybersquattingchannel User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT strict-transport-security max-age=31536000; cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1671455 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1833 last-modified Mon, 24 Jun 2019 16:19:25 GMT server cloudflare etag "5d10f80d-729" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NB33dNfLvpXYtgn6UgSJzoz%2BoHRmGo5sIu3033JOa6t5%2B88AkQAGcVHc71svUOuCobgofJzNOQYD4OOK%2FLM5uBT0vyxU9HZf9%2B4C6ZpFpNKIKyuUZ%2Fjli2q5%2B9YpfiVkXW37z05LxFq5nw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 7ab665b46ef40e60-AMS expires Sat, 01 Apr 2023 04:46:15 GMT
GET H2	404	b41e2cc9addfd37ecae5f506d4586dba.jpg cdn.telemetr.me/tg/avatars/	0 0	828ms 811ms	Image text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.telemetr.me/tg/avatars/b41e2cc9addfd37ecae5f506d4586dba.jpg Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers
GET H2	200	DspFjz82CoM.jpg sun9-55.userapi.com/c855536/v855536018/133dc4/	30 KB 31 KB	245ms 66ms	Image image/jpeg	87.240.185.158 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://sun9-55.userapi.com/c855536/v855536018/133dc4/DspFjz82CoM.jpg Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.185.158 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv158-185-240-87.vk.com Software kittenx / Resource Hash edbe747a1dbc68f83e8ddc92c2049ddec7797dea1007123fb1a908cff483d2af Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT strict-transport-security max-age=15768000 x-frontend front221006 last-modified Mon, 21 Oct 2019 01:17:57 GMT server kittenx access-control-allow-methods GET, HEAD, OPTIONS content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Frontend cache-control max-age=2592000 accept-ranges bytes access-control-allow-headers X-Quic content-length 30955 expires Thu, 20 Apr 2023 13:03:50 GMT
GET H3	200	email-decode.min.js Show response telemetr.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	29ms 28ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telemetr.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/content/cybersquattingchannel User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 07 Mar 2023 22:56:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6407c11e-4d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRqNhtFkGnlmX6WkeqVx7lnHYub5xm0JdY0E0xbYly55K6pqchZlMmm4uQsbO%2Bcs831j1NTLdgPzGaibNoYfYl8wE8GBeODSjaZ0AwxJMXlDGBy37Zy3xlpEKr3rkYYP67TsYojbrFltZg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 7ab665b46eea0e60-AMS expires Thu, 23 Mar 2023 13:03:50 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	97 KB 38 KB	174ms 83ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MZ5MK3K Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b9a86ccdf70a50869cb419a302e4ff094255a631b9d3f9c2d1cc895e15bcdd7f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 38764 x-xss-protection 0 last-modified Tue, 21 Mar 2023 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 21 Mar 2023 13:03:50 GMT
GET H2	200	css fonts.googleapis.com/	8 KB 789 B	141ms 68ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,500,700 Requested by Host: telemetr.me URL: https://telemetr.me/tpl2/app/css/slim.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 21 Mar 2023 13:03:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 21 Mar 2023 12:48:35 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 21 Mar 2023 13:03:50 GMT
GET H2	200	css fonts.googleapis.com/	10 KB 1 KB	139ms 66ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700 Requested by Host: telemetr.me URL: https://telemetr.me/tpl2/app/css/slim.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 21 Mar 2023 13:03:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 21 Mar 2023 12:34:00 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 21 Mar 2023 13:03:50 GMT
GET H2	200	css fonts.googleapis.com/	8 KB 702 B	140ms 67ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700 Requested by Host: telemetr.me URL: https://telemetr.me/tpl2/app/css/slim.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 16340e3752e5178f7ce8c6042efe2a071cb3e308dbe36ae99f4bfc5a8725f60b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 21 Mar 2023 13:03:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 21 Mar 2023 12:10:42 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 21 Mar 2023 13:03:50 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 488 B	147ms 75ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300,400,700 Requested by Host: telemetr.me URL: https://telemetr.me/tpl2/app/css/slim.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 21 Mar 2023 13:03:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 21 Mar 2023 11:23:15 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 21 Mar 2023 13:03:50 GMT
GET H3	200	fontawesome-webfont.woff2 telemetr.me/tpl2/app/lib/font-awesome/fonts/	75 KB 76 KB	67ms 66ms	Font font/woff2	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://telemetr.me/tpl2/app/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: telemetr.me URL: https://telemetr.me/tpl2/app/lib/font-awesome/css/font-awesome.css?3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers Referer https://telemetr.me/tpl2/app/lib/font-awesome/css/font-awesome.css?3 Origin https://telemetr.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT strict-transport-security max-age=31536000; cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1671412 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 77160 last-modified Tue, 23 Apr 2019 09:00:15 GMT server cloudflare etag "5cbed41f-12d68" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMUKqqqQV%2BH47jiakzmkbQHomoNvOqb5tIM1%2FmU1kRR1gv9ZCKlhws%2F%2B2%2FoQpoV9jDmjpXFcigOB73x8MfRl8cUydSb%2BBN0f83DRqdXX0NMZ5vluQ4XeYAMOGCn0XWl%2F%2B73DqFwEoICqqQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=2592000 accept-ranges bytes cf-ray 7ab665b48f2c0e60-AMS expires Sat, 01 Apr 2023 04:46:58 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	134ms 59ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://telemetr.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 08:37:38 GMT x-content-type-options nosniff age 15972 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Mar 2024 08:37:38 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2 fonts.gstatic.com/s/roboto/v30/	9 KB 9 KB	253ms 179ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://telemetr.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 08:37:43 GMT x-content-type-options nosniff age 15967 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9576 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Mar 2024 08:37:43 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	142ms 67ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://telemetr.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 08:37:40 GMT x-content-type-options nosniff age 15970 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Mar 2024 08:37:40 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 fonts.gstatic.com/s/roboto/v30/	9 KB 10 KB	247ms 173ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://telemetr.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 08:37:40 GMT x-content-type-options nosniff age 15970 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9644 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:50 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Mar 2024 08:37:40 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	16 KB 16 KB	192ms 119ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://telemetr.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 08:37:40 GMT x-content-type-options nosniff age 15970 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Mar 2024 08:37:40 GMT
GET H2	200	KFOmCnqEu92Fr1Mu5mxKOzY.woff2 fonts.gstatic.com/s/roboto/v30/	9 KB 9 KB	208ms 139ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://telemetr.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 08:37:42 GMT x-content-type-options nosniff age 15968 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9628 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Mar 2024 08:37:42 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	197ms 130ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://telemetr.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 08:37:39 GMT x-content-type-options nosniff age 15971 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Mar 2024 08:37:39 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 fonts.gstatic.com/s/roboto/v30/	10 KB 10 KB	243ms 184ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://telemetr.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 08:37:43 GMT x-content-type-options nosniff age 15967 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9840 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Mar 2024 08:37:43 GMT
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	211 KB 73 KB	245ms 67ms	Script application/javascript	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash efe7e5816a6c7b3fdacf39c22a4f36cff7a0dcb253f86ceb7fce87b7ec9179f6 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT content-encoding br strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 11:05:51 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "6419655f-120f9" content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 73977 expires Tue, 21 Mar 2023 14:03:50 GMT
GET H2	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303150101/	350 KB 117 KB	132ms 132ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8925921048082252&plah=telemetr.me Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 03ae38f03d35f4bf07229056e934c0bc4bc19a06ba254161dd3788943107f5bf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 119456 x-xss-protection 0 server cafe etag 3799125572657413468 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 21 Mar 2023 13:03:50 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/ Frame 021D	10 KB 5 KB	182ms 57ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://telemetr.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 69768 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4549 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 20 Mar 2023 17:41:02 GMT etag 2378337311435320485 expires Mon, 03 Apr 2023 17:41:02 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	1c0942547d39e10f5f56.js Show response yastatic.net/partner-code-bundles/741854/	14 KB 5 KB	164ms 59ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/741854/1c0942547d39e10f5f56.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 1a46091c13b87ebc7dec600c22d945afc8f302d77ef42cd14af6aa3ed2eda364 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://telemetr.me/ Origin https://telemetr.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 4802 last-modified Mon, 20 Mar 2023 17:31:39 GMT server nginx/1.17.9 etag "335eed275bf4fcdb085b892f6cfe212f" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Thu, 20 Mar 2053 19:35:57 GMT
GET H2	200	b73ad5bad35108f49f3c.js Show response yastatic.net/partner-code-bundles/741854/	112 KB 24 KB	176ms 71ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/741854/b73ad5bad35108f49f3c.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash ed43154d41004ca7c361eb62ded5b54e230d49256cc7d08d7a038127d5adf2e1 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://telemetr.me/ Origin https://telemetr.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 24291 last-modified Mon, 20 Mar 2023 17:31:39 GMT server nginx/1.17.9 etag "4e7c229ab8de735168aa161ed2b965d4" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Thu, 20 Mar 2053 19:35:57 GMT
GET H2	200	host.js Show response yastatic.net/safeframe-bundles/0.83/	33 KB 9 KB	186ms 82ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/safeframe-bundles/0.83/host.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://telemetr.me/ Origin https://telemetr.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 8878 last-modified Wed, 03 Nov 2021 13:42:58 GMT server nginx/1.17.9 etag "f80882bf67cf261aa08d636da095149a" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Thu, 20 Mar 2053 19:39:24 GMT
GET H2	200	text-variable-full.woff2 yastatic.net/s3/home/fonts/ys/3/	25 KB 26 KB	148ms 47ms	Font font/woff2	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2 Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://telemetr.me/ Origin https://telemetr.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 26004 x-amz-meta-owner {"role":"admin","login":"4eb0da"} last-modified Mon, 25 Apr 2022 14:02:39 GMT server nginx/1.17.9 etag "7f0cdaf91230f9789ca4162aedff612e" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31556952 x-nginx-request-id 094719dec2e6b136 accept-ranges bytes timing-allow-origin * expires Wed, 20 Mar 2024 18:52:37 GMT
GET H2	200	1264547 Show response yandex.ru/ads/meta/	121 KB 31 KB	274ms 272ms	XHR application/json	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/ads/meta/1264547?target-ref=https%3A%2F%2Ftelemetr.me%2Fcontent%2Fcybersquattingchannel&charset=utf-8&pcode-test-ids=657518%2C0%2C0%3B706837%2C0%2C99%3B741838%2C0%2C34%3B736079%2C0%2C63%3B729110%2C0%2C9%3B736393%2C0%2C43%3B735206%2C0%2C47%3B734894%2C0%2C7%3B741854%2C0%2C3%3B737281%2C0%2C46%3B681848%2C0%2C57&pcode-flags-map=eJydWNty2zYQ%2FZWO%2BppJeQVJv4EkKGFEEiwAWlEyGYwSK7Y6vnQcO3Gdyb93QVA2SdlQ2ifTlPZgsXt296x%2BzE6xUGLBVgrnqsQpKVXBuKK1SnFdEz47%2BfBj9m1zeb%2Bdncwkb8nszexu%2B%2FWOnsH%2FCPl%2BEM1%2BfnzzDNNwlreZFIrVqsGtIFaEyE0C3yCQGqclUSRj1TNISYXUzpzSnDD9AJ%2BmTGFejWC3D39PUEM%2F7FBzKjrYjLW1VJzklJNMQ%2BKmsXvmOUHgPd0NLqKqtpSUs7IEtFrqB8LVCstsQXIlaUUUKwpBpB3X95zoOWZpKyXT1yrZONa%2F%2B9GXsR1KQtTZNRnLyciyy9k4Rr8K1iVOdjE6JVxQVo8sIz%2BJ%2FHhkG7hhYILb1rRkOCfmfFyNInp3e78dmAVe7CeOMYNYCtGRbGIzTeTACOgpCKkVSwXhpxNibq83ny63I0sfeYkJc0HfqQrOWhA6X0hVS%2FuRQegnbme4xnVO3ineqpxVmNY2s9CJPB89nZdytgRn4Sw15zS3WrpRGKMXD1TAXslpajX3XAcFnfl7UnuqaIGfK5rLhaIVnhOrbeAGsfNsuy%2BWlHGdVI5z2orffhFhjbXfxmGFyxVeC7ulH%2FVxzosGKlM0rAZi6Dpi7biGPMdxxraB4weDWsi0aS3t54UA01OpYBBlorm7P0%2BRd1ZawJFR5B2a00I3zpUuImDn%2F0HYO3CKy3aULd952bokmNeqYhwqFnOKJ%2Ff2RoeGjtNHueGUcSrXKl1DqyCrhnF7wFCE%2Btrb86JvnpngVsPEjeIBI6lQGeacSYWzDLIkLF0iTPzQdUe2HYsFUFoudJganOe0nttBgjAwnndtH6gs1w1Rvt3rII7CQXoqnkGcBE1pCVGzH5dE6FVLPQizkmbLI6fvMbopY4avggZbUBguVF%2BiwJm9mpPY6yeL8aMHMXNBMk3UpsTrFGfLwQSzQSLHC3xvlI4F6Ro%2BTFIi6NzKeOSGHjJ5qMkKTAqo8oUq2ZxmdrvY71sauFlQXmnOclLvJ03DSWpvqgi6oueOyAtThwOTQAXAvIYI6EYpMq5nihDW2kdu4gbBCGxBZefJAATisZTMDuRHnucP1c5E1%2BSkwJB%2BeFHQmkoCbM%2BWIKushYqC0EFo5J6oMJfqz5a0RIMfu1%2BIEAqf1IBccNBxE88IFDDXVKY1NCoKw7g84lXkRj11MgwjidV9AnGhC5IWHINg6uSDPZNRnKDkSTcUnAJMuVbGXkuIxn65sX26VIK%2Bt9YRQonfp3tgIY5prINzk8CJnlCgaecawapbEYoD5E5PVhWoVmw%2Fy%2FMcE%2BsBIbXw%2BCVWxihw%2FX25wfwG5Q1XBdIo0KpGUHQNzGiDw7XgAC%2BK%2FcNbyLn9DpCm2B3Whu4Zpsm8EPpuHhzbA1DioV6dmIoQS9ooybsGeKwlowRWE2M8OboomZa7uTKOHgGJ%2Byp4DaQj1wjjy%2B5BXW0e1MV2d35x9wpct8GoJUlxqkBxWtchB0bbqBRNNa8WwJIBYWoY0V3DnbfQ3vWCAU03I%2FTUXqGR6wT95ORcmU4vW5AoptK7QHdNpZ0vjiyDgGRKtcTv111zUJ3AG5r9mH3Z3n2%2BqDa357vr2Ykbgky6uvm0u9yKz5vL3fX57MT7OUINYS4OSGDaIug9lZaaCXrHHB7wYXa12V2%2Bvb0H3%2F7ZXJ9tH%2BD5j93V5nz7dfTqfHPVvTl73F6br2%2B%2B7e5uzOPV28E%2FZ9e7%2Fq1GfkKAF7ebx8ubx4v%2B48db8%2Ff%2BdvP2evv968EX%2FtrcXO06048vX3FYcc%2BptacP7Xk%2BMtb8xEcSD5butO3gFqRGVrLJ5g%2Br8Xi9hg3NkKbGEigGXY7P%2B16nJJ5blweYLN6gURYE6MoJziSsr0cMQ9%2FxDjUSrRvQBlok%2FUeFBJu0j%2BJXAQetDHqPPQ%2FPSLyTOKdaqxi1uxc%2FJa2hlDAttSJkIP%2FHzJ31Po%2BLH8X%2BXhWKfDldnWGdjw8WfP1mH1ztu1yQipifGswcbJjQtZ2yceP5fHc5uZITJQeTJWNCRxlaeJmn0IropP9NUbwEGsMBCq2BbxgchMUmI2rVbfdHvPETM%2BcEKBjS%2FVwF%2FdjcxW4Ju6NRWHoqmh8glCQVXENa%2B3%2FkB3Ey2FRfin4YTKMfaouf%2FwIkncNM&pcode-icookie=PMxPEnv8o%2FpFi7I%2FL%2BwvhbhlnSy63wnaJuX2XQ2H3G96oBCsuk%2BJ%2BKJw5ZsoFjNI0BbpEShj7ObJU%2FjKtBD%2FiljXw6E%3D&imp-id=5&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=262783279038466&ad-session-id=2609881679403830700&target-id=98377820&tga-with-creatives=1&top-ancestor=https%3A%2F%2Ftelemetr.me&top-ancestor-undetermined=0&pcode-version=741854&pcodever=741854&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A368%2C%22h%22%3A0%2C%22width%22%3A368%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A20%2C%22top%22%3A263%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=4740&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo2OH0KEqO0kBs57kEYqMuLrv3T2k1ksL6p7fvG2fg4xvu-7495K_PC4429jVtiwoaIktg5xU5iG-s7iW_jjfVfgjQlogbQjwGuVUUmMjiPS2V6yO99xpdZRAWiqqCqirC-ugYwDZYG_QHh0MDXMDVoW0N_UKgPCH0Dm873TKADkRHoumtzN0RA28BxPFM3drl5J2s0WR4nsG3PAeHaIMTj6CwHF4_jBT4unu7qjocLotGOR9AZw2N5erDtgOVBTOx7Bs90mbpr2cSbZ9m6Z-sQE2tgdNo1DBpCDeNo26-nSO6XIqJIaKIn81xzayBpaBrsB8OgIaIBYTCGpsElJpCSme3RsSzTN-TEpqIJU0RKpPtZQ6hhnmJoBciDVDZF4ArNFymlaR25CHqj-ZZP3zwnMAyIiQ3HZZWG7vLY9PKkPHOPLQ7DcUos19c5xLh4vostFdDFSeQPQ4FrizZyAaXj4egvxVlSOcfiWr8KnoQHyFkP_uxTYtp0uZxjmc_Qdctuwvm6vR-wtBi680QvmabLCkz6ZnFLs1wFMe7WAEMD99q38Qg6L4qsC_MC-PW-N_m6TgPnNWDK2e3kkYGJyGAH2PwA9WkynLZ6Ya9wXLmidHWPtbFcnVMaDP6-kcqkHj_sXxrMoGJaR1LqHNfeD8J3At7LaIBsVUyDj0dwgiTc-YHP9fYAK7EC074aZvplepN3HvSZzdemYmhFcZLnq7E2mue4kBz_oGhoo__wUUwpZNIO-tMOqegH9VlANM4C878Bd3QbQ4MFCekDxFcDhjyRQzI8gkFD8PntUiXaX_vvTU0rAcNB5dmsP_zz9hzKt75qW8WB6WVYCGdlZsD1aoa16lf55i95JoPF7xlSUYxTXga-f1_u-RajaXBQC-mfCOSYtS4eJtREH2GVGLUISCEYf-JLhIfLC0y_ZZbWf75fFpvPbZlUlLT3NVAP-EbVlziWWfqByd5yFoe0UCIWLPod8HQX27ssB6oGjwb2jxFMoeCJamkK1ObWAKXB6o2ngXWDBfGYATANPBp433X0wTbcZ6Kna7D2aDIMDdrTAvaLh9pLiAzqAT0iPHiDdP_Ev_zoCrS-h2zmqBznp196TMhlCKgf1xh8r0QFH_JDyUvPtLBED3NKg1XOvqJcSMRUZTP87i8c3vu140-BPEW3yHNxODowlue7jMcwxS8Pkoiza-d8XD6VP5jB4PE84-vi3UU1xVL2EzdKWE3lzP7Evlp_YmjDrT-Gr4GD8qvKTTEFQnm8LSspZFdz0f5MiqHB-w6C_xShf60cNQhHIcLZIBhZGY4GnVDssAD_ykHQWf65o13JP0-oNPg0cPczC40Gugb1nKsx2Kf2YyjmVzTGy6i1B-dwRUNAA-x-Ppi_R6chQNoH3u8PW42Fz7GLhP3kQTA4QqMh2KM-wDnONET7SQ3rLnAij_Ln01I-LA1kGuAP7MYFa2B-DGOIhnlvxDhW9xB1uIantvtJ-AIuhUO9DKGhHSuIRheOGRhDPGYvAElvbcu1fQ8Jilr6G6ZgcFP7Njp5ziq_LCjnxMMr-iG2f2oUEuB-XCIYHUc4ejkah-Dxq1TkTaMV23lBME-EirtWVdfAH5lyw-b6GKwBqnp9Hzg7_-sy7G8f-DT4QtXbci4Tl7yyUEKlWhwjUL4Ki_OZUxoftwaQI8mmAW6Ajib85IHXGqkEQMc19JJrWgymsBslz2mKQDWZCfaZCiG58fi4i-j9H6Lh_vBxxb79FuUaIYprF5_LMRelkyiPY6I0iwZjknrvXwOpNhGldINyrt8l-MGtkyQPC6IZRkRFFHZSNMbOt0Y5Y-813Rg-nWHelwY2YI4z_sfQR9VB74l7bGVY_yJGOf2oBK27BQw1rSq18rSij3iJWR1IkCUIAxTTc8fezZNBl_j4V-6IjlLFc0Rpa1DsLPcWywLuoBraIPQnCumSyl2paZXqjD2-hMRQCBws_xCG1GGDvGjKbD5_k72vBMJbcZ5Tr3VQ-1kVqF9We_cCQs_xWJ5uErK8kZtrMmUd-qrm0R5o1NzZEXJ1YpjnEl4DVTj5TMg9FTkBpfgp5b4wPeoErlobowK_vnrS-xIYZXbdQbpVcf2iGPuS2G-fNcItDI2PGqT9d_PQwPwyL4S6mEg9gEd5u3Zw0Jw1HHc0sVy8p7p7ucx3ExC9oCB6SkTLvFe5UEJCworKg7KotJAKE_C3Gh627iHRO_yuYEL4lmigfe9AVgMf2l5pmsnz4Kh3VAMpNVN9UKugEC-_pSf1KFTHq47-UNdu63f-BzUf0G-Csf54RbFZFt91vJLj-o8kxSPQD6bKp_aMursld2eaU_NXRs2jEYb3_YyKf-F9uDcX6GUO1JBOuzywIBrKPCJMTyFjFJeSwy6PHaD8teHdEe_1cice5bwAOpIbNDXcK2hpirz8wOYe-lz4ExQmL0dyc4HkB_qhiFaxZlnMm0ee4Ocp_hcwatS4No71Ka_YTKfMN9Ms8xZwamB9FFibkIzMalNQbU2D9RKXfJ1rHAliUya8kFJJcNVHoFYcwSgtinDvI5McrkG7Eocx8hy88xtgfyoE89MbMF0fAoth2h4df0PI8fbBdGwIXJt5ted-hjkIFf_TXw3Pe6I4_ZGeR3qe9HkZ_sz-dsjneSmkeB6eoZuWzcVtg87fW1C3wPCwtm8dRJWxcSxzN1FMyzDcKwCDF7CqEPzpGyWfQQcKIZBNxmmMAMcb6gDHNThByQzoLM_W-xbb1a3SYjqBHqR5Gst3iAN2gPiXU1m-1vXzlWWi7Yxnnop3WT5F2zTOYtE2ikRCo5WlWS64E5E6nGko4hKmSUS9jUQ0hdHMqbZLunX8NF9FIlpmcVKIl9HtxpIfOC7bwraDkof495_PPHNFAysGx2LyLYv9WXxQmDx2O-e6U9tcPs8n8lSlkHwqNukSkvBN1-d6L2AoeYHDqxrfY0u7c_ve2iwNJeu5kiVZyydTl3Vc6vqJWERq396zYAdfeLoMP2FWrHyGed5wwrMOwoL-eDM616440vW9b39lvTjJnD16xR5OYOivMf6UHas4puex_7uBOujVeeMYBrOsfBke16pKrnvcHswJ-F3_YL7JYAZOI8fMk_ymi4SOWEgI-Xwgl-dj1mYGT56gE8eohEDctK5frjxfo_Kf96uyNIlV2R9H0XQri5pu1ptIX3XlniRNl848W02dpNnKYkUVhU0XH5NNHUaNx1phE71mUVdJZW0l0Wy6MG1Em0nSiFYz-uuSmam6_2njmSZhw3st79eFlZ54rvg2usV8dbaW9Pm_TWYjZxRmj6Ufbn4EtOwDQuZLt4gbLsN8RYVcI1ssuWbKNY0wNW-7ynWGrlPBthzPaMlorL_GW4c-QRdx0Zl1PL5l8yzXLnFMJcdHM1xF2lvgWCa9cfubsz1dZan8HkcrF5JPo6IPg4X9Xm9Pgkrtynd1NJXXmskUr5M4k6xnqM60rpMZd_q-IPKZ51lVJyvq-O6JbV6d9P0mOXEkJw5FTtx6Dw7ZOHEx8nPiLmgo3hxHZxqlGiFMBumDpA-S_8EVkz5I5gfpwcENKA_sipKnOkwmQ93756dgs4OGZFQ3XBfbkylYDJnyPBvSc0jPIes5eUR6DpnPsRBbtvIdJjbi8tZ_Jd64Eul7pO-R-b0CP13I53tJgfy-d9DByvdOOdA7PIt0Q9INyb9hliCbGy7kd0OuZTAMh8F1lQfyvbo7WCBXVxXqnhs0mYMBM5h8UnQj_YqsX03kEt1y5PerAbyq8q0ODKH3Au96nIE4u_Vp72kMJtMydZQAzUd6EOlB5D-oCJENyixEfg8yvuL4gS2HUbp1aZS-7bFK04LA92zXLbEDQw1GJ8O27A58HIdxocm1bteB9eUFzOHf3Fo3A9svA2yLF9wJcMzbYXECxyM5L6SToOwkeThOEuPnyAWY5wnAOEkEWdbDgf2kdYzyH4btORIz7zxMVCtq1MVG6YyF7YPjkCpyxCJT5eJfmQqbB6cic-a5EhGnbCbUtsBpJLI3TpO4oLbyLUQsxPkKkyXahSG16e9aCZXpb5RRGwivgmq7qLYp1VaC_-t9lEnsfGVWxKlq3f-57hJdYHbsFTOfFOyBo1Blrhoif-OjSLKtE5LbGEdSi2LHz_I0TWSWydTWySajvBEN4-0L6A2Y-bPxz4ZpfTd3PwA1b2EpFstYvtz0-su92p6XeRqGcTar5XUmt7zOqhn2UnQqFc3cWrHWbsa1Z26dfDvnUqyl4yjJsziTqKqddDSmbOiW6Q2D61SxspabVsfVtDquNuErjLLPD9WoeuZ5WHUriofJ9TDVnnm4zvpZoXeuVXmuKdclVZcqq0Sum1UXK6tqoz2zSsIsrbo0rVRWo0W58aLrJ1EaLoWISRTWwfw_K2XxmnNV6904i8JhAd6VabzCIgrbJIa1p1Sdy9RTpk5l6riq48pBMSeUG2qerrYmVLD0OkW8YnGcKmbJaaSwWY1uq0Wg_DJDJ19FiqlxpTJcaaraHl_5JE2TFSqy2Pn6XWHWNPPvompmXqRtMcNuqnua7Bdx1byShJwluapkuqoZfo5soNkyZOeqSmykh7nTMM80pOZNr2aT7DJJpyP7dAXpdOSdTmQUjePpPE6pGlXbHpZRchnuONrBpwdMZrN5dtxmRSSR913T4wnKdyhyOik6AUA8BY9gAHRFAP0%3D&uniformat=true&callback=Ya%5B3219871495110%5D Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash f16d32d2d6aeffc6824a100d5d84e7cfccf6579ced210a11d749419f1bfd3a6f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://telemetr.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 21 Mar 2023 13:03:50 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} ssr true x-yandex-req-id 1679403830778002-6470133764059013595-sas2-0346-814-sas-l7-balancer-8080-BAL-8241 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" uniformat-product-type Direct x-xss-protection 1; mode=block pragma no-cache last-modified Tue, 21 Mar 2023 13:03:50 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT uniformat true report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} content-type application/json access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires Tue, 21 Mar 2023 13:03:50 GMT
GET H2	200	07cea2bf8567304efc16.js Show response yastatic.net/partner-code-bundles/741854/	23 KB 8 KB	117ms 87ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/741854/07cea2bf8567304efc16.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 69ec7de048d51d58f50177971f6a1727560be8dc3131c8c558498c07bc2d8e95 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://telemetr.me/ Origin https://telemetr.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 7922 last-modified Mon, 20 Mar 2023 17:31:39 GMT server nginx/1.17.9 etag "eea7e55b0209fbfbefb31468e5ec834c" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Thu, 20 Mar 2053 19:35:57 GMT
GET H2	200	2ec9a88e40a26b53acde.js Show response yastatic.net/partner-code-bundles/741854/	7 KB 3 KB	118ms 88ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/741854/2ec9a88e40a26b53acde.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash b7d42d174e12b5c47a1d62d392195b609d7186d8d70966816178daae59871721 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://telemetr.me/ Origin https://telemetr.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 2065 last-modified Mon, 20 Mar 2023 17:31:39 GMT server nginx/1.17.9 etag "2b341acc3fbfa76f543a9657ebc80a1b" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Thu, 20 Mar 2053 19:35:57 GMT
GET H2	200	1c75991f19b9bf8bdb79.js Show response yastatic.net/partner-code-bundles/741854/	582 KB 111 KB	80ms 80ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/741854/1c75991f19b9bf8bdb79.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash f480ea18e31386000ae16ec588abb7c6e77f593ab828ab41d420055850905349 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://telemetr.me/ Origin https://telemetr.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:50 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 113370 last-modified Mon, 20 Mar 2023 17:31:39 GMT server nginx/1.17.9 etag "bf2820e137c8e8059c932e6e9d07d96e" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Thu, 20 Mar 2053 19:35:57 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	389 B 601 B	141ms 67ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=telemetr.me&callback=_gfp_s_&client=ca-pub-8925921048082252 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8925921048082252&plah=telemetr.me Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0e4b472a90a4124f415b6ffc75c77b017910a52ef381c710b28ffbdeaa65b935 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 250 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.nl/adsid/	107 B 531 B	198ms 67ms	Script application/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.nl/adsid/integrator.js?domain=telemetr.me Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8925921048082252&plah=telemetr.me Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 456 B	143ms 66ms	Script application/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=telemetr.me Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8925921048082252&plah=telemetr.me Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	93ms 93ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=slim-header&ign=false&pw=1600&ph=1200&x=0&y=0 Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:50 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 9EE1	9 KB 4 KB	260ms 259ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8925921048082252&output=html&adk=1812271804&adf=3025194257&lmt=1679403830&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftelemetr.me%2Fcontent%2Fcybersquattingchannel&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679403830607&bpp=3&bdt=405&idt=289&shv=r20230315&mjsv=m202303150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=355951637143&frm=20&pv=2&ga_vid=1200274152.1679403831&ga_sid=1679403831&ga_hid=1049792997&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44777877%2C44759926%2C42531706%2C31072951%2C31073098%2C31073263%2C44774606&oid=2&pvsid=2305016833081217&tmod=1610539718&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=329 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8925921048082252&plah=telemetr.me Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2f831ff9c39e522c774d5fdfa2d22bdaa8525538234482c83ff201248a36d881 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://telemetr.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 4294 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 21 Mar 2023 13:03:51 GMT expires Tue, 21 Mar 2023 13:03:51 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	1 Show response mc.yandex.ru/watch/46317153/ Redirect Chain https://mc.yandex.ru/watch/46317153?wmode=7&page-url=https%3A%2F%2Ftelemetr.me%2Fcontent%2Fcybersquattingchannel&charset=utf-8&browser-info=pv%3A1%3Avf%3A1l80sle48p8z49iczwckpz%3Afp%3A1530%3Afu%3A0... https://mc.yandex.ru/watch/46317153/1?wmode=7&page-url=https%3A%2F%2Ftelemetr.me%2Fcontent%2Fcybersquattingchannel&charset=utf-8&browser-info=pv%3A1%3Avf%3A1l80sle48p8z49iczwckpz%3Afp%3A1530%3Afu%3...	439 B 522 B	70ms 70ms	XHR application/json	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/46317153/1?wmode=7&page-url=https%3A%2F%2Ftelemetr.me%2Fcontent%2Fcybersquattingchannel&charset=utf-8&browser-info=pv%3A1%3Avf%3A1l80sle48p8z49iczwckpz%3Afp%3A1530%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A1%3Adp%3A0%3Als%3A1436415901661%3Ahid%3A1009615206%3Az%3A0%3Ai%3A20230321130350%3Aet%3A1679403831%3Ac%3A1%3Arn%3A573198161%3Arqn%3A1%3Au%3A1679403831520710299%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A23%2C55%2C1110%2C3%2C%2C0%2C%2C320%2C0%2C%2C%2C%2C1552%3Aco%3A0%3Acpf%3A1%3Ans%3A1679403829009%3Arqnl%3A1%3Ast%3A1679403831%3At%3A%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20CyberSquatting%20RU%20Alerts%20-%20cybersquattingchannel&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 658ed1b67121abd03d2a8c24b318aeaec1c6beef30d19f30a182216f0cbbef0c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Tue, 21-Mar-2023 13:03:51 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 439 x-xss-protection 1; mode=block expires Tue, 21-Mar-2023 13:03:51 GMT Redirect headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT strict-transport-security max-age=31536000 last-modified Tue, 21-Mar-2023 13:03:51 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA location /watch/46317153/1?wmode=7&page-url=https%3A%2F%2Ftelemetr.me%2Fcontent%2Fcybersquattingchannel&charset=utf-8&browser-info=pv%3A1%3Avf%3A1l80sle48p8z49iczwckpz%3Afp%3A1530%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A1%3Adp%3A0%3Als%3A1436415901661%3Ahid%3A1009615206%3Az%3A0%3Ai%3A20230321130350%3Aet%3A1679403831%3Ac%3A1%3Arn%3A573198161%3Arqn%3A1%3Au%3A1679403831520710299%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A23%2C55%2C1110%2C3%2C%2C0%2C%2C320%2C0%2C%2C%2C%2C1552%3Aco%3A0%3Acpf%3A1%3Ans%3A1679403829009%3Arqnl%3A1%3Ast%3A1679403831%3At%3A%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20CyberSquatting%20RU%20Alerts%20-%20cybersquattingchannel&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Tue, 21-Mar-2023 13:03:51 GMT
GET H2	200	advert.gif mc.yandex.ru/metrika/	43 B 161 B	66ms 65ms	Image image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.ru/metrika/advert.gif Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:51 GMT strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 11:05:51 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "6419655f-2b" content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Tue, 21 Mar 2023 14:03:51 GMT
OPTIONS H2	200	event_confirmation an.yandex.ru/ Frame	0 0	274ms 78ms	Preflight	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/event_confirmation Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://telemetr.me Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://telemetr.me access-control-max-age 1728000 content-encoding gzip date Tue, 21 Mar 2023 13:03:51 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 timing-allow-origin * x-xss-protection 1; mode=block
POST H2	200	event_confirmation Show response an.yandex.ru/	0 51 B	216ms 75ms	XHR text/plain	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/event_confirmation Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://telemetr.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:51 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT
GET H2	200	1 Show response mc.yandex.ru/watch/1264547/ Redirect Chain https://mc.yandex.ru/watch/1264547?wmode=7&page-url=https%3A%2F%2Ftelemetr.me%2Fcontent%2Fcybersquattingchannel&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A1l80sle48p8z49iczwckpz%3... https://mc.yandex.ru/watch/1264547/1?wmode=7&page-url=https%3A%2F%2Ftelemetr.me%2Fcontent%2Fcybersquattingchannel&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A1l80sle48p8z49iczwckpz...	408 B 444 B	66ms 66ms	XHR application/json	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/1264547/1?wmode=7&page-url=https%3A%2F%2Ftelemetr.me%2Fcontent%2Fcybersquattingchannel&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A1l80sle48p8z49iczwckpz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A2%3Adp%3A1%3Als%3A953576563562%3Ahid%3A1009615206%3Az%3A0%3Ai%3A20230321130351%3Aet%3A1679403831%3Ac%3A1%3Arn%3A10487012%3Au%3A1679403831520710299%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1679403829009%3Arqnl%3A1%3Ast%3A1679403831%3At%3A%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20CyberSquatting%20RU%20Alerts%20-%20cybersquattingchannel&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29lt%2820200%29aw%281%29ti%282%29 Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 799dba24c012c69e8e165f43fb834182779156f42235467c5ae963e4e5d86bbb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Tue, 21-Mar-2023 13:03:51 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 408 x-xss-protection 1; mode=block expires Tue, 21-Mar-2023 13:03:51 GMT Redirect headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT strict-transport-security max-age=31536000 last-modified Tue, 21-Mar-2023 13:03:51 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA location /watch/1264547/1?wmode=7&page-url=https%3A%2F%2Ftelemetr.me%2Fcontent%2Fcybersquattingchannel&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A1l80sle48p8z49iczwckpz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A2%3Adp%3A1%3Als%3A953576563562%3Ahid%3A1009615206%3Az%3A0%3Ai%3A20230321130351%3Aet%3A1679403831%3Ac%3A1%3Arn%3A10487012%3Au%3A1679403831520710299%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1679403829009%3Arqnl%3A1%3Ast%3A1679403831%3At%3A%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20CyberSquatting%20RU%20Alerts%20-%20cybersquattingchannel&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29lt%2820200%29aw%281%29ti%282%29 access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Tue, 21-Mar-2023 13:03:51 GMT
GET H2	200	1264547 Show response yandex.ru/ads/meta/	96 KB 28 KB	276ms 276ms	XHR application/json	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/ads/meta/1264547?target-ref=https%3A%2F%2Ftelemetr.me%2Fcontent%2Fcybersquattingchannel&charset=utf-8&pcode-test-ids=657518%2C0%2C0%3B706837%2C0%2C99%3B741838%2C0%2C34%3B736079%2C0%2C63%3B729110%2C0%2C9%3B736393%2C0%2C43%3B735206%2C0%2C47%3B734894%2C0%2C7%3B741854%2C0%2C3%3B737281%2C0%2C46%3B681848%2C0%2C57&pcode-flags-map=eJydWNty2zYQ%2FZWO%2BppJeQVJv4EkKGFEEiwAWlEyGYwSK7Y6vnQcO3Gdyb93QVA2SdlQ2ifTlPZgsXt296x%2BzE6xUGLBVgrnqsQpKVXBuKK1SnFdEz47%2BfBj9m1zeb%2Bdncwkb8nszexu%2B%2FWOnsH%2FCPl%2BEM1%2BfnzzDNNwlreZFIrVqsGtIFaEyE0C3yCQGqclUSRj1TNISYXUzpzSnDD9AJ%2BmTGFejWC3D39PUEM%2F7FBzKjrYjLW1VJzklJNMQ%2BKmsXvmOUHgPd0NLqKqtpSUs7IEtFrqB8LVCstsQXIlaUUUKwpBpB3X95zoOWZpKyXT1yrZONa%2F%2B9GXsR1KQtTZNRnLyciyy9k4Rr8K1iVOdjE6JVxQVo8sIz%2BJ%2FHhkG7hhYILb1rRkOCfmfFyNInp3e78dmAVe7CeOMYNYCtGRbGIzTeTACOgpCKkVSwXhpxNibq83ny63I0sfeYkJc0HfqQrOWhA6X0hVS%2FuRQegnbme4xnVO3ineqpxVmNY2s9CJPB89nZdytgRn4Sw15zS3WrpRGKMXD1TAXslpajX3XAcFnfl7UnuqaIGfK5rLhaIVnhOrbeAGsfNsuy%2BWlHGdVI5z2orffhFhjbXfxmGFyxVeC7ulH%2FVxzosGKlM0rAZi6Dpi7biGPMdxxraB4weDWsi0aS3t54UA01OpYBBlorm7P0%2BRd1ZawJFR5B2a00I3zpUuImDn%2F0HYO3CKy3aULd952bokmNeqYhwqFnOKJ%2Ff2RoeGjtNHueGUcSrXKl1DqyCrhnF7wFCE%2Btrb86JvnpngVsPEjeIBI6lQGeacSYWzDLIkLF0iTPzQdUe2HYsFUFoudJganOe0nttBgjAwnndtH6gs1w1Rvt3rII7CQXoqnkGcBE1pCVGzH5dE6FVLPQizkmbLI6fvMbopY4avggZbUBguVF%2BiwJm9mpPY6yeL8aMHMXNBMk3UpsTrFGfLwQSzQSLHC3xvlI4F6Ro%2BTFIi6NzKeOSGHjJ5qMkKTAqo8oUq2ZxmdrvY71sauFlQXmnOclLvJ03DSWpvqgi6oueOyAtThwOTQAXAvIYI6EYpMq5nihDW2kdu4gbBCGxBZefJAATisZTMDuRHnucP1c5E1%2BSkwJB%2BeFHQmkoCbM%2BWIKushYqC0EFo5J6oMJfqz5a0RIMfu1%2BIEAqf1IBccNBxE88IFDDXVKY1NCoKw7g84lXkRj11MgwjidV9AnGhC5IWHINg6uSDPZNRnKDkSTcUnAJMuVbGXkuIxn65sX26VIK%2Bt9YRQonfp3tgIY5prINzk8CJnlCgaecawapbEYoD5E5PVhWoVmw%2Fy%2FMcE%2BsBIbXw%2BCVWxihw%2FX25wfwG5Q1XBdIo0KpGUHQNzGiDw7XgAC%2BK%2FcNbyLn9DpCm2B3Whu4Zpsm8EPpuHhzbA1DioV6dmIoQS9ooybsGeKwlowRWE2M8OboomZa7uTKOHgGJ%2Byp4DaQj1wjjy%2B5BXW0e1MV2d35x9wpct8GoJUlxqkBxWtchB0bbqBRNNa8WwJIBYWoY0V3DnbfQ3vWCAU03I%2FTUXqGR6wT95ORcmU4vW5AoptK7QHdNpZ0vjiyDgGRKtcTv111zUJ3AG5r9mH3Z3n2%2BqDa357vr2Ykbgky6uvm0u9yKz5vL3fX57MT7OUINYS4OSGDaIug9lZaaCXrHHB7wYXa12V2%2Bvb0H3%2F7ZXJ9tH%2BD5j93V5nz7dfTqfHPVvTl73F6br2%2B%2B7e5uzOPV28E%2FZ9e7%2Fq1GfkKAF7ebx8ubx4v%2B48db8%2Ff%2BdvP2evv968EX%2FtrcXO06048vX3FYcc%2BptacP7Xk%2BMtb8xEcSD5butO3gFqRGVrLJ5g%2Br8Xi9hg3NkKbGEigGXY7P%2B16nJJ5blweYLN6gURYE6MoJziSsr0cMQ9%2FxDjUSrRvQBlok%2FUeFBJu0j%2BJXAQetDHqPPQ%2FPSLyTOKdaqxi1uxc%2FJa2hlDAttSJkIP%2FHzJ31Po%2BLH8X%2BXhWKfDldnWGdjw8WfP1mH1ztu1yQipifGswcbJjQtZ2yceP5fHc5uZITJQeTJWNCRxlaeJmn0IropP9NUbwEGsMBCq2BbxgchMUmI2rVbfdHvPETM%2BcEKBjS%2FVwF%2FdjcxW4Ju6NRWHoqmh8glCQVXENa%2B3%2FkB3Ey2FRfin4YTKMfaouf%2FwIkncNM&pcode-icookie=PMxPEnv8o%2FpFi7I%2FL%2BwvhbhlnSy63wnaJuX2XQ2H3G96oBCsuk%2BJ%2BKJw5ZsoFjNI0BbpEShj7ObJU%2FjKtBD%2FiljXw6E%3D&duid=MTY3OTQwMzgzMTUyMDcxMDI5OQ%3D%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=262783279038466&ad-session-id=2609881679403830700&target-id=64288444&tga-with-creatives=1&top-ancestor=https%3A%2F%2Ftelemetr.me&top-ancestor-undetermined=0&pcode-version=741854&pcodever=741854&flash-ver=0&skip-token=yabs.NzIwNTc2MDc1MDEyMTA0MzI%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1163%2C%22h%22%3A0%2C%22width%22%3A1163%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A418%2C%22top%22%3A263%2C%22ad_no%22%3A1%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%7D&grab-orig-len=4740&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo2OH0KEqO0kBs57kEYqMuLrv3T2k1ksL6p7fvG2fg4xvu-7495K_PC4429jVtiwoaIktg5xU5iG-s7iW_jjfVfgjQlogbQjwGuVUUmMjiPS2V6yO99xpdZRAWiqqCqirC-ugYwDZYG_QHh0MDXMDVoW0N_UKgPCH0Dm873TKADkRHoumtzN0RA28BxPFM3drl5J2s0WR4nsG3PAeHaIMTj6CwHF4_jBT4unu7qjocLotGOR9AZw2N5erDtgOVBTOx7Bs90mbpr2cSbZ9m6Z-sQE2tgdNo1DBpCDeNo26-nSO6XIqJIaKIn81xzayBpaBrsB8OgIaIBYTCGpsElJpCSme3RsSzTN-TEpqIJU0RKpPtZQ6hhnmJoBciDVDZF4ArNFymlaR25CHqj-ZZP3zwnMAyIiQ3HZZWG7vLY9PKkPHOPLQ7DcUos19c5xLh4vostFdDFSeQPQ4FrizZyAaXj4egvxVlSOcfiWr8KnoQHyFkP_uxTYtp0uZxjmc_Qdctuwvm6vR-wtBi680QvmabLCkz6ZnFLs1wFMe7WAEMD99q38Qg6L4qsC_MC-PW-N_m6TgPnNWDK2e3kkYGJyGAH2PwA9WkynLZ6Ya9wXLmidHWPtbFcnVMaDP6-kcqkHj_sXxrMoGJaR1LqHNfeD8J3At7LaIBsVUyDj0dwgiTc-YHP9fYAK7EC074aZvplepN3HvSZzdemYmhFcZLnq7E2mue4kBz_oGhoo__wUUwpZNIO-tMOqegH9VlANM4C878Bd3QbQ4MFCekDxFcDhjyRQzI8gkFD8PntUiXaX_vvTU0rAcNB5dmsP_zz9hzKt75qW8WB6WVYCGdlZsD1aoa16lf55i95JoPF7xlSUYxTXga-f1_u-RajaXBQC-mfCOSYtS4eJtREH2GVGLUISCEYf-JLhIfLC0y_ZZbWf75fFpvPbZlUlLT3NVAP-EbVlziWWfqByd5yFoe0UCIWLPod8HQX27ssB6oGjwb2jxFMoeCJamkK1ObWAKXB6o2ngXWDBfGYATANPBp433X0wTbcZ6Kna7D2aDIMDdrTAvaLh9pLiAzqAT0iPHiDdP_Ev_zoCrS-h2zmqBznp196TMhlCKgf1xh8r0QFH_JDyUvPtLBED3NKg1XOvqJcSMRUZTP87i8c3vu140-BPEW3yHNxODowlue7jMcwxS8Pkoiza-d8XD6VP5jB4PE84-vi3UU1xVL2EzdKWE3lzP7Evlp_YmjDrT-Gr4GD8qvKTTEFQnm8LSspZFdz0f5MiqHB-w6C_xShf60cNQhHIcLZIBhZGY4GnVDssAD_ykHQWf65o13JP0-oNPg0cPczC40Gugb1nKsx2Kf2YyjmVzTGy6i1B-dwRUNAA-x-Ppi_R6chQNoH3u8PW42Fz7GLhP3kQTA4QqMh2KM-wDnONET7SQ3rLnAij_Ln01I-LA1kGuAP7MYFa2B-DGOIhnlvxDhW9xB1uIantvtJ-AIuhUO9DKGhHSuIRheOGRhDPGYvAElvbcu1fQ8Jilr6G6ZgcFP7Njp5ziq_LCjnxMMr-iG2f2oUEuB-XCIYHUc4ejkah-Dxq1TkTaMV23lBME-EirtWVdfAH5lyw-b6GKwBqnp9Hzg7_-sy7G8f-DT4QtXbci4Tl7yyUEKlWhwjUL4Ki_OZUxoftwaQI8mmAW6Ajib85IHXGqkEQMc19JJrWgymsBslz2mKQDWZCfaZCiG58fi4i-j9H6Lh_vBxxb79FuUaIYprF5_LMRelkyiPY6I0iwZjknrvXwOpNhGldINyrt8l-MGtkyQPC6IZRkRFFHZSNMbOt0Y5Y-813Rg-nWHelwY2YI4z_sfQR9VB74l7bGVY_yJGOf2oBK27BQw1rSq18rSij3iJWR1IkCUIAxTTc8fezZNBl_j4V-6IjlLFc0Rpa1DsLPcWywLuoBraIPQnCumSyl2paZXqjD2-hMRQCBws_xCG1GGDvGjKbD5_k72vBMJbcZ5Tr3VQ-1kVqF9We_cCQs_xWJ5uErK8kZtrMmUd-qrm0R5o1NzZEXJ1YpjnEl4DVTj5TMg9FTkBpfgp5b4wPeoErlobowK_vnrS-xIYZXbdQbpVcf2iGPuS2G-fNcItDI2PGqT9d_PQwPwyL4S6mEg9gEd5u3Zw0Jw1HHc0sVy8p7p7ucx3ExC9oCB6SkTLvFe5UEJCworKg7KotJAKE_C3Gh627iHRO_yuYEL4lmigfe9AVgMf2l5pmsnz4Kh3VAMpNVN9UKugEC-_pSf1KFTHq47-UNdu63f-BzUf0G-Csf54RbFZFt91vJLj-o8kxSPQD6bKp_aMursld2eaU_NXRs2jEYb3_YyKf-F9uDcX6GUO1JBOuzywIBrKPCJMTyFjFJeSwy6PHaD8teHdEe_1cice5bwAOpIbNDXcK2hpirz8wOYe-lz4ExQmL0dyc4HkB_qhiFaxZlnMm0ee4Ocp_hcwatS4No71Ka_YTKfMN9Ms8xZwamB9FFibkIzMalNQbU2D9RKXfJ1rHAliUya8kFJJcNVHoFYcwSgtinDvI5McrkG7Eocx8hy88xtgfyoE89MbMF0fAoth2h4df0PI8fbBdGwIXJt5ted-hjkIFf_TXw3Pe6I4_ZGeR3qe9HkZ_sz-dsjneSmkeB6eoZuWzcVtg87fW1C3wPCwtm8dRJWxcSxzN1FMyzDcKwCDF7CqEPzpGyWfQQcKIZBNxmmMAMcb6gDHNThByQzoLM_W-xbb1a3SYjqBHqR5Gst3iAN2gPiXU1m-1vXzlWWi7Yxnnop3WT5F2zTOYtE2ikRCo5WlWS64E5E6nGko4hKmSUS9jUQ0hdHMqbZLunX8NF9FIlpmcVKIl9HtxpIfOC7bwraDkof495_PPHNFAysGx2LyLYv9WXxQmDx2O-e6U9tcPs8n8lSlkHwqNukSkvBN1-d6L2AoeYHDqxrfY0u7c_ve2iwNJeu5kiVZyydTl3Vc6vqJWERq396zYAdfeLoMP2FWrHyGed5wwrMOwoL-eDM616440vW9b39lvTjJnD16xR5OYOivMf6UHas4puex_7uBOujVeeMYBrOsfBke16pKrnvcHswJ-F3_YL7JYAZOI8fMk_ymi4SOWEgI-Xwgl-dj1mYGT56gE8eohEDctK5frjxfo_Kf96uyNIlV2R9H0XQri5pu1ptIX3XlniRNl848W02dpNnKYkUVhU0XH5NNHUaNx1phE71mUVdJZW0l0Wy6MG1Em0nSiFYz-uuSmam6_2njmSZhw3st79eFlZ54rvg2usV8dbaW9Pm_TWYjZxRmj6Ufbn4EtOwDQuZLt4gbLsN8RYVcI1ssuWbKNY0wNW-7ynWGrlPBthzPaMlorL_GW4c-QRdx0Zl1PL5l8yzXLnFMJcdHM1xF2lvgWCa9cfubsz1dZan8HkcrF5JPo6IPg4X9Xm9Pgkrtynd1NJXXmskUr5M4k6xnqM60rpMZd_q-IPKZ51lVJyvq-O6JbV6d9P0mOXEkJw5FTtx6Dw7ZOHEx8nPiLmgo3hxHZxqlGiFMBumDpA-S_8EVkz5I5gfpwcENKA_sipKnOkwmQ93756dgs4OGZFQ3XBfbkylYDJnyPBvSc0jPIes5eUR6DpnPsRBbtvIdJjbi8tZ_Jd64Eul7pO-R-b0CP13I53tJgfy-d9DByvdOOdA7PIt0Q9INyb9hliCbGy7kd0OuZTAMh8F1lQfyvbo7WCBXVxXqnhs0mYMBM5h8UnQj_YqsX03kEt1y5PerAbyq8q0ODKH3Au96nIE4u_Vp72kMJtMydZQAzUd6EOlB5D-oCJENyixEfg8yvuL4gS2HUbp1aZS-7bFK04LA92zXLbEDQw1GJ8O27A58HIdxocm1bteB9eUFzOHf3Fo3A9svA2yLF9wJcMzbYXECxyM5L6SToOwkeThOEuPnyAWY5wnAOEkEWdbDgf2kdYzyH4btORIz7zxMVCtq1MVG6YyF7YPjkCpyxCJT5eJfmQqbB6cic-a5EhGnbCbUtsBpJLI3TpO4oLbyLUQsxPkKkyXahSG16e9aCZXpb5RRGwivgmq7qLYp1VaC_-t9lEnsfGVWxKlq3f-57hJdYHbsFTOfFOyBo1Blrhoif-OjSLKtE5LbGEdSi2LHz_I0TWSWydTWySajvBEN4-0L6A2Y-bPxz4ZpfTd3PwA1b2EpFstYvtz0-su92p6XeRqGcTar5XUmt7zOqhn2UnQqFc3cWrHWbsa1Z26dfDvnUqyl4yjJsziTqKqddDSmbOiW6Q2D61SxspabVsfVtDquNuErjLLPD9WoeuZ5WHUriofJ9TDVnnm4zvpZoXeuVXmuKdclVZcqq0Sum1UXK6tqoz2zSsIsrbo0rVRWo0W58aLrJ1EaLoWISRTWwfw_K2XxmnNV6904i8JhAd6VabzCIgrbJIa1p1Sdy9RTpk5l6riq48pBMSeUG2qerrYmVLD0OkW8YnGcKmbJaaSwWY1uq0Wg_DJDJ19FiqlxpTJcaaraHl_5JE2TFSqy2Pn6XWHWNPPvompmXqRtMcNuqnua7Bdx1byShJwluapkuqoZfo5soNkyZOeqSmykh7nTMM80pOZNr2aT7DJJpyP7dAXpdOSdTmQUjePpPE6pGlXbHpZRchnuONrBpwdMZrN5dtxmRSSR913T4wnKdyhyOik6AUA8BY9gAHRFAP0%3D&uniformat=true&callback=Ya%5B7091953517668%5D Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e2d5e476fadaa463b1d0a789d24025326ff6423732906ce8fbe656a02c1dd1b7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://telemetr.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} x-yandex-req-id 1679403831096490-17711966471865523504-sas2-0346-814-sas-l7-balancer-8080-BAL-2589 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" uniformat-product-type Direct x-xss-protection 1; mode=block pragma no-cache last-modified Tue, 21 Mar 2023 13:03:51 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT uniformat true report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} content-type application/json access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires Tue, 21 Mar 2023 13:03:51 GMT
GET H2	200	orig avatars.mds.yandex.net/get-vh/5518362/2a0000017ece96ecb7228f2c3ad629495fe4/	90 KB 91 KB	289ms 133ms	Image image/jpeg	2a02:6b8::184 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://avatars.mds.yandex.net/get-vh/5518362/2a0000017ece96ecb7228f2c3ad629495fe4/orig Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx / Resource Hash 29ad923f78b80fb2ba71a287edcbed5b310354a747615444c9c0b54e14f965b1 Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:51 GMT last-modified Sun, 06 Feb 2022 10:31:45 GMT server nginx nel {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01} report-to {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]} content-type image/jpeg cache-control max-age=86400,immutable timing-allow-origin * content-length 92609 x-request-id c69c60b37d074a46
GET H2	200	icon-192.png yastatic.net/s3/games-static/favicons/	24 KB 24 KB	103ms 54ms	Image image/png	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://yastatic.net/s3/games-static/favicons/icon-192.png Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:51 GMT strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 24134 last-modified Thu, 14 Apr 2022 12:22:42 GMT server nginx/1.17.9 etag "7819c957eaa80af5bf14f760d49b64a7" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=216013 x-nginx-request-id 6b0f730b7f21c42f accept-ranges bytes timing-allow-origin * expires Fri, 24 Mar 2023 01:03:30 GMT
GET H2	200	x450 avatars.mds.yandex.net/get-direct/5283206/Dj0wvEdSLZmy2LRp-sdDyg/	22 KB 22 KB	273ms 134ms	Image image/webp	2a02:6b8::184 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://avatars.mds.yandex.net/get-direct/5283206/Dj0wvEdSLZmy2LRp-sdDyg/x450 Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx / Resource Hash 961d65ef493469ff3c06009c02c2c6f73ae82f402d52310369112a2635e6dbbe Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:51 GMT last-modified Wed, 11 Aug 2021 14:15:16 GMT server nginx nel {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01} report-to {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]} content-type image/webp access-control-allow-origin * cache-control max-age=31536000,immutable access-control-allow-credentials true content-length 22154 x-request-id 531104cef6d9820f
GET H2	200	02cea12995d91bd47132.js Show response yastatic.net/partner-code-bundles/741854/	30 KB 9 KB	25ms 24ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/741854/02cea12995d91bd47132.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash f510c3344d910931eb3f61bd51b2680dc7855e1039772ebb0b6702e94d2ee85a Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://telemetr.me/ Origin https://telemetr.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:51 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 8822 last-modified Mon, 20 Mar 2023 17:31:39 GMT server nginx/1.17.9 etag "17dd05167dc7589b513e4e9916df6bd3" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Thu, 20 Mar 2053 19:36:01 GMT
GET H2	200	a43861a2d5505f0e2a09.js Show response yastatic.net/partner-code-bundles/741854/	22 KB 7 KB	26ms 25ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/741854/a43861a2d5505f0e2a09.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 04d42027606b569960d15c7bf1e17667b36ca4d1fa6dab7daf582eccb7d19cce Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://telemetr.me/ Origin https://telemetr.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:51 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 6693 last-modified Mon, 20 Mar 2023 17:31:39 GMT server nginx/1.17.9 etag "e4cb5df9c43023e4999a6b04681bb16a" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Thu, 20 Mar 2053 19:36:10 GMT
GET H2	200	8d1a43fc1f1deb2d16bd.js Show response yastatic.net/partner-code-bundles/741854/	9 KB 3 KB	26ms 26ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/741854/8d1a43fc1f1deb2d16bd.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash df1147d1df50cd0297a536d1edf00deafb9ec4c7359a8df6b23b15cdabfa91a7 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://telemetr.me/ Origin https://telemetr.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:51 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 2944 last-modified Mon, 20 Mar 2023 17:31:39 GMT server nginx/1.17.9 etag "9736245e2e46c82546d44e469ec92396" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Thu, 20 Mar 2053 19:36:10 GMT
GET H2	200	0de8af411de98494daaa.js Show response yastatic.net/partner-code-bundles/741854/	23 KB 7 KB	27ms 27ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/741854/0de8af411de98494daaa.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 9de2708469fb218fb9125c9562dbf77ce1c0b7f6495a15065f2a8ed6a3579554 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://telemetr.me/ Origin https://telemetr.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:51 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 6687 last-modified Mon, 20 Mar 2023 17:31:39 GMT server nginx/1.17.9 etag "3b2d8d2febfe3513665be308bedae7bb" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Thu, 20 Mar 2053 19:36:15 GMT
GET H2	200	render.html Show response yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 4CDA	24 KB 7 KB	56ms 26ms	Document text/html	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html Requested by Host: yastatic.net URL: https://yastatic.net/safeframe-bundles/0.83/host.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://telemetr.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * cache-control public, max-age=946708560 content-encoding br content-length 6262 content-type text/html date Tue, 21 Mar 2023 13:03:51 GMT etag "eb77de48712912aadc9aa8171ac75ede" expires Thu, 20 Mar 2053 19:37:50 GMT last-modified Wed, 03 Nov 2021 13:42:58 GMT nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} server nginx/1.17.9 strict-transport-security max-age=43200000; includeSubDomains; timing-allow-origin * vary Accept-Encoding x-robots-tag noindex, noarchive, nofollow
GET H2	200	loader.bundle.js Show response yastatic.net/vas-bundles/741838/bundles-es2017/	681 KB 172 KB	25ms 25ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/vas-bundles/741838/bundles-es2017/loader.bundle.js Requested by Host: yastatic.net URL: https://yastatic.net/partner-code-bundles/741854/02cea12995d91bd47132.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 78ddbd7118f4c4917fb2aa95286343a26d4a865dc2102834b1399cf1d7b62f50 Security Headers Name Value Strict-Transport-Security max-age=946708560; includeSubDomains; Request headers Referer https://telemetr.me/ Origin https://telemetr.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:51 GMT content-encoding br strict-transport-security max-age=946708560; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 175598 last-modified Mon, 20 Mar 2023 17:04:27 GMT server nginx/1.17.9 etag "8dc5ba4fd62a45ebda84d5cf008d1d11" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Thu, 20 Mar 2053 19:37:15 GMT
GET H/1.1	200 Ok	d.png ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 4CDA	95 B 400 B	266ms 72ms	Image image/png	2a02:6b8::5:114 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.14.2 / Resource Hash 18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Tue, 21 Mar 2023 13:03:51 GMT Strict-Transport-Security max-age=315360000; includeSubDomains Server nginx/1.14.2 X-RT-IH 0.0002 Content-Type image/png Cache-Control private Connection close X-RT-IQ 0.0001 Content-Length 95 Expires Wed, 22 Mar 2023 13:03:51 GMT
GET H2	200	c5d2fc2a40172ce8003242 an.yandex.ru/mapuid/arcspireis/ Frame 4CDA Redirect Chain https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389 https://an.yandex.ru/mapuid/arcspireis/c5d2fc2a40172ce8003242	43 B 80 B	154ms 76ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/arcspireis/c5d2fc2a40172ce8003242 Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:51 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT Redirect headers location https://an.yandex.ru/mapuid/arcspireis/c5d2fc2a40172ce8003242 date Tue, 21 Mar 2023 13:03:51 GMT x-envoy-upstream-service-time 0 server envoy content-length 0
GET H2	200	0100007F37AB1964DB0F533702F2AE4D an.yandex.ru/mapuid/sapeis/ Frame 4CDA Redirect Chain https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1 https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14 https://acint.net/rmatch?dp=14&euid=3E03420A37AB19643200487E027E8503&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D https://an.yandex.ru/mapuid/sapeis/0100007F37AB1964DB0F533702F2AE4D	43 B 80 B	72ms 72ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/sapeis/0100007F37AB1964DB0F533702F2AE4D Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:51 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT Redirect headers date Tue, 21 Mar 2023 13:03:51 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" location https://an.yandex.ru/mapuid/sapeis/0100007F37AB1964DB0F533702F2AE4D content-type text/html cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 154 expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	54490527-036a-5350-8422-88ece03b23db an.yandex.ru/mapuid/betweendigitalis/ Frame 4CDA Redirect Chain https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1 https://an.yandex.ru/mapuid/betweendigitalis/54490527-036a-5350-8422-88ece03b23db	43 B 80 B	72ms 71ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/betweendigitalis/54490527-036a-5350-8422-88ece03b23db Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:51 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT Redirect headers location https://an.yandex.ru/mapuid/betweendigitalis/54490527-036a-5350-8422-88ece03b23db cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0
GET H/1.1	200 OK	demconf.jpg dpm.demdex.net/ Frame 4CDA Redirect Chain https://yandex.ru/an/mapuid/adobedmp/ https://dpm.demdex.net/ibs:dpid=423652&dpuuid=537366DDEBCB7C4D https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=537366DDEBCB7C4D	42 B 942 B	43ms 43ms	Image image/gif	52.210.192.50 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=537366DDEBCB7C4D Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol HTTP/1.1 Server 52.210.192.50 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-210-192-50.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v046-0387bcfab.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID H58ZAmJ0TWQ= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers DCS dcs-prod-irl1-1-v046-0674a406d.edge-irl1.demdex.com 0 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID cJY5iuL1QzI= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=537366DDEBCB7C4D Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	match match.360yield.com/ Frame 4CDA Redirect Chain https://yandex.ru/an/mapuid/azerionis/ https://match.360yield.com/match?external_user_id=3B731D4665E030C2&publisher_dsp_id=429&publisher_call_type=redirect	43 B 198 B	70ms 43ms	Image image/gif	52.16.200.203 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.360yield.com/match?external_user_id=3B731D4665E030C2&publisher_dsp_id=429&publisher_call_type=redirect Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Server 52.16.200.203 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-16-200-203.eu-west-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers access-control-allow-origin * date Tue, 21 Mar 2023 13:03:51 GMT content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Redirect headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} last-modified Tue, 21 Mar 2023 13:03:51 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT x-yandex-req-id 1679403831247432-5263634516362213954-sas2-0346-814-sas-l7-balancer-8080-BAL report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://match.360yield.com/match?external_user_id=3B731D4665E030C2&publisher_dsp_id=429&publisher_call_type=redirect cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT
GET H2	200	/ yandex.ru/an/mapuid/behaviorx/ Frame 4CDA	0 0	87ms 77ms	Image text/html	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://yandex.ru/an/mapuid/behaviorx/ Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers
GET H2	200	match ads.betweendigital.com/ Frame 4CDA Redirect Chain https://yandex.ru/an/mapuid/betweenx/ https://ads.betweendigital.com/match?bidder_id=161&external_user_id=7B985694C2C4D2FB https://ads.betweendigital.com/match?bidder_id=161&external_user_id=7B985694C2C4D2FB&crf=1	68 B 607 B	106ms 105ms	Image image/png	96.46.186.57 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://ads.betweendigital.com/match?bidder_id=161&external_user_id=7B985694C2C4D2FB&crf=1 Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Server 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers cache-control no-cache, no-store, max-age=0, must-revalidate content-length 68 content-type image/png Redirect headers location /match?bidder_id=161&external_user_id=7B985694C2C4D2FB&crf=1 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0
GET H/1.1	204 No Content	pixel im.bluevoox.com/ Frame 4CDA Redirect Chain https://yandex.ru/an/mapuid/blueseaxcom/ https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=C375EA7B14E2B04B	0 241 B	334ms 103ms	Image text/plain	52.45.175.185 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=C375EA7B14E2B04B Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol HTTP/1.1 Server 52.45.175.185 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-45-175-185.compute-1.amazonaws.com Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Connection close Date Tue, 21 Mar 2023 13:03:51 GMT Server openresty Redirect headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} last-modified Tue, 21 Mar 2023 13:03:51 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT x-yandex-req-id 1679403831248400-12282821022537886079-sas2-0346-814-sas-l7-balancer-8080-BAL report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=C375EA7B14E2B04B cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT
GET H2	200	/ yandex.ru/an/mapuid/eplanningrtb/ Frame 4CDA	0 0	88ms 78ms	Image text/html	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://yandex.ru/an/mapuid/eplanningrtb/ Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers
GET H2	200	pixel cm.g.doubleclick.net/ Frame 4CDA Redirect Chain https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=A84481E209B42BD9&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif	170 B 409 B	204ms 68ms	Image image/png	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=A84481E209B42BD9&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} last-modified Tue, 21 Mar 2023 13:03:51 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT x-yandex-req-id 1679403831249027-6906060708263700498-sas2-0346-814-sas-l7-balancer-8080-BAL report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=A84481E209B42BD9&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 4CDA Redirect Chain https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=A84481E209B42BD9&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif	170 B 232 B	206ms 69ms	Image image/png	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=A84481E209B42BD9&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} last-modified Tue, 21 Mar 2023 13:03:51 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT x-yandex-req-id 1679403831249335-8184687944937660369-sas2-0346-814-sas-l7-balancer-8080-BAL report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=A84481E209B42BD9&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 4CDA Redirect Chain https://yandex.ru/an/mapuid/google/?partner-tag=yandexru https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=A84481E209B42BD9&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif	170 B 232 B	206ms 68ms	Image image/png	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=A84481E209B42BD9&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} last-modified Tue, 21 Mar 2023 13:03:51 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT x-yandex-req-id 1679403831249625-15519723999278483452-sas2-0346-814-sas-l7-balancer-8080-BAL report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=A84481E209B42BD9&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT
GET H2	200	sync t.adx.opera.com/ Frame 4CDA Redirect Chain https://yandex.ru/an/mapuid/operacom/ https://t.adx.opera.com/sync?vendor=60143&uid=598DA3D1827E5D74	35 B 466 B	122ms 29ms	Image image/gif	82.145.213.8 NO-OPERA
General Check archive.org Show headers Download Go to Show image Full URL https://t.adx.opera.com/sync?vendor=60143&uid=598DA3D1827E5D74 Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Server 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO), Reverse DNS n-sysadmin-jumpbox-03.feednews.opera.technology Software Tengine / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT server Tengine access-control-allow-methods POST, GET content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} last-modified Tue, 21 Mar 2023 13:03:51 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT x-yandex-req-id 1679403831249903-11628692895894071086-sas2-0346-814-sas-l7-balancer-8080-BAL report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://t.adx.opera.com/sync?vendor=60143&uid=598DA3D1827E5D74 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT
GET H2	200	/ yandex.ru/an/mapuid/xapadsssp/ Frame 4CDA	43 B 159 B	87ms 78ms	Image image/gif	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://yandex.ru/an/mapuid/xapadsssp/ Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} last-modified Tue, 21 Mar 2023 13:03:51 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT x-yandex-req-id 1679403831250181-10238215815830438746-sas2-0346-814-sas-l7-balancer-8080-BAL report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT
GET H2	200	6995ff64d2272d0512662b4fc666997e6b0b8dfa998dde94ca95ae95356de4e5 an.yandex.ru/mapuid/mediascope/ Frame 4CDA Redirect Chain https://cm.tns-counter.ru/yacm https://an.yandex.ru/mapuid/mediascope/6995ff64d2272d0512662b4fc666997e6b0b8dfa998dde94ca95ae95356de4e5	43 B 108 B	88ms 74ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/mediascope/6995ff64d2272d0512662b4fc666997e6b0b8dfa998dde94ca95ae95356de4e5 Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:51 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT Redirect headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT server ms-counter-4.0.4/1.22.1 content-type text/html location https://an.yandex.ru/mapuid/mediascope/6995ff64d2272d0512662b4fc666997e6b0b8dfa998dde94ca95ae95356de4e5 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate timing-allow-origin * content-length 0 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	204	match dm.hybrid.ai/ Frame 4CDA	0 278 B	220ms 70ms	Image text/plain	37.18.16.22 HYBRID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dm.hybrid.ai/match?id=182 Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, DE), Reverse DNS Software Hybrid Web Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT server Hybrid Web Server p3p CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC" access-control-allow-origin https://yastatic.net cache-control no-cache, no-store access-control-allow-credentials true x-mode 103 x-xss-protection 1; mode=block expires -1
GET H2	204	yandexdmp-match dm.hybrid.ai/ Frame 4CDA	0 238 B	219ms 69ms	Image text/plain	37.18.16.22 HYBRID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dm.hybrid.ai/yandexdmp-match Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, DE), Reverse DNS Software Hybrid Web Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT server Hybrid Web Server p3p CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC" access-control-allow-origin * cache-control no-cache, no-store x-mode 104 x-xss-protection 1; mode=block expires -1
GET H2	200	R6OMWkWNklC3zDZ73sN. an.yandex.ru/mapuid/dmpamberdata/ Frame 4CDA Redirect Chain https://dmg.digitaltarget.ru/1/119/i/i?i=1679403830 https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1679403831403&i=1679403830 https://an.yandex.ru/mapuid/dmpamberdata/R6OMWkWNklC3zDZ73sN.	43 B 80 B	72ms 72ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/dmpamberdata/R6OMWkWNklC3zDZ73sN. Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:51 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT Redirect headers Date Tue, 21 Mar 2023 13:03:51 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin X-Content-Type-Options nosniff Server nginx X-Permitted-Cross-Domain-Policies master-only Request-Time 42 X-Frame-Options DENY Access-Control-Allow-Methods GET, POST, OPTIONS Location https://an.yandex.ru/mapuid/dmpamberdata/R6OMWkWNklC3zDZ73sN. Access-Control-Max-Age 86400 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 X-XSS-Protection 1; mode=block
GET H2	200	match match.360yield.com/ Frame 4CDA Redirect Chain https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID} https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D https://an.yandex.ru/mapuid/azerionis/a3b7f13b-d923-440a-b204-3458e4087efe https://match.360yield.com/match?external_user_id=a3b7f13b-d923-440a-b204-3458e4087efe&publisher_dsp_id=429&publisher_call_type=redirect	43 B 198 B	44ms 43ms	Image image/gif	52.16.200.203 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.360yield.com/match?external_user_id=a3b7f13b-d923-440a-b204-3458e4087efe&publisher_dsp_id=429&publisher_call_type=redirect Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Server 52.16.200.203 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-16-200-203.eu-west-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers access-control-allow-origin * date Tue, 21 Mar 2023 13:03:51 GMT content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Redirect headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:51 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://match.360yield.com/match?external_user_id=a3b7f13b-d923-440a-b204-3458e4087efe&publisher_dsp_id=429&publisher_call_type=redirect cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT
GET H2	200	3205f733-85ca-4e09-4ccf-64c14460479b an.yandex.ru/mapuid/buzzooladspis/ Frame 4CDA Redirect Chain https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D https://an.yandex.ru/mapuid/buzzooladspis/3205f733-85ca-4e09-4ccf-64c14460479b	43 B 80 B	182ms 142ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/buzzooladspis/3205f733-85ca-4e09-4ccf-64c14460479b Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:51 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT Redirect headers location https://an.yandex.ru/mapuid/buzzooladspis/3205f733-85ca-4e09-4ccf-64c14460479b date Tue, 21 Mar 2023 13:03:51 GMT server nginx content-length 113 serverid TODO content-type text/html; charset=utf-8
GET H2	200	ZBmrN__DT9E an.yandex.ru/mapuid/soltadspis/ Frame 4CDA Redirect Chain https://kimberlite.io/rtb/sync/yandex https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbuzzoola%3Fu%3D%24%7BUUID%7D%26f%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsoltadsp... https://kimberlite.io/rtb/sync/buzzoola?u=f82bfb96-db06-4f5a-46cf-aebee9121614&f=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FZBmrN__DT9E&n=1 https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZBmrN__DT9E https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZBmrN__DT9E https://tech.rtb.mts.ru/?dsp_uid=eac3f2fa-f292-441b-ac63-b3042d119efe&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%... https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D https://sm.rtb.mts.ru/em?next=59&em=1&ssp=konnektu&id= https://kimberlite.io/rtb/sync/mts?u=eac3f2fa-f292-441b-ac63-b3042d119efe https://an.yandex.ru/mapuid/soltadspis/ZBmrN__DT9E	43 B 80 B	72ms 72ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/soltadspis/ZBmrN__DT9E Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:52 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:52 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:52 GMT Redirect headers Date Tue, 21 Mar 2023 13:03:52 GMT referrer-policy no-referrer Server nginx access-control-allow-origin * location https://an.yandex.ru/mapuid/soltadspis/ZBmrN__DT9E cache-control no-store access-control-allow-credentials true Connection keep-alive server-timing app;srv=2;dur=0.0004 Content-Length 0
GET H2	200	/ an.yandex.ru/mapuid/targetrtbis/ Frame 4CDA Redirect Chain https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 https://an.yandex.ru/mapuid/targetrtbis/	43 B 80 B	71ms 71ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/targetrtbis/ Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:51 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT Redirect headers Date Tue, 21 Mar 2023 13:03:51 GMT Server nginx/1.22.1 Vary Origin Access-Control-Allow-Origin * Location https://an.yandex.ru/mapuid/targetrtbis/ Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0
GET		pixel mitdmp.whiteboxdigital.ru/ Frame 4CDA	0 0
GET H2	200	248c8f67-85ca-4cd9-ad44-63b447563570 an.yandex.ru/mapuid/hyperdspis/ Frame 4CDA Redirect Chain https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/ https://an.yandex.ru/mapuid/hyperdspis/248c8f67-85ca-4cd9-ad44-63b447563570	43 B 80 B	72ms 71ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/hyperdspis/248c8f67-85ca-4cd9-ad44-63b447563570 Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:52 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:52 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:52 GMT Redirect headers Location https://an.yandex.ru/mapuid/hyperdspis/248c8f67-85ca-4cd9-ad44-63b447563570 Access-Control-Allow-Origin * Date Tue, 21 Mar 2023 13:03:52 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Content-Length 0
GET H2	200	/ an.yandex.ru/mapuid/ramblerssp/ Frame 4CDA Redirect Chain https://profile.ssp.rambler.ru/sync3.302?pid=188 https://an.yandex.ru/mapuid/ramblerssp/	43 B 80 B	72ms 72ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/ramblerssp/ Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:51 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT Redirect headers date Tue, 21 Mar 2023 13:03:51 GMT strict-transport-security max-age=0 server nginx p3p policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" location //an.yandex.ru/mapuid/ramblerssp/ content-type application/x-javascript; charset=Windows-1251 x-passed 2bal1 content-length 0
GET H2	200	uPSGIZVSyB8n.AikABlGHBETR_Q an.yandex.ru/mapuid/getintentis/ Frame 4CDA Redirect Chain https://px.adhigh.net/p/cm/yandexssp https://px.adhigh.net/p/cm/yandexssp?bounced=1 https://an.yandex.ru/mapuid/getintentis/uPSGIZVSyB8n.AikABlGHBETR_Q	43 B 80 B	73ms 72ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/getintentis/uPSGIZVSyB8n.AikABlGHBETR_Q Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:51 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT Redirect headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT server nginx x-backend-id f8-ru p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin * location https://an.yandex.ru/mapuid/getintentis/uPSGIZVSyB8n.AikABlGHBETR_Q cache-control no-cache, no-store access-control-allow-credentials true content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	4PhZxm0Rdk111zXT6t2OZe an.yandex.ru/mapuid/dmpweborama/ Frame 4CDA Redirect Chain https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=757632399 https://an.yandex.ru/mapuid/dmpweborama/4PhZxm0Rdk111zXT6t2OZe	43 B 80 B	77ms 76ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/dmpweborama/4PhZxm0Rdk111zXT6t2OZe Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:51 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT Redirect headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT via 1.1 google last-modified Tue, 21 Mar 2023 13:03:51 GMT server Weborama Collect Frontend vary Origin p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" location https://an.yandex.ru/mapuid/dmpweborama/4PhZxm0Rdk111zXT6t2OZe access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Tue, 03 Jul 2001 06:00:00 GMT
GET H2	200	y rtb-eu-warsaw.intent.ai/um/ Frame 4CDA	68 B 832 B	135ms 65ms	Image image/png	2606:4700:20::ac43:48bf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rtb-eu-warsaw.intent.ai/um/y Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:48bf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:51 GMT strict-transport-security max-age=15724800; includeSubDomains cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 68 pragma no-cache last-modified Tue, 21 Mar 2023 13:03:51 GMT server cloudflare access-control-max-age 1728000 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS content-type image/png access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvgUlwj0sbnTXadoFwiyV81blotcLsMmKnhg34tuOrmaAjvwPBZEUohEwYJl8G62YA9BsFMzmdui8LAh5%2BPofsPpUIkGvDPNcVoWejxhpl3Se4u5Ysxnz8PVSLlesH4NaW3gku1KnjFTBxFPCkE8oWxi4ECw"}],"group":"cf-nel","max_age":604800} cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 access-control-allow-credentials true cf-ray 7ab665bc5cddb8df-AMS access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization expires Wed, 11 Nov 1998 11:11:11 GMT
GET H2	200	wKfDpFUicde26tdWkh0t an.yandex.ru/mapuid/kadamis/ Frame 4CDA Redirect Chain https://s.uuidksinc.net/match/501 https://an.yandex.ru/mapuid/kadamis/wKfDpFUicde26tdWkh0t	43 B 80 B	74ms 73ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/kadamis/wKfDpFUicde26tdWkh0t Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:51 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT Redirect headers location https://an.yandex.ru/mapuid/kadamis/wKfDpFUicde26tdWkh0t date Tue, 21 Mar 2023 13:03:51 GMT server nginx/1.19.0 content-length 0
GET H2	200	eac3f2fa-f292-441b-ac63-b3042d119efe an.yandex.ru/mapuid/mtsdspis/ Frame 4CDA Redirect Chain https://sm.rtb.mts.ru/p?ssp=yandex&id=map https://sm.rtb.mts.ru/match/second?ssp=55&exu=map https://tech.rtb.mts.ru/?dsp_uid=eac3f2fa-f292-441b-ac63-b3042d119efe&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Feac3f2fa-f292-441b-ac63-b3042d119efe https://an.yandex.ru/mapuid/mtsdspis/eac3f2fa-f292-441b-ac63-b3042d119efe	43 B 80 B	73ms 72ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/mtsdspis/eac3f2fa-f292-441b-ac63-b3042d119efe Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:52 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:52 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:52 GMT Redirect headers Date Tue, 21 Mar 2023 13:03:52 GMT Server nginx/1.20.2 Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type text/html; charset=utf-8 Location https://an.yandex.ru/mapuid/mtsdspis/eac3f2fa-f292-441b-ac63-b3042d119efe Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
GET		scr.php sonar.semantiqo.com/dmp/ Frame 4CDA	0 0
GET H/1.1	200 OK	sync.cgi ssp.adriver.ru/cgi-bin/ Frame 4CDA	42 B 201 B	446ms 80ms	Image image/gif	81.222.128.213 ELTEL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109 Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU), Reverse DNS ad13.adriver.ru Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Tue, 21 Mar 2023 13:03:52 GMT Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type image/gif
GET H/1.1	200 OK	sync.cgi ssp.adriver.ru/cgi-bin/ Frame 4CDA	42 B 201 B	487ms 92ms	Image image/gif	81.222.128.213 ELTEL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19 Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU), Reverse DNS ad13.adriver.ru Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Tue, 21 Mar 2023 13:03:52 GMT Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type image/gif
GET H2	200	pixel.gif sync.1dmp.io/ Frame 4CDA	12 B 155 B	264ms 66ms	Image text/html	87.242.89.90 SBERCLOUD-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 87.242.89.90 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU), Reverse DNS Software elb / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:52 GMT last-modified Mon, 30 Jan 2023 18:57:34 GMT server elb accept-ranges bytes etag "63d8131e-c" content-length 12 content-type text/html
GET H/1.1	200 OK	/ sync.bumlam.com/ Frame 4CDA	43 B 390 B	138ms 32ms	Image image/gif	31.172.81.160 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Show image Full URL https://sync.bumlam.com/?src=yandex Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/gif Date Tue, 21 Mar 2023 13:03:51 GMT Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0 Server nginx Connection keep-alive Content-Length 43 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H2	204	yandexortb sync.dmp.otm-r.com/match/ Frame 4CDA	0 69 B	167ms 44ms	Image text/plain	195.201.152.105 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.dmp.otm-r.com/match/yandexortb Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.201.152.105 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.105.152.201.195.clients.your-server.de Software nginx/1.17.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers access-control-allow-origin * date Tue, 21 Mar 2023 13:03:52 GMT server nginx/1.17.6
GET H2	200	NjcyMmEwMWYyN2UyNDU2ZQ an.yandex.ru/mapuid/gonetisnew/ Frame 4CDA Redirect Chain https://sync.gonet-ads.com/match/yandex?id=[buyerUid] https://sync.gonet-ads.com/match/yandex?id=%5BbuyerUid%5D&chk=1 https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ	43 B 152 B	72ms 72ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:52 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:52 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:52 GMT Redirect headers date Tue, 21 Mar 2023 13:03:52 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff server nginx x-frame-options SAMEORIGIN location https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ content-length 0 x-xss-protection 1; mode=block
GET H2	200	ece9d096-c970-42a6-b695-17923cb1a0df an.yandex.ru/mapuid/upravelis/ Frame 4CDA Redirect Chain https://sync.upravel.com/yandex/sync https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ https://an.yandex.ru/mapuid/upravelis/ece9d096-c970-42a6-b695-17923cb1a0df	43 B 80 B	72ms 71ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/upravelis/ece9d096-c970-42a6-b695-17923cb1a0df Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:52 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:52 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:52 GMT Redirect headers date Tue, 21 Mar 2023 13:03:52 GMT server nginx access-control-allow-methods GET, POST, OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://an.yandex.ru/mapuid/upravelis/ece9d096-c970-42a6-b695-17923cb1a0df access-control-allow-origin * content-type image/png access-control-expose-headers Content-Length,Content-Range access-control-allow-credentials false access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range content-length 0
GET H2	200	I56cv%2F5Nrq1jfF2TzeeRZw an.yandex.ru/mapuid/dmpaidatame/ Frame 4CDA Redirect Chain https://x01.aidata.io/0.gif?pid=YANDEX https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 https://an.yandex.ru/mapuid/dmpaidatame/I56cv%2F5Nrq1jfF2TzeeRZw?sign=1573044936	43 B 80 B	73ms 72ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/dmpaidatame/I56cv%2F5Nrq1jfF2TzeeRZw?sign=1573044936 Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:52 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:52 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:52 GMT Redirect headers pragma no-cache date Tue, 21 Mar 2023 13:03:52 GMT last-modified Tue, 21 Mar 2023 13:03:51 GMT server nginx access-control-allow-methods GET, POST p3p CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA' location https://an.yandex.ru/mapuid/dmpaidatame/I56cv%2F5Nrq1jfF2TzeeRZw?sign=1573044936 cache-control no-cache, no-store, must-revalidate, post-check=0, pre-check=0 content-length 0 expires Tue, 21 Mar 2023 13:03:51 GMT
GET H2	200	2b-4AWBNfr8J an.yandex.ru/mapuid/dmpsegmento/ Frame 4CDA Redirect Chain https://yandex-dmp-sync.rutarget.ru/sync https://an.yandex.ru/mapuid/dmpsegmento/2b-4AWBNfr8J?sign=4026941075	43 B 80 B	73ms 73ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/dmpsegmento/2b-4AWBNfr8J?sign=4026941075 Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:52 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:52 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:52 GMT Redirect headers Location https://an.yandex.ru/mapuid/dmpsegmento/2b-4AWBNfr8J?sign=4026941075 Date Tue, 21 Mar 2023 13:03:52 GMT Server nginx Connection close Content-Length 0 P3P CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
GET H2	200	zTsYjGI9-J5H an.yandex.ru/mapuid/rutargetis/ Frame 4CDA Redirect Chain https://yandex-sync.rutarget.ru/sync https://an.yandex.ru/mapuid/rutargetis/zTsYjGI9-J5H	43 B 80 B	74ms 74ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/rutargetis/zTsYjGI9-J5H Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:52 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:52 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:52 GMT Redirect headers Location https://an.yandex.ru/mapuid/rutargetis/zTsYjGI9-J5H Date Tue, 21 Mar 2023 13:03:52 GMT Server nginx Connection close Content-Length 0 P3P CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
POST H2	200	1 Show response mc.yandex.ru/watch/46317153/	43 B 74 B	68ms 67ms	XHR image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/46317153/1?page-url=https%3A%2F%2Ftelemetr.me%2Fcontent%2Fcybersquattingchannel&charset=utf-8&hittoken=1679403831_528ca60428d47ba235fa6fe397828c3efa9eca45f7855e62458a0387a21f7b85&browser-info=pa%3A1%3Aar%3A1%3Avf%3A1l80sle48p8z49iczwckpz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A1%3Adp%3A1%3Als%3A1436415901661%3Ahid%3A1009615206%3Az%3A0%3Ai%3A20230321130351%3Aet%3A1679403831%3Ac%3A1%3Arn%3A255363306%3Arqn%3A2%3Au%3A1679403831520710299%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1679403829009%3Aadb%3A2%3Ast%3A1679403831&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(2)lt(27300)aw(1)ti(2) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://telemetr.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT strict-transport-security max-age=31536000 last-modified Tue, 21-Mar-2023 13:03:51 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type image/gif access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Tue, 21-Mar-2023 13:03:51 GMT
POST H2	200	1 Show response mc.yandex.ru/watch/1264547/	43 B 74 B	71ms 70ms	XHR image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/1264547/1?page-url=https%3A%2F%2Ftelemetr.me%2Fcontent%2Fcybersquattingchannel&charset=utf-8&cnt-class=1&hittoken=1679403831_5ac7a9f6b1c331625916babeb82d267fab91822df58f8d6597421a7416d41e5b&browser-info=pa%3A1%3Aar%3A1%3Avf%3A1l80sle48p8z49iczwckpz%3Afp%3A1530%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A2%3Adp%3A1%3Als%3A953576563562%3Ahid%3A1009615206%3Az%3A0%3Ai%3A20230321130351%3Aet%3A1679403831%3Ac%3A1%3Arn%3A436008558%3Arqn%3A1%3Au%3A1679403831520710299%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A23%2C55%2C1110%2C3%2C%2C0%2C%2C320%2C0%2C%2C%2C%2C1552%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1679403829009%3Aadb%3A2%3Ast%3A1679403831&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(1)lt(27300)aw(1)ti(2) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://telemetr.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT strict-transport-security max-age=31536000 last-modified Tue, 21-Mar-2023 13:03:51 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type image/gif access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Tue, 21-Mar-2023 13:03:51 GMT
GET H2	200	1264547 Show response mc.yandex.ru/watch/	43 B 74 B	72ms 72ms	XHR image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/1264547?page-url=https%3A%2F%2Ftelemetr.me%2Fcontent%2Fcybersquattingchannel&charset=utf-8&cnt-class=1&hittoken=1679403831_5ac7a9f6b1c331625916babeb82d267fab91822df58f8d6597421a7416d41e5b&browser-info=pv%3A1%3Aar%3A1%3Avf%3A1l80sle48p8z49iczwckpz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A2%3Adp%3A1%3Als%3A953576563562%3Ahid%3A1009615206%3Az%3A0%3Ai%3A20230321130351%3Aet%3A1679403831%3Ac%3A1%3Arn%3A905741800%3Arqn%3A2%3Au%3A1679403831520710299%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1679403829009%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1679403831%3At%3A%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20CyberSquatting%20RU%20Alerts%20-%20cybersquattingchannel&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(2)lt(27300)aw(1)ti(2) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT strict-transport-security max-age=31536000 last-modified Tue, 21-Mar-2023 13:03:51 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type image/gif access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Tue, 21-Mar-2023 13:03:51 GMT
POST H2	200	39370120 mc.yandex.ru/watch/	43 B 74 B	76ms 75ms	Ping image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/39370120?vsid=d2148ddabcc4aab98c2dba22f2f12a1db2314d46852fxVASx1854x1679403830 Requested by Host: yastatic.net URL: https://yastatic.net/vas-bundles/741838/bundles-es2017/loader.bundle.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT strict-transport-security max-age=31536000 last-modified Tue, 21-Mar-2023 13:03:51 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type image/gif access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Tue, 21-Mar-2023 13:03:51 GMT
GET H2	200	1L-ztb6_0Hm200000000U9nJDDCsyEnTwvrZg7DiJjlRO-p2bcQh9LCOWC0J9XBgVS6a97Qnjp13AYDGF5Fdc4i5IBoK5SYhBGCIhOmWiXCa2mHC33CPJnP0s0iPYqGXh9MCzzWXhBsChkaI34V1_BECp42HgumWhNSP6MGO6Fuopc9YO9ZB119PogG3fDOoHG15p... Show response yandex.ru/an/rtbcount/	43 B 424 B	78ms 77ms	XHR image/gif	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/an/rtbcount/1L-ztb6_0Hm200000000U9nJDDCsyEnTwvrZg7DiJjlRO-p2bcQh9LCOWC0J9XBgVS6a97Qnjp13AYDGF5Fdc4i5IBoK5SYhBGCIhOmWiXCa2mHC33CPJnP0s0iPYqGXh9MCzzWXhBsChkaI34V1_BECp42HgumWhNSP6MGO6Fuopc9YO9ZB119PogG3fDOoHG15pZBz1u9NJ0BrTcwCEiSO60pt75cJyPsLuIyJ2yW9p23Nz38h0icfp23DSvcPGDO2IGMGhImRcTVuhdBhrxHGESaCy_LLiCgxOF8diuCJFyJHB3Dlh0QpLh2SVCYuWUK_333kG68VG6BVP87uxOFzGvQR0XUTJrLVjt_B0lBX0bREawppJRd1qXTO6ngQM6wocYcNg_ZPBq_woWhItS7Mm3A1RTkr0oUlR7ozD6S6svN3mGlOZYrzUcF7unsFjpAkP8CPUO3DumGRyoCsNlTaIoilYwgYuCBYTFENR33BVy9P4zdvGuzUsHFrrduMEvkvYQ65gSa2TiOLx8mRs9iQ6dXsiFESO1T_m7xyuFQzBv-SU9FtWvrd0GVGioiuFcbjuBZ7luE34G2xLhSQ Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://telemetr.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} x-yandex-req-id 1679403831390645-15016310860513010568-sas2-0346-814-sas-l7-balancer-8080-BAL p3p CP="NOI DEVa TAIa OUR BUS UNI STA" x-xss-protection 1; mode=block pragma no-cache last-modified Tue, 21 Mar 2023 13:03:51 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} content-type image/gif access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires Tue, 21 Mar 2023 13:03:51 GMT
POST H2	200	event_confirmation Show response an.yandex.ru/	0 392 B	92ms 73ms	XHR text/plain	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/event_confirmation Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://telemetr.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:51 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT
OPTIONS H2	200	event_confirmation an.yandex.ru/ Frame	0 0	70ms 70ms	Preflight	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/event_confirmation Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://telemetr.me Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://telemetr.me access-control-max-age 1728000 content-encoding gzip date Tue, 21 Mar 2023 13:03:51 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 timing-allow-origin * x-xss-protection 1; mode=block
OPTIONS H2	200	event_confirmation an.yandex.ru/ Frame	0 0	70ms 70ms	Preflight	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/event_confirmation Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://telemetr.me Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://telemetr.me access-control-max-age 1728000 content-encoding gzip date Tue, 21 Mar 2023 13:03:51 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 timing-allow-origin * x-xss-protection 1; mode=block
POST H2	200	event_confirmation Show response an.yandex.ru/	0 51 B	80ms 76ms	XHR text/plain	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/event_confirmation Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://telemetr.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:51 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT
GET H2	200	wy300 avatars.mds.yandex.net/get-direct/5076421/FwcLlv0XPRlU0SFBBoatCA/	34 KB 34 KB	119ms 118ms	Image image/webp	2a02:6b8::184 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://avatars.mds.yandex.net/get-direct/5076421/FwcLlv0XPRlU0SFBBoatCA/wy300 Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx / Resource Hash 8ca80cf1a146b9cea5f9746c31b1dbacc3e2ca5c3f867c4b3b2659ee83aca084 Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:51 GMT last-modified Wed, 22 Feb 2023 16:52:02 GMT server nginx nel {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01} report-to {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]} content-type image/webp access-control-allow-origin * cache-control max-age=31536000,immutable access-control-allow-credentials true content-length 34586 x-request-id ee84252c0113d1e3
GET H/1.1	200 Ok	ritz-carlton-keturah-resort.com favicon.yandex.net/favicon/	1 KB 2 KB	238ms 72ms	Image image/png	2a02:6b8::36 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://favicon.yandex.net/favicon/ritz-carlton-keturah-resort.com?size=32&stub=2 Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 63408511570871a712d79b9ace31e71285c3ce09683e61a74beb8a0c9e95d179 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers access-control-allow-origin * Cache-Control max-age=691200 X-Content-Type-Options nosniff Transfer-Encoding chunked X-XSS-Protection 1; mode=block Content-Type image/png
POST H2	200	log log.strm.yandex.ru/	0 205 B	304ms 150ms	Ping text/plain	2a02:6b8::28d GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://log.strm.yandex.ru/log?VAS=741838&event=PrioritiseMediaFiles Requested by Host: yastatic.net URL: https://yastatic.net/vas-bundles/741838/bundles-es2017/loader.bundle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a02:6b8::28d Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://telemetr.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://telemetr.me access-control-expose-headers Date date Tue, 21 Mar 2023 13:03:51 GMT access-control-allow-credentials true timing-allow-origin https://telemetr.me content-length 0 x-request-id 1679403831614098-10496309326582045249
GET H2	206	VP8_426_240_500.webm strm-m9-35.strm.yandex.net/vh-canvas-converted/vod-content/1276749371072432771/e0894fe4-e67edb70-37fe0eb5-199072d0/webm/ Redirect Chain https://strm.yandex.ru/vh-canvas-converted/vod-content/1276749371072432771/e0894fe4-e67edb70-37fe0eb5-199072d0/webm/VP8_426_240_500.webm?vsid=d2148ddabcc4aab98c2dba22f2f12a1db2314d46852fxVASx1854x1... https://strm-m9-35.strm.yandex.net/vh-canvas-converted/vod-content/1276749371072432771/e0894fe4-e67edb70-37fe0eb5-199072d0/webm/VP8_426_240_500.webm?vsid=d2148ddabcc4aab98c2dba22f2f12a1db2314d46852...	633 KB 635 KB	262ms 87ms	Media video/webm	2a02:6b8:c35:1:0:584:0:35 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://strm-m9-35.strm.yandex.net/vh-canvas-converted/vod-content/1276749371072432771/e0894fe4-e67edb70-37fe0eb5-199072d0/webm/VP8_426_240_500.webm?vsid=d2148ddabcc4aab98c2dba22f2f12a1db2314d46852fxVASx1854x1679403830&noredir=1&lid=178 Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Server 2a02:6b8:c35:1:0:584:0:35 , Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx / Resource Hash afb0ce19eff98ae76bcc478053adf42e43f508960d7193c294b1ae05a344ca47 Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-server-time-ms 1679403831890 date Tue, 21 Mar 2023 13:03:51 GMT x-amz-version-id null x-estimated-bandwidth 797192 nel {"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true} Content-Range bytes 0-648191/648192 x_h strm-m9-35.strm.yandex.net x-strm-request-id 866c41193f52cbeb x-connection-id 3488796 Content-Length 648192 x-request-id 866c41193f52cbeb x-estimated-rtt 64027 last-modified Sun, 06 Feb 2022 10:31:54 GMT server nginx etag "29ea63830fd63abbb215286ff01b03c3" x-strm-log-split 8 content-type video/webm report-to {"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]} access-control-expose-headers Date, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID, Age, X-Server-Time-Ms, X-Plg-URL cache-control max-age=300 access-control-allow-credentials true x-robots-tag noindex, noarchive, nofollow access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Range, X-Client-Timestamp, X-Strm-Session expires Tue, 21 Mar 2023 13:08:51 GMT Redirect headers date Tue, 21 Mar 2023 13:03:51 GMT nel {"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true} x-strm-request-id 1516144653394372 x_h strm-anycast-ru-net-production-5.vla.yp-c.yandex.net content-length 0 x-request-id 1516144653394372 server nginx x-strm-log-split 9 report-to {"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]} location https://strm-m9-35.strm.yandex.net/vh-canvas-converted/vod-content/1276749371072432771/e0894fe4-e67edb70-37fe0eb5-199072d0/webm/VP8_426_240_500.webm?vsid=d2148ddabcc4aab98c2dba22f2f12a1db2314d46852fxVASx1854x1679403830&noredir=1&lid=178 access-control-expose-headers Date, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID, Age, X-Server-Time-Ms, X-Plg-URL cache-control no-cache access-control-allow-credentials true x-plg host=strm-plgo-production-90.myt.yp-c.yandex.net; version=11057154 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Range, X-Client-Timestamp, X-Strm-Session expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	1264547 Show response yandex.ru/ads/meta/	46 KB 14 KB	205ms 203ms	XHR application/json	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/ads/meta/1264547?target-ref=https%3A%2F%2Ftelemetr.me%2Fcontent%2Fcybersquattingchannel&charset=utf-8&pcode-test-ids=657518%2C0%2C0%3B706837%2C0%2C99%3B741838%2C0%2C34%3B736079%2C0%2C63%3B729110%2C0%2C9%3B736393%2C0%2C43%3B735206%2C0%2C47%3B734894%2C0%2C7%3B741854%2C0%2C3%3B737281%2C0%2C46%3B681848%2C0%2C57&pcode-flags-map=eJydWNty2zYQ%2FZWO%2BppJeQVJv4EkKGFEEiwAWlEyGYwSK7Y6vnQcO3Gdyb93QVA2SdlQ2ifTlPZgsXt296x%2BzE6xUGLBVgrnqsQpKVXBuKK1SnFdEz47%2BfBj9m1zeb%2Bdncwkb8nszexu%2B%2FWOnsH%2FCPl%2BEM1%2BfnzzDNNwlreZFIrVqsGtIFaEyE0C3yCQGqclUSRj1TNISYXUzpzSnDD9AJ%2BmTGFejWC3D39PUEM%2F7FBzKjrYjLW1VJzklJNMQ%2BKmsXvmOUHgPd0NLqKqtpSUs7IEtFrqB8LVCstsQXIlaUUUKwpBpB3X95zoOWZpKyXT1yrZONa%2F%2B9GXsR1KQtTZNRnLyciyy9k4Rr8K1iVOdjE6JVxQVo8sIz%2BJ%2FHhkG7hhYILb1rRkOCfmfFyNInp3e78dmAVe7CeOMYNYCtGRbGIzTeTACOgpCKkVSwXhpxNibq83ny63I0sfeYkJc0HfqQrOWhA6X0hVS%2FuRQegnbme4xnVO3ineqpxVmNY2s9CJPB89nZdytgRn4Sw15zS3WrpRGKMXD1TAXslpajX3XAcFnfl7UnuqaIGfK5rLhaIVnhOrbeAGsfNsuy%2BWlHGdVI5z2orffhFhjbXfxmGFyxVeC7ulH%2FVxzosGKlM0rAZi6Dpi7biGPMdxxraB4weDWsi0aS3t54UA01OpYBBlorm7P0%2BRd1ZawJFR5B2a00I3zpUuImDn%2F0HYO3CKy3aULd952bokmNeqYhwqFnOKJ%2Ff2RoeGjtNHueGUcSrXKl1DqyCrhnF7wFCE%2Btrb86JvnpngVsPEjeIBI6lQGeacSYWzDLIkLF0iTPzQdUe2HYsFUFoudJganOe0nttBgjAwnndtH6gs1w1Rvt3rII7CQXoqnkGcBE1pCVGzH5dE6FVLPQizkmbLI6fvMbopY4avggZbUBguVF%2BiwJm9mpPY6yeL8aMHMXNBMk3UpsTrFGfLwQSzQSLHC3xvlI4F6Ro%2BTFIi6NzKeOSGHjJ5qMkKTAqo8oUq2ZxmdrvY71sauFlQXmnOclLvJ03DSWpvqgi6oueOyAtThwOTQAXAvIYI6EYpMq5nihDW2kdu4gbBCGxBZefJAATisZTMDuRHnucP1c5E1%2BSkwJB%2BeFHQmkoCbM%2BWIKushYqC0EFo5J6oMJfqz5a0RIMfu1%2BIEAqf1IBccNBxE88IFDDXVKY1NCoKw7g84lXkRj11MgwjidV9AnGhC5IWHINg6uSDPZNRnKDkSTcUnAJMuVbGXkuIxn65sX26VIK%2Bt9YRQonfp3tgIY5prINzk8CJnlCgaecawapbEYoD5E5PVhWoVmw%2Fy%2FMcE%2BsBIbXw%2BCVWxihw%2FX25wfwG5Q1XBdIo0KpGUHQNzGiDw7XgAC%2BK%2FcNbyLn9DpCm2B3Whu4Zpsm8EPpuHhzbA1DioV6dmIoQS9ooybsGeKwlowRWE2M8OboomZa7uTKOHgGJ%2Byp4DaQj1wjjy%2B5BXW0e1MV2d35x9wpct8GoJUlxqkBxWtchB0bbqBRNNa8WwJIBYWoY0V3DnbfQ3vWCAU03I%2FTUXqGR6wT95ORcmU4vW5AoptK7QHdNpZ0vjiyDgGRKtcTv111zUJ3AG5r9mH3Z3n2%2BqDa357vr2Ykbgky6uvm0u9yKz5vL3fX57MT7OUINYS4OSGDaIug9lZaaCXrHHB7wYXa12V2%2Bvb0H3%2F7ZXJ9tH%2BD5j93V5nz7dfTqfHPVvTl73F6br2%2B%2B7e5uzOPV28E%2FZ9e7%2Fq1GfkKAF7ebx8ubx4v%2B48db8%2Ff%2BdvP2evv968EX%2FtrcXO06048vX3FYcc%2BptacP7Xk%2BMtb8xEcSD5butO3gFqRGVrLJ5g%2Br8Xi9hg3NkKbGEigGXY7P%2B16nJJ5blweYLN6gURYE6MoJziSsr0cMQ9%2FxDjUSrRvQBlok%2FUeFBJu0j%2BJXAQetDHqPPQ%2FPSLyTOKdaqxi1uxc%2FJa2hlDAttSJkIP%2FHzJ31Po%2BLH8X%2BXhWKfDldnWGdjw8WfP1mH1ztu1yQipifGswcbJjQtZ2yceP5fHc5uZITJQeTJWNCRxlaeJmn0IropP9NUbwEGsMBCq2BbxgchMUmI2rVbfdHvPETM%2BcEKBjS%2FVwF%2FdjcxW4Ju6NRWHoqmh8glCQVXENa%2B3%2FkB3Ey2FRfin4YTKMfaouf%2FwIkncNM&pcode-icookie=PMxPEnv8o%2FpFi7I%2FL%2BwvhbhlnSy63wnaJuX2XQ2H3G96oBCsuk%2BJ%2BKJw5ZsoFjNI0BbpEShj7ObJU%2FjKtBD%2FiljXw6E%3D&duid=MTY3OTQwMzgzMTUyMDcxMDI5OQ%3D%3D&imp-id=6&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=262783279038466&ad-session-id=2609881679403830700&target-id=41779896&tga-with-creatives=1&top-ancestor=https%3A%2F%2Ftelemetr.me&top-ancestor-undetermined=0&pcode-version=741854&pcodever=741854&flash-ver=0&skip-token=yabs.NzIwNTc2MDc1MDEyMTA0MzIKNzIwNTc2MDc1ODkxOTg1NDg%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A368%2C%22h%22%3A0%2C%22width%22%3A368%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A20%2C%22top%22%3A1746%2C%22ad_no%22%3A2%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A2%7D&grab-orig-len=4740&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo2OH0KEqO0kBs57kEYqMuLrv3T2k1ksL6p7fvG2fg4xvu-7495K_PC4429jVtiwoaIktg5xU5iG-s7iW_jjfVfgjQlogbQjwGuVUUmMjiPS2V6yO99xpdZRAWiqqCqirC-ugYwDZYG_QHh0MDXMDVoW0N_UKgPCH0Dm873TKADkRHoumtzN0RA28BxPFM3drl5J2s0WR4nsG3PAeHaIMTj6CwHF4_jBT4unu7qjocLotGOR9AZw2N5erDtgOVBTOx7Bs90mbpr2cSbZ9m6Z-sQE2tgdNo1DBpCDeNo26-nSO6XIqJIaKIn81xzayBpaBrsB8OgIaIBYTCGpsElJpCSme3RsSzTN-TEpqIJU0RKpPtZQ6hhnmJoBciDVDZF4ArNFymlaR25CHqj-ZZP3zwnMAyIiQ3HZZWG7vLY9PKkPHOPLQ7DcUos19c5xLh4vostFdDFSeQPQ4FrizZyAaXj4egvxVlSOcfiWr8KnoQHyFkP_uxTYtp0uZxjmc_Qdctuwvm6vR-wtBi680QvmabLCkz6ZnFLs1wFMe7WAEMD99q38Qg6L4qsC_MC-PW-N_m6TgPnNWDK2e3kkYGJyGAH2PwA9WkynLZ6Ya9wXLmidHWPtbFcnVMaDP6-kcqkHj_sXxrMoGJaR1LqHNfeD8J3At7LaIBsVUyDj0dwgiTc-YHP9fYAK7EC074aZvplepN3HvSZzdemYmhFcZLnq7E2mue4kBz_oGhoo__wUUwpZNIO-tMOqegH9VlANM4C878Bd3QbQ4MFCekDxFcDhjyRQzI8gkFD8PntUiXaX_vvTU0rAcNB5dmsP_zz9hzKt75qW8WB6WVYCGdlZsD1aoa16lf55i95JoPF7xlSUYxTXga-f1_u-RajaXBQC-mfCOSYtS4eJtREH2GVGLUISCEYf-JLhIfLC0y_ZZbWf75fFpvPbZlUlLT3NVAP-EbVlziWWfqByd5yFoe0UCIWLPod8HQX27ssB6oGjwb2jxFMoeCJamkK1ObWAKXB6o2ngXWDBfGYATANPBp433X0wTbcZ6Kna7D2aDIMDdrTAvaLh9pLiAzqAT0iPHiDdP_Ev_zoCrS-h2zmqBznp196TMhlCKgf1xh8r0QFH_JDyUvPtLBED3NKg1XOvqJcSMRUZTP87i8c3vu140-BPEW3yHNxODowlue7jMcwxS8Pkoiza-d8XD6VP5jB4PE84-vi3UU1xVL2EzdKWE3lzP7Evlp_YmjDrT-Gr4GD8qvKTTEFQnm8LSspZFdz0f5MiqHB-w6C_xShf60cNQhHIcLZIBhZGY4GnVDssAD_ykHQWf65o13JP0-oNPg0cPczC40Gugb1nKsx2Kf2YyjmVzTGy6i1B-dwRUNAA-x-Ppi_R6chQNoH3u8PW42Fz7GLhP3kQTA4QqMh2KM-wDnONET7SQ3rLnAij_Ln01I-LA1kGuAP7MYFa2B-DGOIhnlvxDhW9xB1uIantvtJ-AIuhUO9DKGhHSuIRheOGRhDPGYvAElvbcu1fQ8Jilr6G6ZgcFP7Njp5ziq_LCjnxMMr-iG2f2oUEuB-XCIYHUc4ejkah-Dxq1TkTaMV23lBME-EirtWVdfAH5lyw-b6GKwBqnp9Hzg7_-sy7G8f-DT4QtXbci4Tl7yyUEKlWhwjUL4Ki_OZUxoftwaQI8mmAW6Ajib85IHXGqkEQMc19JJrWgymsBslz2mKQDWZCfaZCiG58fi4i-j9H6Lh_vBxxb79FuUaIYprF5_LMRelkyiPY6I0iwZjknrvXwOpNhGldINyrt8l-MGtkyQPC6IZRkRFFHZSNMbOt0Y5Y-813Rg-nWHelwY2YI4z_sfQR9VB74l7bGVY_yJGOf2oBK27BQw1rSq18rSij3iJWR1IkCUIAxTTc8fezZNBl_j4V-6IjlLFc0Rpa1DsLPcWywLuoBraIPQnCumSyl2paZXqjD2-hMRQCBws_xCG1GGDvGjKbD5_k72vBMJbcZ5Tr3VQ-1kVqF9We_cCQs_xWJ5uErK8kZtrMmUd-qrm0R5o1NzZEXJ1YpjnEl4DVTj5TMg9FTkBpfgp5b4wPeoErlobowK_vnrS-xIYZXbdQbpVcf2iGPuS2G-fNcItDI2PGqT9d_PQwPwyL4S6mEg9gEd5u3Zw0Jw1HHc0sVy8p7p7ucx3ExC9oCB6SkTLvFe5UEJCworKg7KotJAKE_C3Gh627iHRO_yuYEL4lmigfe9AVgMf2l5pmsnz4Kh3VAMpNVN9UKugEC-_pSf1KFTHq47-UNdu63f-BzUf0G-Csf54RbFZFt91vJLj-o8kxSPQD6bKp_aMursld2eaU_NXRs2jEYb3_YyKf-F9uDcX6GUO1JBOuzywIBrKPCJMTyFjFJeSwy6PHaD8teHdEe_1cice5bwAOpIbNDXcK2hpirz8wOYe-lz4ExQmL0dyc4HkB_qhiFaxZlnMm0ee4Ocp_hcwatS4No71Ka_YTKfMN9Ms8xZwamB9FFibkIzMalNQbU2D9RKXfJ1rHAliUya8kFJJcNVHoFYcwSgtinDvI5McrkG7Eocx8hy88xtgfyoE89MbMF0fAoth2h4df0PI8fbBdGwIXJt5ted-hjkIFf_TXw3Pe6I4_ZGeR3qe9HkZ_sz-dsjneSmkeB6eoZuWzcVtg87fW1C3wPCwtm8dRJWxcSxzN1FMyzDcKwCDF7CqEPzpGyWfQQcKIZBNxmmMAMcb6gDHNThByQzoLM_W-xbb1a3SYjqBHqR5Gst3iAN2gPiXU1m-1vXzlWWi7Yxnnop3WT5F2zTOYtE2ikRCo5WlWS64E5E6nGko4hKmSUS9jUQ0hdHMqbZLunX8NF9FIlpmcVKIl9HtxpIfOC7bwraDkof495_PPHNFAysGx2LyLYv9WXxQmDx2O-e6U9tcPs8n8lSlkHwqNukSkvBN1-d6L2AoeYHDqxrfY0u7c_ve2iwNJeu5kiVZyydTl3Vc6vqJWERq396zYAdfeLoMP2FWrHyGed5wwrMOwoL-eDM616440vW9b39lvTjJnD16xR5OYOivMf6UHas4puex_7uBOujVeeMYBrOsfBke16pKrnvcHswJ-F3_YL7JYAZOI8fMk_ymi4SOWEgI-Xwgl-dj1mYGT56gE8eohEDctK5frjxfo_Kf96uyNIlV2R9H0XQri5pu1ptIX3XlniRNl848W02dpNnKYkUVhU0XH5NNHUaNx1phE71mUVdJZW0l0Wy6MG1Em0nSiFYz-uuSmam6_2njmSZhw3st79eFlZ54rvg2usV8dbaW9Pm_TWYjZxRmj6Ufbn4EtOwDQuZLt4gbLsN8RYVcI1ssuWbKNY0wNW-7ynWGrlPBthzPaMlorL_GW4c-QRdx0Zl1PL5l8yzXLnFMJcdHM1xF2lvgWCa9cfubsz1dZan8HkcrF5JPo6IPg4X9Xm9Pgkrtynd1NJXXmskUr5M4k6xnqM60rpMZd_q-IPKZ51lVJyvq-O6JbV6d9P0mOXEkJw5FTtx6Dw7ZOHEx8nPiLmgo3hxHZxqlGiFMBumDpA-S_8EVkz5I5gfpwcENKA_sipKnOkwmQ93756dgs4OGZFQ3XBfbkylYDJnyPBvSc0jPIes5eUR6DpnPsRBbtvIdJjbi8tZ_Jd64Eul7pO-R-b0CP13I53tJgfy-d9DByvdOOdA7PIt0Q9INyb9hliCbGy7kd0OuZTAMh8F1lQfyvbo7WCBXVxXqnhs0mYMBM5h8UnQj_YqsX03kEt1y5PerAbyq8q0ODKH3Au96nIE4u_Vp72kMJtMydZQAzUd6EOlB5D-oCJENyixEfg8yvuL4gS2HUbp1aZS-7bFK04LA92zXLbEDQw1GJ8O27A58HIdxocm1bteB9eUFzOHf3Fo3A9svA2yLF9wJcMzbYXECxyM5L6SToOwkeThOEuPnyAWY5wnAOEkEWdbDgf2kdYzyH4btORIz7zxMVCtq1MVG6YyF7YPjkCpyxCJT5eJfmQqbB6cic-a5EhGnbCbUtsBpJLI3TpO4oLbyLUQsxPkKkyXahSG16e9aCZXpb5RRGwivgmq7qLYp1VaC_-t9lEnsfGVWxKlq3f-57hJdYHbsFTOfFOyBo1Blrhoif-OjSLKtE5LbGEdSi2LHz_I0TWSWydTWySajvBEN4-0L6A2Y-bPxz4ZpfTd3PwA1b2EpFstYvtz0-su92p6XeRqGcTar5XUmt7zOqhn2UnQqFc3cWrHWbsa1Z26dfDvnUqyl4yjJsziTqKqddDSmbOiW6Q2D61SxspabVsfVtDquNuErjLLPD9WoeuZ5WHUriofJ9TDVnnm4zvpZoXeuVXmuKdclVZcqq0Sum1UXK6tqoz2zSsIsrbo0rVRWo0W58aLrJ1EaLoWISRTWwfw_K2XxmnNV6904i8JhAd6VabzCIgrbJIa1p1Sdy9RTpk5l6riq48pBMSeUG2qerrYmVLD0OkW8YnGcKmbJaaSwWY1uq0Wg_DJDJ19FiqlxpTJcaaraHl_5JE2TFSqy2Pn6XWHWNPPvompmXqRtMcNuqnua7Bdx1byShJwluapkuqoZfo5soNkyZOeqSmykh7nTMM80pOZNr2aT7DJJpyP7dAXpdOSdTmQUjePpPE6pGlXbHpZRchnuONrBpwdMZrN5dtxmRSSR913T4wnKdyhyOik6AUA8BY9gAHRFAP0%3D&uniformat=true&callback=Ya%5B6615991125762%5D Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 58742e0043143bdd2a18dba234364d122010ddde8ab97809c90584685d02b390 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://telemetr.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} x-yandex-req-id 1679403831483665-1969095809873582875-sas2-0346-814-sas-l7-balancer-8080-BAL-9432 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" uniformat-product-type MediaCreative x-xss-protection 1; mode=block pragma no-cache last-modified Tue, 21 Mar 2023 13:03:51 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT uniformat true report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} content-type application/json access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires Tue, 21 Mar 2023 13:03:51 GMT
GET H2	200	1UQ9b-d50Hy200000000U9nJDDCsyEnTwvrZg7FCXPdnEBkmfVbgoHG68F24YOGkqedqZ5tiBSoGoWWKpzGvbl2P0IXU2kBLbW69LaOGsGdY0m4Jmqp6o_mGza961bO8QoNZDQZyNiPTN48CHy7yiupCG96hZ22fkumCCWmCVnbdCJ4mp6K2YQnb-WKappBz1u9NJ... Show response yandex.ru/an/rtbcount/	43 B 620 B	77ms 76ms	XHR image/gif	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/an/rtbcount/1UQ9b-d50Hy200000000U9nJDDCsyEnTwvrZg7FCXPdnEBkmfVbgoHG68F24YOGkqedqZ5tiBSoGoWWKpzGvbl2P0IXU2kBLbW69LaOGsGdY0m4Jmqp6o_mGza961bO8QoNZDQZyNiPTN48CHy7yiupCG96hZ22fkumCCWmCVnbdCJ4mp6K2YQnb-WKappBz1u9NJ08RNEnBT8unCCJEFhacupihmryc5f3bp20RUfaLWUHKPf2skSnC80kPcHmLGFQnR6HUuxlAhL_JGkKaCyo_Ly4gxuB9dymEJX3tBcH9j5eDPgrWkIo_WUK_333kG68VG69VO9azz_733NFcB1U_oGBntmVxXomt1Iuwdwg-Rl-M1UJB1QoS9rddctA3fI-mDZGqiDnaDLCkL_6pNvxqbHLaK0TR0yi4jctN3foyil7rqfmPR5SE1ozWExRqwOqTZtSytiguaWrcv04sZnDip8_OUDsJBQqy7RrBWWkBqyrVii4i_mbdJMJd3prwPK_KM_jPx6pc9eOMfYOBs1bNi3DkO6zOqC2pWvtd1Blu0_R-ZJsl3_uxUpha1plF0exByYiu6hWsS5nZti712036oBMe Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://telemetr.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} x-yandex-req-id 1679403831576123-15301943405203739554-sas2-0346-814-sas-l7-balancer-8080-BAL p3p CP="NOI DEVa TAIa OUR BUS UNI STA" x-xss-protection 1; mode=block pragma no-cache last-modified Tue, 21 Mar 2023 13:03:51 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} content-type image/gif access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires Tue, 21 Mar 2023 13:03:51 GMT
POST H2	200	event_confirmation Show response an.yandex.ru/	0 51 B	73ms 73ms	XHR text/plain	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/event_confirmation Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://telemetr.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:51 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT
OPTIONS H2	200	event_confirmation an.yandex.ru/ Frame	0 0	71ms 70ms	Preflight	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/event_confirmation Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://telemetr.me Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://telemetr.me access-control-max-age 1728000 content-encoding gzip date Tue, 21 Mar 2023 13:03:51 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 timing-allow-origin * x-xss-protection 1; mode=block
OPTIONS H2	200	event_confirmation an.yandex.ru/ Frame	0 0	74ms 73ms	Preflight	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/event_confirmation Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://telemetr.me Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://telemetr.me access-control-max-age 1728000 content-encoding gzip date Tue, 21 Mar 2023 13:03:51 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 timing-allow-origin * x-xss-protection 1; mode=block
POST H2	200	event_confirmation Show response an.yandex.ru/	0 51 B	72ms 72ms	XHR text/plain	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/event_confirmation Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://telemetr.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 13:03:51 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT
GET H2	200	cropSource avatars.mds.yandex.net/get-canvas/5395302/2a000001866fac177888a1556e60a7305477/	40 KB 41 KB	72ms 71ms	Image image/webp	2a02:6b8::184 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://avatars.mds.yandex.net/get-canvas/5395302/2a000001866fac177888a1556e60a7305477/cropSource Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx / Resource Hash aeda860aebd901f915287ce1ba3350ff70f67365ae3bcb07571058c6deb31ebb Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:51 GMT last-modified Mon, 20 Feb 2023 16:33:15 GMT server nginx nel {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01} report-to {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]} content-type image/webp access-control-allow-origin * cache-control max-age=31536000,immutable access-control-allow-credentials true timing-allow-origin * content-length 41446 x-request-id 7212dc443d2f807c
GET H/1.1	200 Ok	quiz.dubai-property.investments favicon.yandex.net/favicon/	640 B 853 B	70ms 70ms	Image image/png	2a02:6b8::36 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://favicon.yandex.net/favicon/quiz.dubai-property.investments?size=32&stub=2 Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 65361756fbeeb484699e581dce37c9174737dc4f6cc3e9f976dbd44693ee40d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers access-control-allow-origin * Cache-Control max-age=691200 X-Content-Type-Options nosniff Transfer-Encoding chunked X-XSS-Protection 1; mode=block Content-Type image/png
GET H2	200	WXCejI_zO581JH00X1q00000ww3POGK0KW8nDwiPP000000ungwQ0M2y26W4W041Y06ru_VleG6G0TZ6zkdaW8200fW1sCRswMIm0OgVnB48k07YflAX9jW1lkx_hW7W0VRjcgu1c0AScB4Re0BgZV0Om08Bu3le1AOH-0JWhX681U2k4P05rUuZe0NDsmMe1StR1... yandex.ru/an/tracking/ Frame 4CDA	0 108 B	79ms 79ms	Image text/plain	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://yandex.ru/an/tracking/WXCejI_zO581JH00X1q00000ww3POGK0KW8nDwiPP000000ungwQ0M2y26W4W041Y06ru_VleG6G0TZ6zkdaW8200fW1sCRswMIm0OgVnB48k07YflAX9jW1lkx_hW7W0VRjcgu1c0AScB4Re0BgZV0Om08Bu3le1AOH-0JWhX681U2k4P05rUuZe0NDsmMe1StR1R05pTi5k0N-vWl01VRuCCW5XuuGu0MK0JOhC4cDhKjigGSinj1H6CS74xW7yWxG1nR2We06w0a7y0dW1VW9i0c02WIO2WB12kvqT_92QEW_Y0iCgWiGFhRDMYp60026Sy-iQFS50F0B1k0DWi20WO20W8W4jjR0oTInwwLie0x0X3se3woCi-s5u_634u0GdxNe9y6W4fWHuQ8jeRa_W1I0WE241AWKrUuZm1I0vPfto1G4q1IXtzA60TWKbS31e0RW507O5gt0mR3Ss--SDe4Ny3-O5ypRYp7G5z260zWNmj4wu1UciD-U1j0O8VWOmOhsxAEFlFnZW1cu6WE270r7OpawQMnsTLDnSsStwHo07N_G7lAcXxkXuv28h07O7llQ7g0VdxNe9x0V5CWVd_U_Lz8V1ZSqCJWrDE0W0T0XrIB__t__WIE98vgPcPcPcTa_3G20y4_BskNof8K2kN4fUewAOV-NUIFHayav29a7ySADSLU8QDmPjBZtoOiCHW40~1?action-id=11 Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:51 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} last-modified Tue, 21 Mar 2023 13:03:51 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT x-yandex-req-id 1679403831722585-8674521294087112334-sas2-0346-814-sas-l7-balancer-8080-BAL report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} p3p CP="NOI DEVa TAIa OUR BUS UNI STA" cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Tue, 21 Mar 2023 13:03:51 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	15 KB 11 KB	223ms 104ms	XHR application/json	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230315&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8925921048082252&plah=telemetr.me Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 53b1506d75e463a7df396501dd2a465959536fd576b45f70bce5a0fb03f04f68 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:52 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11313 x-xss-protection 0
POST H2	200	WWKejI_zO4G1tGy091m00000KfIvhWK0H08nDgiPP000000ungwQ0M2y26W4W07tgSpNlv_-mYw80Qo5Z8YX0P01W8tBf-I0W802c060ZSkdPBW1egYpcoRO0R32nwu1u06MbQ-P0Q02Zlg50U0xw0I-4lW4vD4_Y0NKfWwG1UJHFw05bBKJg0NxbX2m1VkM4BW5-... yandex.ru/an/tracking/	0 111 B	83ms 82ms	Ping text/plain	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/an/tracking/WWKejI_zO4G1tGy091m00000KfIvhWK0H08nDgiPP000000ungwQ0M2y26W4W07tgSpNlv_-mYw80Qo5Z8YX0P01W8tBf-I0W802c060ZSkdPBW1egYpcoRO0R32nwu1u06MbQ-P0Q02Zlg50U0xw0I-4lW4vD4_Y0NKfWwG1UJHFw05bBKJg0NxbX2m1VkM4BW5-vOGm0N5iy84o0NCXfC1u0MK0JOhC4cDhKjigGSinaHuxSO74xW7W0M8W872W806w0afosNhNrkxFty-HW4inW00CRp4h6Zt1G3m2mRW3OA0W860W8281BRMmCdKiUkbRA0EpOOxg0-iZFEqsDtnWnE049YVp2V1i9220PWHuQ8jeRa_mH4gtFMdFeWjb80KW8221AWK-yr2m1I0fAVQ1iWK1D0KvEIyUzWKduw1e0RW507O5gt0mR3Ss--SDe4Ny3-O5vUrj2pG5z260zWNrki-q1WX-1Z1YlRieu-y_6E06RWQ0u8S3KTZEJfAE7foKt5pPpVf780TVz0UeEBQzQdubu1Vs1xwsXwW7vYVp2Um7m787vZXerVI7mOtD34uDJJW80RG8V___m7L8l__V_-18uaZcfcPcPcPsJyG05KWoLT7UHXfaq2kN0gHe6BO-cLEA_HaymL2PgCBbyi5SJm9Z27fXtbXEXUHOT3YtXyjCXW5~1?action-id=11&adsdk-bundle-version=741838&adsdk-bundle-name=AdLoader&ad-session-id=2609881679403830700&vsid=d2148ddabcc4aab98c2dba22f2f12a1db2314d46852fxVASx1854x1679403830&top-ancestor=https%3A%2F%2Ftelemetr.me&top-ancestor-undetermined=0&client-ts=1679403832094&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=741838%2C0%2C34&document-has-focus=true&is-fullscreen=false&ad-pod-id=unknown&product-theme=unknown&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22width%22%3A372%2C%22height%22%3A209%2C%22w%22%3A372%2C%22h%22%3A209%2C%22left%22%3A18%2C%22top%22%3A302%2C%22visible%22%3A1%2C%22req_no%22%3A0%7D Requested by Host: yastatic.net URL: https://yastatic.net/vas-bundles/741838/bundles-es2017/loader.bundle.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:52 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} x-yandex-req-id 1679403832136502-10322653102304487970-sas2-0346-814-sas-l7-balancer-8080-BAL p3p CP="NOI DEVa TAIa OUR BUS UNI STA" x-xss-protection 1; mode=block pragma no-cache last-modified Tue, 21 Mar 2023 13:03:52 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires Tue, 21 Mar 2023 13:03:52 GMT
POST H2	200	WWKejI_zO4G1tGy091m00000KfIvhWK0H08nDgiPP000000ungwQ0M2y26W4W07tgSpNlv_-mYw80Qo5Z8YX0P01W8tBf-I0W802c060ZSkdPBW1egYpcoRO0R32nwu1u06MbQ-P0Q02Zlg50U0xw0I-4lW4vD4_Y0NKfWwG1UJHFw05bBKJg0NxbX2m1VkM4BW5-... yandex.ru/an/tracking/	0 199 B	80ms 80ms	Ping text/plain	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/an/tracking/WWKejI_zO4G1tGy091m00000KfIvhWK0H08nDgiPP000000ungwQ0M2y26W4W07tgSpNlv_-mYw80Qo5Z8YX0P01W8tBf-I0W802c060ZSkdPBW1egYpcoRO0R32nwu1u06MbQ-P0Q02Zlg50U0xw0I-4lW4vD4_Y0NKfWwG1UJHFw05bBKJg0NxbX2m1VkM4BW5-vOGm0N5iy84o0NCXfC1u0MK0JOhC4cDhKjigGSinaHuxSO74xW7W0M8W872W806w0afosNhNrkxFty-HW4inW00CRp4h6Zt1G3m2mRW3OA0W860W8281BRMmCdKiUkbRA0EpOOxg0-iZFEqsDtnWnE049YVp2V1i9220PWHuQ8jeRa_mH4gtFMdFeWjb80KW8221AWK-yr2m1I0fAVQ1iWK1D0KvEIyUzWKduw1e0RW507O5gt0mR3Ss--SDe4Ny3-O5vUrj2pG5z260zWNrki-q1WX-1Z1YlRieu-y_6E06RWQ0u8S3KTZEJfAE7foKt5pPpVf780TVz0UeEBQzQdubu1Vs1xwsXwW7vYVp2Um7m787vZXerVI7mOtD34uDJJW80RG8V___m7L8l__V_-18uaZcfcPcPcPsJyG05KWoLT7UHXfaq2kN0gHe6BO-cLEA_HaymL2PgCBbyi5SJm9Z27fXtbXEXUHOT3YtXyjCXW5~1?action-id=0&adsdk-bundle-version=741838&adsdk-bundle-name=AdLoader&ad-session-id=2609881679403830700&vsid=d2148ddabcc4aab98c2dba22f2f12a1db2314d46852fxVASx1854x1679403830&top-ancestor=https%3A%2F%2Ftelemetr.me&top-ancestor-undetermined=0&client-ts=1679403832095&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=741838%2C0%2C34&document-has-focus=true&is-fullscreen=false&ad-pod-id=a34sdf%3B1120306531%3B0%3Be1b0aa6d03a81f44%3B1371283335025575468%3B0%3B1264547%3B5%3B0&product-theme=unknown&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22width%22%3A372%2C%22height%22%3A209%2C%22w%22%3A372%2C%22h%22%3A209%2C%22left%22%3A18%2C%22top%22%3A302%2C%22visible%22%3A1%2C%22req_no%22%3A1%7D Requested by Host: yastatic.net URL: https://yastatic.net/vas-bundles/741838/bundles-es2017/loader.bundle.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:52 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} x-yandex-req-id 1679403832136911-2857030047927859165-sas2-0346-814-sas-l7-balancer-8080-BAL p3p CP="NOI DEVa TAIa OUR BUS UNI STA" x-xss-protection 1; mode=block pragma no-cache last-modified Tue, 21 Mar 2023 13:03:52 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires Tue, 21 Mar 2023 13:03:52 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	142ms 70ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8925921048082252&plah=telemetr.me Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:52 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 21 Mar 2023 13:03:52 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 42A9	13 KB 5 KB	60ms 58ms	Document text/html	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://telemetr.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes age 77999 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 20 Mar 2023 15:23:53 GMT expires Tue, 19 Mar 2024 15:23:53 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 0FEA	783 B 1 KB	116ms 42ms	Document text/html	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash fcb4d7e25810166bee6e96f45708ec4d503fa464d97555c562cd2aafed342590 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Td2kFXVbLCKBPQ7gqOiizw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://telemetr.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 513 content-security-policy script-src 'report-sample' 'nonce-Td2kFXVbLCKBPQ7gqOiizw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 21 Mar 2023 13:03:52 GMT expires Tue, 21 Mar 2023 13:03:52 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js Show response pagead2.googlesyndication.com/bg/ Frame 42A9	36 KB 14 KB	60ms 60ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/VHn1ktbgsFp6mrADiySip1LyYoScgawPUWGtJiScNhE.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5479f592d6e0b05a7a9ab0038b24a2a752f262849c81ac0f5161ad26249c3611 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 08:55:38 GMT content-encoding br x-content-type-options nosniff age 14894 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14221 x-xss-protection 0 last-modified Tue, 14 Mar 2023 09:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 20 Mar 2024 08:55:38 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 0FEA	0 0	93ms 93ms	Image text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230315&jk=2305016833081217&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 42A9	0 10 B	32ms 31ms	Image text/plain	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?GzNxlg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:52 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	bundle.js Show response yastatic.net/q/set/s/rsya-tag-users/ Frame 4CDA	105 KB 37 KB	32ms 31ms	Script application/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/q/set/s/rsya-tag-users/bundle.js Requested by Host: telemetr.me URL: https://telemetr.me/content/cybersquattingchannel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:53 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; last-modified Fri, 29 Oct 2021 11:19:01 GMT server nginx/1.17.9 nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} etag W/"82bdc8db563d3e71c35534315f8a9fd5" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31556952 x-nginx-request-id a9bb3689b61e5abe timing-allow-origin * expires Fri, 24 Mar 2023 01:02:18 GMT
GET H2	200	watch.js Show response mc.yandex.ru/metrika/ Frame 4CDA	162 KB 57 KB	133ms 132ms	Script application/javascript	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/watch.js Requested by Host: yastatic.net URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 65d6f41a56f3818c87cade7c40912277448fe9ca1b8dc3d2179dc578aacea883 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:53 GMT content-encoding br strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 11:05:51 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "6419655f-e3eb" content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 58347 expires Tue, 21 Mar 2023 14:03:53 GMT
GET H2	200	data Show response yandex.ru/set/s/rsya-tag-users/ Frame 4CDA	403 B 704 B	88ms 88ms	Fetch application/json	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Ftelemetr.me%2F Requested by Host: yastatic.net URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e8b36589aefa80bb9d803e5d8125200308a41e0d78fef87bce0273272d7fcc22 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:53 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT x-yandex-req-id 1679403833149761-4747662963688498896-sas2-0346-814-sas-l7-balancer-8080-BAL report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} content-type application/json; charset=utf-8 access-control-allow-origin https://yastatic.net cache-control public,max-age=300 access-control-allow-credentials true x-xss-protection 1; mode=block
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/ Frame 4CDA	43 KB 16 KB	155ms 72ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: yastatic.net URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash ad9b221517917e35287fcecf69dac74c8b8cdef705b77b6aa86653858846ea13 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:53 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15849 x-xss-protection 0 server cafe etag 10303980712498501990 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Tue, 21 Mar 2023 13:03:53 GMT
GET H2	200	/ www.google.nl/pagead/1p-user-list/1014923426/ Frame 4CDA Redirect Chain https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=OasZZJrdEv6H2fcP_PequA... https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=445219274&crd=&is_vtc=1&random=3359551677 https://www.google.nl/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=445219274&crd=&is_vtc=1&random=3359551677&ipr=y	42 B 455 B	149ms 72ms	Image image/gif	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=445219274&crd=&is_vtc=1&random=3359551677&ipr=y Protocol H2 Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:53 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 21 Mar 2023 13:03:53 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.nl/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=445219274&crd=&is_vtc=1&random=3359551677&ipr=y content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.nl/pagead/1p-user-list/1014923426/ Frame 4CDA Redirect Chain https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=OasZZLHbEuegzAa_5JDwCg... https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1517908050&crd=&is_vtc=1&random=2532324802 https://www.google.nl/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1517908050&crd=&is_vtc=1&random=2532324802&ipr=y	42 B 108 B	121ms 75ms	Image image/gif	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1517908050&crd=&is_vtc=1&random=2532324802&ipr=y Protocol H2 Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:53 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 21 Mar 2023 13:03:53 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.nl/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1517908050&crd=&is_vtc=1&random=2532324802&ipr=y content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	97ms 96ms	Image text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230315&jk=2305016833081217&bg=!PT6lPmrNAAZEjmHWZI47ADkAdvg8Wu6Nsxg06NLGpBiPd4VzwaUIV_9eKD6nsiYv5FsuuXZXoQ3CxrVYaLkddRY-woe8KUBxmx4CAAAAV1IAAAACaAEHCgAnm20GFNBjHCP5jgbGRSCz64F5t4dohJj07tXz-svS4muOj80QJtUFmQK1f4N2lPYKU4184ghvsjs2zzqPbXM-H7O9pjNlAbKiOToO5LHMF-l4GS90RbiUIJ3T8Lg_0hNkd-IkazU90A1LKN4xBIp1z_ncCt55hrGdEzoLHWJvbbWLnQ3qvznE6ovKQrO5TEcOazBRMf8rmXRIzzD8i255pmdRSdB88LLpq7hMfPb6VKK3JWSHjOp6FxeMsP8kCjb1US2VoVMXJpQdefsVHKz0CEjDag8kjxwfc9zGL4F_0M_hpgxti7UNyRNzawhuPxGLDBkLx9KlImOtNdLs7Y6I-oupuBKeFSDYXmgMZ6qcJ8e1nDdRJxodO-b2GSGzEF58YsAUvJ5H263c-MV4ScwpGDbiSBcwa7Taw8ZnB4x_Cm87o5dUn1BagpS1kQbCGbHiKN1q51h78dibP47njjrFTYSXDC8ME4WQCpjIqrvMIcRKmGI769W4DGz4Isx9GTmVX2RQ1gPb6nNZyuvFen4I0qZadZH63WeyfswLwoaAipAD-DIBxOeQxp-7AQ-G6BbVvCPcY1PSuW_37coOY8Nr8Vun5DeWhMFJpf-OrJSUEbAWw34iDm1T_j7opaDSgWet38RKwJHzB8X2UdsvwU6UfELlE_dwnt6tAIb849HohEPIORMSZ6ALKb0JhTVINPciAJSdlf3e-4ajXxcpa96hVo-NCzvRvZny4NAcXoSfO5v5kueOOpU9IL9qeWOb1lNhTOVIefBMVq6Fy7VtCYC6rhuie7iwGAivpPIfe1IcT6rnScJbeYTXgGFBGSXBeoTSjW0jGkvUSoIhRg0-EPtZJkwHExRyb0H096OfYDRZwDCXTrvMRkLqFsbD18X_80c-edUiKxL9CLEwZnDYC4FBuXd1N_qolni-e4mVEShi7b1BOCeNkPpJNN_MTcgj7huA4yjGf3pWzg0KpvGv918Z Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers
GET H2	200	3 Show response mc.yandex.ru/watch/ Frame 4CDA	256 B 356 B	70ms 69ms	XHR application/json	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Ftelemetr.me%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A75h6wcsj9ghedjzqdff8j%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A1%3Adp%3A0%3Als%3A870660528743%3Ahid%3A945517154%3Az%3A0%3Ai%3A20230321130353%3Aet%3A1679403833%3Ac%3A1%3Arn%3A889868127%3Arqn%3A1%3Au%3A1679403833651386055%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C30%2C26%2C0%2C1%2C0%2C%2C17%2C1%2C76%2C76%2C0%2C75%3Aco%3A0%3Acpf%3A1%3Ans%3A1679403831115%3Ast%3A1679403833&t=clc(0-0-0)rqnt(1)aw(1)ti(2) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/watch.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 5b67f2c4bd826b48897d4ec0b6d4eb3548fa51c0b9cbe81667505ea15d32ffcc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:53 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Tue, 21-Mar-2023 13:03:53 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://yastatic.net cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 256 x-xss-protection 1; mode=block expires Tue, 21-Mar-2023 13:03:53 GMT
GET H2	200	advert.gif mc.yandex.ru/metrika/ Frame 4CDA	43 B 113 B	66ms 66ms	Image image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.ru/metrika/advert.gif Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:53 GMT strict-transport-security max-age=31536000 last-modified Tue, 21 Mar 2023 11:05:51 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "6419655f-2b" content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Tue, 21 Mar 2023 14:03:53 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 4CDA	3 KB 1 KB	106ms 106ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1679403833366&cv=9&fst=1679403833366&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelemetr.me%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5671ea4df69509c3df7e6e8bec14fe22fb2751f6dc69674ba694f6e3df8d1b37 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:53 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1377 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 4CDA	3 KB 1 KB	106ms 106ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1679403833370&cv=9&fst=1679403833370&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelemetr.me%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21db7f0e695e02721bbbd0cb9c258f6ddf9f85a0b0043a5549661ae6bb1a5114 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:53 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1386 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 4CDA	3 KB 1 KB	92ms 91ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1679403833373&cv=9&fst=1679403833373&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelemetr.me%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash efbdf3b18ff6d70fe36bf23deb99bc5b4dca2de7d16009686afaa3cb524201b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:53 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1377 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 4CDA	3 KB 1 KB	177ms 176ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1679403833374&cv=9&fst=1679403833374&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelemetr.me%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 95693ce96cb8de59f917587d1fc86468318b88dc60cc7288f0c91571d7ce40e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:53 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1386 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1Mlp0wYz0Hm200000000U9nJDDCsyEnTwvrZg7DiJjlRO-p2bcQh9LCOWC0J9XBgVS6a97Qnjp13AYDGF5Fdc4i5IBoK5SYhBGCIhOmWiXCa2mHC33CPJnP0s0iPYqGXh9MCzzWXhBsChkaI34V1_BEC84rNmUHTHWOP1eQ_ZBEO61ZcCe54bZBf0AcrJ150aRDC_... Show response yandex.ru/an/rtbcount/	43 B 191 B	95ms 94ms	XHR image/gif	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/an/rtbcount/1Mlp0wYz0Hm200000000U9nJDDCsyEnTwvrZg7DiJjlRO-p2bcQh9LCOWC0J9XBgVS6a97Qnjp13AYDGF5Fdc4i5IBoK5SYhBGCIhOmWiXCa2mHC33CPJnP0s0iPYqGXh9MCzzWXhBsChkaI34V1_BEC84rNmUHTHWOP1eQ_ZBEO61ZcCe54bZBf0AcrJ150aRDC_u7W5PD0lPqReyun1WR3FKVMP7ndPVZBn09o0ZF8DRtCYa1oAZD8yrnc9f2rG581P2lBHkOrlglS-ZKjL4uomtnz5QpoBfZyoUpWn0znDClC6wl1h1Ki9nyoRc3v3mECEv3O1v3ODraWVljW_v3bfi15vrFLr-tVie1yk82LyoJhV5DkiFG5reQ69fQRh6RAvIf-zikJlhA2T7UmDR1CODjsxS39AnjVBysPmNRbSF02jcDBdzxOyNZ7uwsCAzbWHXvWypZ1nlo8ZTSzsTBAowAgABYmEDty9HlCyfzmraHs_j2ZL_P4lRMVnSvcRc9eOMgoW9rn1JlZ1lQcXWQU7Umy9zZ57x0VFxXzxyid9zxa_M3dMS01zEmAZazQ6pZkyU_WO0G0k2At6000?confirmTime=2100000&confirmRatio=1000000&test-tag=262783279038466&format-type=118&actual-format=14&rnd=7328053531846&banner-sizes=eyI3MjA1NzYwNzUwMTIxMDQzMiI6IjM2OHg2MDAifQ%3D%3D&width=368&height=600 Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://telemetr.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 21 Mar 2023 13:03:53 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} x-yandex-req-id 1679403833492577-10305637345773766438-sas2-0346-814-sas-l7-balancer-8080-BAL p3p CP="NOI DEVa TAIa OUR BUS UNI STA" x-xss-protection 1; mode=block pragma no-cache last-modified Tue, 21 Mar 2023 13:03:53 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} content-type image/gif access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires Tue, 21 Mar 2023 13:03:53 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/947884341/ Frame 4CDA	42 B 108 B	45ms 44ms	Image image/gif	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/947884341/?random=1679403833373&cv=9&fst=1679403600000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelemetr.me%2F&async=1&fmt=3&is_vtc=1&random=3404774704&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:53 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.nl/pagead/1p-user-list/947884341/ Frame 4CDA	42 B 108 B	145ms 73ms	Image image/gif	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/pagead/1p-user-list/947884341/?random=1679403833373&cv=9&fst=1679403600000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelemetr.me%2F&async=1&fmt=3&is_vtc=1&random=3404774704&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:53 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/947884341/ Frame 4CDA	42 B 64 B	43ms 42ms	Image image/gif	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/947884341/?random=1679403833366&cv=9&fst=1679403600000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelemetr.me%2F&async=1&fmt=3&is_vtc=1&random=3246098249&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:53 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.nl/pagead/1p-user-list/947884341/ Frame 4CDA	42 B 108 B	139ms 77ms	Image image/gif	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/pagead/1p-user-list/947884341/?random=1679403833366&cv=9&fst=1679403600000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelemetr.me%2F&async=1&fmt=3&is_vtc=1&random=3246098249&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:53 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/693627671/ Frame 4CDA	42 B 64 B	44ms 44ms	Image image/gif	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/693627671/?random=1679403833370&cv=9&fst=1679403600000&num=1&guid=ON&eid=466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelemetr.me%2F&async=1&fmt=3&is_vtc=1&random=3068012947&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:53 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.nl/pagead/1p-user-list/693627671/ Frame 4CDA	42 B 108 B	132ms 74ms	Image image/gif	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/pagead/1p-user-list/693627671/?random=1679403833370&cv=9&fst=1679403600000&num=1&guid=ON&eid=466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelemetr.me%2F&async=1&fmt=3&is_vtc=1&random=3068012947&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:53 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	WPGejI_zO0W1LGm0v1HqDD1BLLF_bGK0208GW8200J4sgnba000003Z6hfe1Y085kG88NUoidqLVVF02_Focb0VWE_050Q06x0791ZOhC4cDhKjigGSinaHuxSO74_W70T08We20W0A02W682Wb_FaO1BCO0036ynAnez_0B1k0DWe20WO20W8W4c0wsri39rB7hf... Show response yandex.ru/an/count/	43 B 142 B	86ms 85ms	XHR image/gif	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/an/count/WPGejI_zO0W1LGm0v1HqDD1BLLF_bGK0208GW8200J4sgnba000003Z6hfe1Y085kG88NUoidqLVVF02_Focb0VWE_050Q06x0791ZOhC4cDhKjigGSinaHuxSO74_W70T08We20W0A02W682Wb_FaO1BCO0036ynAnez_0B1k0DWe20WO20W8W4c0wsri39rB7hfMoe3woCyxJOtV634v0GhS31iDpRxvmsqfxgZI_W507m5S6AzkoZZxpyOvWMaEJbe0QWoHRmFzWMWHUe5mdG627u68BBjlpFcEx4P80PYHcVDGiPk1d___y1m1csnjoZukdFqsBI6H9vOM9pNtDbSdPbSYzoDpauBJ7e6V02y1c0mWEO6jJ3Kx0RIBWR0u8S3KTZEJfAE7foKt5pPpVf780T_t_m7m7u7m6088A0W0o880pG8V___m7L8l__V_-18m0000000F0_4W1tHjWmDyNnI5GW0wEcC07GZ9S9nUAG1dWbHnC3KndQlUQewgEoS4Ogbx1sZl8cE5QHf57S82A3K000~1=WPiejI_zOC00ZGm0X1RHOcb1m07wcFYcwuJWhOe1W07tgSpNlv_-mYw80Qo5Z8YX0P01W8tBf-I0W802c060ZSkdPBW1egYpcoRO0R32nwu1u06MbQ-P0UW1NFW1lA3UlW6W0exwXG6m0xuIY0NKfWwG1UJHFx05-vOGk0NxbX301SMpmWJ81So6am7G1VBt1QW6x06f1op6H7ZjnWSJk0U01T08keY0WSA0W0RW28VzGkW91u0A0VWAWBKOw0oJ0fWDiUaimR2GWW6O4U6YBQ6vW1I0W884q1JavBnxw1IC0fWMaEJbe0QWoHRG5hoWthu1c1UNjRGik1S1m1UrrW6W6Um1k1d___y1WHh__-U9l-nhSgWU0R0V0SWVcE6ZLwaWWqI0DZsYl3-u8EteB90Ytg8ja2BWeYsG8k6YBP0Yug8ja2BaeYsG8kQYBTKY__z__u4ZYIEQcPcPcPdPFv0ZuRltxFcHnV5Ic2EVxyJEbFYconSB0CyU93wznY0YI4Dbe8dXM3Vc8chpCh_L9L_Ed1rOgLBQdM2mW0C0~1?stat-id=5&test-tag=262783279094289&banner-sizes=eyI3MjA1NzYwNzUwMTIxMDQzMiI6IjM2OHg2MDAifQ%3D%3D&format-type=118&actual-format=14&pcodever=741854&banner-test-tags=eyI3MjA1NzYwNzUwMTIxMDQzMiI6IjI2Nzg4MzMifQ%3D%3D&order-banners-options=eyI3MjA1NzYwNzUwMTIxMDQzMiI6MjA0OH0&constructor-rendered-assets=eyI3MjA1NzYwNzUwMTIxMDQzMiI6MzU5N30&width=368&height=600&confirmTime=2100000&confirmRatio=1000000&wmode=0 Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://telemetr.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 21 Mar 2023 13:03:53 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} x-yandex-req-id 1679403833581729-10728061491978133781-sas2-0346-814-sas-l7-balancer-8080-BAL p3p CP="NOI DEVa TAIa OUR BUS UNI STA" x-xss-protection 1; mode=block pragma no-cache last-modified Tue, 21 Mar 2023 13:03:53 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} content-type image/gif access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires Tue, 21 Mar 2023 13:03:53 GMT
GET H2	200	37412095 Show response mc.yandex.ru/watch/ Frame 4CDA	439 B 471 B	73ms 73ms	XHR application/json	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Ftelemetr.me%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Avf%3A75h6wcsj9ghedjzqdff8j%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A983%3Acn%3A2%3Adp%3A1%3Als%3A1644383021727%3Ahid%3A945517154%3Aphid%3A1009615206%3Az%3A0%3Ai%3A20230321130353%3Aet%3A1679403834%3Ac%3A1%3Arn%3A357226487%3Arqn%3A1%3Au%3A1679403833651386055%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C30%2C26%2C0%2C1%2C0%2C%2C17%2C1%2C76%2C76%2C0%2C75%3Aco%3A0%3Acpf%3A1%3Ans%3A1679403831115%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1679403834%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)aw(1)ti(2) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/watch.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 50b0a659b18a37bdda223dca23f2ea981ff01758d61da185e87d73bdaf6e284b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:53 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Tue, 21-Mar-2023 13:03:53 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://yastatic.net cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 439 x-xss-protection 1; mode=block expires Tue, 21-Mar-2023 13:03:53 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/693627671/ Frame 4CDA	42 B 64 B	50ms 50ms	Image image/gif	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/693627671/?random=1679403833374&cv=9&fst=1679403600000&num=1&guid=ON&eid=466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelemetr.me%2F&async=1&fmt=3&is_vtc=1&random=4046828262&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:53 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.nl/pagead/1p-user-list/693627671/ Frame 4CDA	42 B 108 B	73ms 72ms	Image image/gif	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/pagead/1p-user-list/693627671/?random=1679403833374&cv=9&fst=1679403600000&num=1&guid=ON&eid=466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftelemetr.me%2F&async=1&fmt=3&is_vtc=1&random=4046828262&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 13:03:53 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1VONaCN30Hy200000000U9nJDDCsyEnTwvrZg7FCXPdnEBkmfVbgoHG68F24YOGkqedqZ5tiBSoGoWWKpzGvbl2P0IXU2kBLbW69LaOGsGdY0m4Jmqp6o_mGza961bO8QoNZDQZyNiPTN48CHy7yiumWmQjWyYuZWmm3mr_6MKmC37EPG29hcNu1oRDC_u7W5PF01... Show response yandex.ru/an/rtbcount/	43 B 141 B	81ms 81ms	XHR image/gif	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/an/rtbcount/1VONaCN30Hy200000000U9nJDDCsyEnTwvrZg7FCXPdnEBkmfVbgoHG68F24YOGkqedqZ5tiBSoGoWWKpzGvbl2P0IXU2kBLbW69LaOGsGdY0m4Jmqp6o_mGza961bO8QoNZDQZyNiPTN48CHy7yiumWmQjWyYuZWmm3mr_6MKmC37EPG29hcNu1oRDC_u7W5PF01XVx4frZ30oniq-koVZEol2NYGLaEJF8XbvcHI0vbHcaRIup4yX2PYP71P1zB1kPr_YkSklNj50voGppxrMmohjWyYUpWnF4lGjP4grMWrahM2xBRs3v3mECEv3O1v3O5rXcpttySCESESl5Rx90_FV1_Y7BJO6BpgUghzk_PG7vSW4hvqdM-QRSOEaBh0qD3ImtMSsKorNyx9SdVMK56TJ1ri0oWMtRjGCdhsnylJHd1jkLmy4Bs8ujVNfZn-CTZxSohcI36Nc0pUC46_CZDbxtP4ihJqVlak32udJpbsmmot_2MHFP-KEFNjaJzTP-5ZkRkOcXXQd90dR65UoC6zWR5ZJmx63dES4k_e2zVsFFwuF_pfuE-S7Eiu3ZilmAZWQk3HpNc7TmC080muwrfW00?confirmTime=2100000&confirmRatio=1000000&test-tag=262783279038466&format-type=118&actual-format=8&rnd=3948831617445&banner-sizes=eyI3MjA1NzYwNzU4OTE5ODU0OCI6IjExNjN4MzAwIn0%3D&width=1163&height=300 Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://telemetr.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 21 Mar 2023 13:03:53 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} x-yandex-req-id 1679403833675612-4304566480900320933-sas2-0346-814-sas-l7-balancer-8080-BAL p3p CP="NOI DEVa TAIa OUR BUS UNI STA" x-xss-protection 1; mode=block pragma no-cache last-modified Tue, 21 Mar 2023 13:03:53 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} content-type image/gif access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires Tue, 21 Mar 2023 13:03:53 GMT
GET H2	200	WOyejI_zO0W1BGm0X1H9MIoY0WfromK0208GW8200J4tgnba000003Z6hfe1Y081kG88NUoidqLVVF02_Focb0VWE_050Q06x0791ZOhC4cDhKjigGSinc3p0CS74_W70T08We20W0AmH3zqBCO005sRoQnez_0B1k0DWeA1WO20W8W4c0wsri39rB7hfMoe3woCa... Show response yandex.ru/an/count/	43 B 141 B	84ms 84ms	XHR image/gif	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/an/count/WOyejI_zO0W1BGm0X1H9MIoY0WfromK0208GW8200J4tgnba000003Z6hfe1Y081kG88NUoidqLVVF02_Focb0VWE_050Q06x0791ZOhC4cDhKjigGSinc3p0CS74_W70T08We20W0AmH3zqBCO005sRoQnez_0B1k0DWeA1WO20W8W4c0wsri39rB7hfMoe3woCavgGuF634v0GhS31iDpRxvmsqfxgZI_W507m5S6AzkoZZxpyOvWMaEJbe0QWoHRmFzWMWHUe5mdG627u68BBjlpFcEx4P80PYHcVDGiPk1d___y1m1csnjoZukdFqsBI6H9vOM9pNtDbSdPbSYzoDpauBJ7e6Oi9y1c0mWEO6jJ3Kx0RIBWR0u8S3KTZEJf9GKjqKt5pPpVf780T_t_m7m7u7m60882WW0o880pG8V___m7L8l__V_-18m0000000F0_4W1tHjWmDyNnI5GW0wEcC07GZ9S9nUAG1dWbHnC3KndQlUQewgEoS4Ogbx1s3kKagZagaZIA6qHa40e0~1=WPaejI_zOCq0VGm0n1LVnmYspG66_-JaxDUidUe1W07jv_7qXTh_nRW1Y07PYiA4eW6G0QZhl_laW8200fW1gEk_-sIu0RAOzQCcs07woe-l0U01zksQhW7e0SAW0kISjnkm0_SDY0MrgWIG1O_A2x05wkS3k0NgvmF01R_V0yW5wPq1q0MXYW6e1km1gGSinc3p0CS74xW7W0N2W806u0YopjiDw0a7W0e1w0oJ0fWDsvSmeQ02c17XeYsXkQWJcvtZuR2SdASNW1I0W83e58m2c1QGvEMW1g395l0_q1Rexjw-0PWNpDkBCRWN0S0NjTO1e1di0RWP____0O4Q__ylM2INHlAW6gB4iTAelhQ47QWU0R0V0SWVlUN7LxWWxUWia2BUeYsG8k2YBP0YuQ8ja2BYeYsG8kIYBP0Yvg8jrIB__t__WIE98vgPcPcPcTa_a2EdpD_8yishckq1c2ERslhydl-X_58E010V9EQzXfCc1bOP4h8_Pq4C0tHekQzvsUbqoSaxOtjQaf7XgfJEZ61uQ7A2RG8E~1?stat-id=1&test-tag=262783279094289&banner-sizes=eyI3MjA1NzYwNzU4OTE5ODU0OCI6IjExNjN4MzAwIn0%3D&format-type=118&actual-format=8&pcodever=741854&banner-test-tags=eyI3MjA1NzYwNzU4OTE5ODU0OCI6IjU3MzYxIn0%3D&constructor-rendered-assets=eyI3MjA1NzYwNzU4OTE5ODU0OCI6MTcwMzd9&width=1163&height=300&confirmTime=2101000&confirmRatio=1000000&wmode=0 Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://telemetr.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 21 Mar 2023 13:03:53 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} x-yandex-req-id 1679403833874383-4963710316037889058-sas2-0346-814-sas-l7-balancer-8080-BAL p3p CP="NOI DEVa TAIa OUR BUS UNI STA" x-xss-protection 1; mode=block pragma no-cache last-modified Tue, 21 Mar 2023 13:03:53 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} content-type image/gif access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires Tue, 21 Mar 2023 13:03:53 GMT
POST H2	200	WWKejI_zO4G1tGy091m00000KfIvhWK0H08nDgiPP000000ungwQ0M2y26W4W07tgSpNlv_-mYw80Qo5Z8YX0P01W8tBf-I0W802c060ZSkdPBW1egYpcoRO0R32nwu1u06MbQ-P0Q02Zlg50U0xw0I-4lW4vD4_Y0NKfWwG1UJHFw05bBKJg0NxbX2m1VkM4BW5-... yandex.ru/an/tracking/	0 183 B	77ms 76ms	Ping text/plain	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/an/tracking/WWKejI_zO4G1tGy091m00000KfIvhWK0H08nDgiPP000000ungwQ0M2y26W4W07tgSpNlv_-mYw80Qo5Z8YX0P01W8tBf-I0W802c060ZSkdPBW1egYpcoRO0R32nwu1u06MbQ-P0Q02Zlg50U0xw0I-4lW4vD4_Y0NKfWwG1UJHFw05bBKJg0NxbX2m1VkM4BW5-vOGm0N5iy84o0NCXfC1u0MK0JOhC4cDhKjigGSinaHuxSO74xW7W0M8W872W806w0afosNhNrkxFty-HW4inW00CRp4h6Zt1G3m2mRW3OA0W860W8281BRMmCdKiUkbRA0EpOOxg0-iZFEqsDtnWnE049YVp2V1i9220PWHuQ8jeRa_mH4gtFMdFeWjb80KW8221AWK-yr2m1I0fAVQ1iWK1D0KvEIyUzWKduw1e0RW507O5gt0mR3Ss--SDe4Ny3-O5vUrj2pG5z260zWNrki-q1WX-1Z1YlRieu-y_6E06RWQ0u8S3KTZEJfAE7foKt5pPpVf780TVz0UeEBQzQdubu1Vs1xwsXwW7vYVp2Um7m787vZXerVI7mOtD34uDJJW80RG8V___m7L8l__V_-18uaZcfcPcPcPsJyG05KWoLT7UHXfaq2kN0gHe6BO-cLEA_HaymL2PgCBbyi5SJm9Z27fXtbXEXUHOT3YtXyjCXW5~1?action-id=14&adsdk-bundle-version=741838&adsdk-bundle-name=AdLoader&ad-session-id=2609881679403830700&vsid=d2148ddabcc4aab98c2dba22f2f12a1db2314d46852fxVASx1854x1679403830&top-ancestor=https%3A%2F%2Ftelemetr.me&top-ancestor-undetermined=0&client-ts=1679403834116&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=741838%2C0%2C34&document-has-focus=true&is-fullscreen=false&ad-pod-id=unknown&product-theme=unknown&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22width%22%3A372%2C%22height%22%3A209%2C%22w%22%3A372%2C%22h%22%3A209%2C%22left%22%3A18%2C%22top%22%3A302%2C%22visible%22%3A1%2C%22req_no%22%3A2%7D Requested by Host: yastatic.net URL: https://yastatic.net/vas-bundles/741838/bundles-es2017/loader.bundle.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:54 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} x-yandex-req-id 1679403834158322-2759545958700034211-sas2-0346-814-sas-l7-balancer-8080-BAL p3p CP="NOI DEVa TAIa OUR BUS UNI STA" x-xss-protection 1; mode=block pragma no-cache last-modified Tue, 21 Mar 2023 13:03:54 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires Tue, 21 Mar 2023 13:03:54 GMT
POST H2	200	log log.strm.yandex.ru/	0 69 B	73ms 73ms	Ping text/plain	2a02:6b8::28d GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://log.strm.yandex.ru/log?VAS=741838&event=VastTracking_impression Requested by Host: yastatic.net URL: https://yastatic.net/vas-bundles/741838/bundles-es2017/loader.bundle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a02:6b8::28d Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://telemetr.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://telemetr.me access-control-expose-headers Date date Tue, 21 Mar 2023 13:03:54 GMT access-control-allow-credentials true timing-allow-origin https://telemetr.me content-length 0 x-request-id 1679403834159269-2642850831315432932
POST H2	200	WWKejI_zO4G1tGy091m00000KfIvhWK0H08nDgiPP000000ungwQ0M2y26W4W07tgSpNlv_-mYw80Qo5Z8YX0P01W8tBf-I0W802c060ZSkdPBW1egYpcoRO0R32nwu1u06MbQ-P0Q02Zlg50U0xw0I-4lW4vD4_Y0NKfWwG1UJHFw05bBKJg0NxbX2m1VkM4BW5-... yandex.ru/an/tracking/	0 266 B	78ms 78ms	Ping text/plain	2a02:6b8:a::a GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/an/tracking/WWKejI_zO4G1tGy091m00000KfIvhWK0H08nDgiPP000000ungwQ0M2y26W4W07tgSpNlv_-mYw80Qo5Z8YX0P01W8tBf-I0W802c060ZSkdPBW1egYpcoRO0R32nwu1u06MbQ-P0Q02Zlg50U0xw0I-4lW4vD4_Y0NKfWwG1UJHFw05bBKJg0NxbX2m1VkM4BW5-vOGm0N5iy84o0NCXfC1u0MK0JOhC4cDhKjigGSinaHuxSO74xW7W0M8W872W806w0afosNhNrkxFty-HW4inW00CRp4h6Zt1G3m2mRW3OA0W860W8281BRMmCdKiUkbRA0EpOOxg0-iZFEqsDtnWnE049YVp2V1i9220PWHuQ8jeRa_mH4gtFMdFeWjb80KW8221AWK-yr2m1I0fAVQ1iWK1D0KvEIyUzWKduw1e0RW507O5gt0mR3Ss--SDe4Ny3-O5vUrj2pG5z260zWNrki-q1WX-1Z1YlRieu-y_6E06RWQ0u8S3KTZEJfAE7foKt5pPpVf780TVz0UeEBQzQdubu1Vs1xwsXwW7vYVp2Um7m787vZXerVI7mOtD34uDJJW80RG8V___m7L8l__V_-18uaZcfcPcPcPsJyG05KWoLT7UHXfaq2kN0gHe6BO-cLEA_HaymL2PgCBbyi5SJm9Z27fXtbXEXUHOT3YtXyjCXW5~1?action-id=13&adsdk-bundle-version=741838&adsdk-bundle-name=AdLoader&ad-session-id=2609881679403830700&vsid=d2148ddabcc4aab98c2dba22f2f12a1db2314d46852fxVASx1854x1679403830&top-ancestor=https%3A%2F%2Ftelemetr.me&top-ancestor-undetermined=0&client-ts=1679403834118&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=741838%2C0%2C34&document-has-focus=true&is-fullscreen=false&ad-pod-id=a34sdf%3B1120306531%3B0%3Be1b0aa6d03a81f44%3B1371283335025575468%3B0%3B1264547%3B5%3B0&product-theme=unknown&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22width%22%3A372%2C%22height%22%3A209%2C%22w%22%3A372%2C%22h%22%3A209%2C%22left%22%3A18%2C%22top%22%3A302%2C%22visible%22%3A1%2C%22req_no%22%3A3%7D Requested by Host: yastatic.net URL: https://yastatic.net/vas-bundles/741838/bundles-es2017/loader.bundle.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://telemetr.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 13:03:54 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} x-yandex-req-id 1679403834160195-234512192319306941-sas2-0346-814-sas-l7-balancer-8080-BAL p3p CP="NOI DEVa TAIa OUR BUS UNI STA" x-xss-protection 1; mode=block pragma no-cache last-modified Tue, 21 Mar 2023 13:03:54 GMT accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} access-control-allow-origin https://telemetr.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires Tue, 21 Mar 2023 13:03:54 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

mitdmp.whiteboxdigital.ru

URL

https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D

Domain

sonar.semantiqo.com

URL

https://sonar.semantiqo.com/dmp/scr.php