urlscan.io logo urlscan.io
SecurityTrails logo

download-tlgm.ru Open in urlscan Pro
185.246.66.33  Public Scan

Go To Rescan Add Verdict Report
URL: http://download-tlgm.ru/
Submission: On January 27 via api from BY — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 53 IPs in 12 countries across 67 domains to perform 362 HTTP transactions. The main IP is 185.246.66.33, located in Russian Federation and belongs to RU-JSCIOT, RU. The main domain is download-tlgm.ru.
This is the only time download-tlgm.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
47 185.246.66.33 29182 (RU-JSCIOT)
6 2a00:1450:400... 15169 (GOOGLE)
8 20 2a02:6b8:a::a 13238 (YANDEX)
50 2a00:1450:400... 15169 (GOOGLE)
1 88.208.46.156 39572 (ADVANCEDH...)
1 176.99.5.252 49352 (LOGOL-AS)
12 2a00:1450:400... 15169 (GOOGLE)
5 19 2a02:6b8::1:119 13238 (YANDEX)
1 5 88.208.46.53 39572 (ADVANCEDH...)
1 88.208.13.82 39572 (ADVANCEDH...)
1 20 2a00:1450:400... 15169 (GOOGLE)
1 88.208.5.115 39572 (ADVANCEDH...)
9 2a02:6b8:20::215 13238 (YANDEX)
2 2 31.220.27.135 39572 (ADVANCEDH...)
1 25 2a02:6b8::90 13238 (YANDEX)
1 2a02:6b8::184 13238 (YANDEX)
28 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 31.220.27.134 39572 (ADVANCEDH...)
1 1 35.177.4.157 16509 (AMAZON-02)
3 3 142.132.138.214 24940 (HETZNER-AS)
1 1 193.3.184.217 50214 (QWARTA)
5 6 188.42.34.64 7979 (SERVERS-COM)
1 2 63.33.78.63 16509 (AMAZON-02)
1 52.45.175.185 14618 (AMAZON-AES)
7 11 142.250.186.130 15169 (GOOGLE)
1 1 144.126.246.116 14061 (DIGITALOC...)
1 35.214.149.91 15169 (GOOGLE)
1 77.245.57.72 36057 (WEBAIR-IN...)
1 1 2001:6d0:4001... 52016 (ADFACT)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 37.230.131.21 200197 (HYBRID-PO...)
5 6 185.15.175.130 43226 (SAFEDATA ...)
1 1 188.68.217.18 49505 (SELECTEL)
1 63.35.143.96 16509 (AMAZON-02)
2 2 136.243.48.253 24940 (HETZNER-AS)
1 1 51.250.81.61 200350 (YANDEXCLOUD)
2 2 217.199.220.43 61400 (NETRACK-AS)
2 2 185.40.31.213 61400 (NETRACK-AS)
4 4 217.66.147.40 29209 (SPBMTS-AS...)
2 2 213.87.44.187 13174 (MTSNET Mo...)
1 1 217.65.2.150 3175 (CITYTELEC...)
1 2 167.235.186.113 24940 (HETZNER-AS)
1 1 91.192.150.14 42481 (BEGUN-AS)
2 2 193.232.148.145 48061 (UMA-TECH-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 77.244.216.90 49505 (SELECTEL)
1 2 95.217.109.66 24940 (HETZNER-AS)
2 2 88.212.202.52 39134 (UNITEDNET)
2 81.222.128.215 20597 (ELTEL-AS)
2 3 31.172.81.160 44066 (DE-FIRSTC...)
1 138.201.65.68 24940 (HETZNER-AS)
2 2 188.42.105.236 7979 (SERVERS-COM)
2 2 46.4.53.119 24940 (HETZNER-AS)
2 2 89.108.120.76 197695 (AS-REG)
1 1 188.72.109.103 208677 (CLOUDRU-AS)
1 1 87.242.93.185 208677 (CLOUDRU-AS)
4 4 93.95.102.105 48347 (MTW-AS)
1 81.171.9.38 60781 (LEASEWEB-...)
2 85.192.12.174 12695 (DINET-AS)
2 2 5.189.234.229 50340 (SELECTEL-MSK)
1 1 193.106.93.124 48614 (ITSOFT-AS)
1 1 188.120.241.50 29182 (RU-JSCIOT)
1 2 95.163.52.67 47764 (VK-AS)
7 2404:6800:400... 15169 (GOOGLE)
1 74.125.133.156 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 6 37.157.2.228 198622 (ADFORM)
1 2 2a00:1450:400... 15169 (GOOGLE)
3 5 104.18.36.155 13335 (CLOUDFLAR...)
3 4 37.252.171.85 29990 (ASN-APPNEX)
4 34.98.64.218 396982 (GOOGLE-CL...)
4 2.19.217.101 16625 (AKAMAI-AS)
1 37.157.6.236 198622 (ADFORM)
48 2a00:1450:400... 15169 (GOOGLE)
7 142.250.185.98 15169 (GOOGLE)
6 172.217.18.2 15169 (GOOGLE)
1 3.71.149.231 16509 (AMAZON-02)
362 53
47    185.246.66.33 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: bsserver.fvds.ru
download-tlgm.ru
6    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
20    2a02:6b8:a::a (Russian Federation)

ASN13238 (YANDEX, RU)
yandex.ru
50    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    88.208.46.156 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
hunterers.com
1    176.99.5.252 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
installpack.net
12    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
19    2a02:6b8::1:119 (Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
5    88.208.46.53 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
muloyorom.com
1    88.208.13.82 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
msetup-partners.com
20    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    88.208.5.115 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
mpraven.org
9    2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)
yastatic.net
2    31.220.27.135 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
25    2a02:6b8::90 (Russian Federation)

ASN13238 (YANDEX, RU)
an.yandex.ru
1    2a02:6b8::184 (Russian Federation)

ASN13238 (YANDEX, RU)
avatars.mds.yandex.net
28    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
5    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
uuidksinc.net
d.uuidksinc.net
1    35.177.4.157 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-4-157.eu-west-2.compute.amazonaws.com
px.arcspire.io
3    142.132.138.214 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.214.138.132.142.clients.your-server.de
acint.net
1    193.3.184.217 (Russian Federation)

ASN50214 (QWARTA, RU)
ssp-rtb.sape.ru
6    188.42.34.64 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    63.33.78.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-78-63.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
11    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
1    144.126.246.116 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
yandex.digital-services.solutions
1    35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com
x.bidswitch.net
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
1    2001:6d0:4001::226 (Russian Federation)

ASN52016 (ADFACT, RU)
cm.tns-counter.ru
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
3    37.230.131.21 (Amsterdam, Netherlands)

ASN200197 (HYBRID-POLAND, PL)
dm.hybrid.ai
dm-eu.hybrid.ai
6    185.15.175.130 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
1    188.68.217.18 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL, RU)
dsp.mpartner.digital
1    63.35.143.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-143-96.eu-west-1.compute.amazonaws.com
euw-ice.360yield.com
2    136.243.48.253 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.253.48.243.136.clients.your-server.de
exchange.buzzoola.com
1    51.250.81.61 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)
eye.targetads.io
2    217.199.220.43 (Russian Federation)

ASN61400 (NETRACK-AS, RU)
PTR: s3.kimberlite.io
kimberlite.io
2    185.40.31.213 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)
sync.dsp.solta.io
4    217.66.147.40 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-40-147-66-217.spbmts.ru
sm.rtb.mts.ru
vma.mts.ru
2    213.87.44.187 (Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru
tech.rtb.mts.ru
1    217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)
match.new-programmatic.com
2    167.235.186.113 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.113.186.235.167.clients.your-server.de
nr.bidderstack.com
1    91.192.150.14 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru
profile.ssp.rambler.ru
2    193.232.148.145 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp6.sender.ltmse.com
px.adhigh.net
1    2606:4700:20::681a:f45 (United States)

ASN13335 (CLOUDFLARENET, US)
rtb-eu-warsaw.intent.ai
2    77.244.216.90 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL, RU)
shopnetic.com
2    95.217.109.66 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de
sonar.semantiqo.com
2    88.212.202.52 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru
counter.yadro.ru
2    81.222.128.215 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad15.adriver.ru
ssp.adriver.ru
3    31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
1    138.201.65.68 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.68.65.201.138.clients.your-server.de
sync.dmp.otm-r.com
2    188.42.105.236 (Luxembourg)

ASN7979 (SERVERS-COM, US)
sync.gonet-ads.com
2    46.4.53.119 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-6.community.moscow
sync.upravel.com
2    89.108.120.76 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru
x01.aidata.io
1    188.72.109.103 (Russian Federation)

ASN208677 (CLOUDRU-AS, RU)
yandex-dmp-sync.rutarget.ru
1    87.242.93.185 (Russian Federation)

ASN208677 (CLOUDRU-AS, RU)
PTR: fr20.segmento.ru
yandex-sync.rutarget.ru
4    93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
fcgi4.gnezdo.ru
1    81.171.9.38 (Renswoude, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
z.cdn.adtarget.me
2    85.192.12.174 (Russian Federation)

ASN12695 (DINET-AS, RU)
dmpprof.com
2    5.189.234.229 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
sync.adspend.space
1    193.106.93.124 (Russian Federation)

ASN48614 (ITSOFT-AS, RU)
prodmp.ru
1    188.120.241.50 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: sync00.platforma.id
1010--1501445047--e4c713ec-90bc-436b-88bf-0d0097e74882.stbid.ru
2    95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
7    2404:6800:4005:809::2003 (Hong Kong)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    74.125.133.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f156.1e100.net
bid.g.doubleclick.net
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    37.157.2.228 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
4    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
4    2.19.217.101 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-101.deploy.static.akamaitechnologies.com
sync.teads.tv
1    37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
48    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
7    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
6    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
ade.googlesyndication.com
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
Apex Domain
Subdomains		 Transfer
84 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
ade.googlesyndication.com — Cisco Umbrella Rank: 356
772 KB
49 yandex.ru
yandex.ru — Cisco Umbrella Rank: 2180
mc.yandex.ru — Cisco Umbrella Rank: 3982
an.yandex.ru — Cisco Umbrella Rank: 6258
ysa-static.passport.yandex.ru Failed
230 KB
48 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
18 MB
47 download-tlgm.ru
download-tlgm.ru
618 KB
39 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
bid.g.doubleclick.net — Cisco Umbrella Rank: 917
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594
258 KB
19 gstatic.com
fonts.gstatic.com
csi.gstatic.com
www.gstatic.com
253 KB
15 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8747
8 KB
9 yastatic.net
yastatic.net — Cisco Umbrella Rank: 6536
234 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
imasdk.googleapis.com — Cisco Umbrella Rank: 485
142 KB
7 adform.net
track.adform.net — Cisco Umbrella Rank: 5048
s1.adform.net — Cisco Umbrella Rank: 9860
1 MB
7 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 10769
uuidksinc.net — Cisco Umbrella Rank: 10730
d.uuidksinc.net — Cisco Umbrella Rank: 349518
3 KB
6 mts.ru
sm.rtb.mts.ru — Cisco Umbrella Rank: 34948
vma.mts.ru — Cisco Umbrella Rank: 37422
tech.rtb.mts.ru — Cisco Umbrella Rank: 42626
4 KB
6 digitaltarget.ru
dmg.digitaltarget.ru — Cisco Umbrella Rank: 21957
4 KB
6 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1908
4 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
3 KB
5 muloyorom.com
muloyorom.com
24 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1376
652 B
4 openx.net
us-u.openx.net — Cisco Umbrella Rank: 524
608 B
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
4 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
260 KB
4 gnezdo.ru
fcgi4.gnezdo.ru — Cisco Umbrella Rank: 51908
1 KB
3 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 4420
2 KB
3 hybrid.ai
dm.hybrid.ai — Cisco Umbrella Rank: 31538
dm-eu.hybrid.ai — Cisco Umbrella Rank: 11851
799 B
3 acint.net
acint.net — Cisco Umbrella Rank: 20793
1 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 10239
2 KB
2 adspend.space
sync.adspend.space — Cisco Umbrella Rank: 46634
1 KB
2 dmpprof.com
dmpprof.com — Cisco Umbrella Rank: 204904
1 KB
2 rutarget.ru
yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 71401
yandex-sync.rutarget.ru — Cisco Umbrella Rank: 71654
837 B
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 14168
1 KB
2 upravel.com
sync.upravel.com — Cisco Umbrella Rank: 37153
1 KB
2 gonet-ads.com
sync.gonet-ads.com — Cisco Umbrella Rank: 39250
578 B
2 adriver.ru
ssp.adriver.ru — Cisco Umbrella Rank: 27660
402 B
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 11938
982 B
2 semantiqo.com
sonar.semantiqo.com — Cisco Umbrella Rank: 70204
977 B
2 shopnetic.com
shopnetic.com — Cisco Umbrella Rank: 66484
545 B
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 18494
812 B
2 bidderstack.com
nr.bidderstack.com — Cisco Umbrella Rank: 42708
566 B
2 solta.io
sync.dsp.solta.io — Cisco Umbrella Rank: 38915
431 B
2 kimberlite.io
kimberlite.io — Cisco Umbrella Rank: 30029
1 KB
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 20936
360 B
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 25218
535 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
1 KB
1 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
125 B
1 stbid.ru
1010--1501445047--e4c713ec-90bc-436b-88bf-0d0097e74882.stbid.ru
110 B
1 prodmp.ru
prodmp.ru — Cisco Umbrella Rank: 65667
649 B
1 adtarget.me
z.cdn.adtarget.me — Cisco Umbrella Rank: 67448
41 B
1 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 23229
69 B
1 intent.ai
rtb-eu-warsaw.intent.ai — Cisco Umbrella Rank: 69378
833 B
1 rambler.ru
profile.ssp.rambler.ru — Cisco Umbrella Rank: 47699
228 B
1 new-programmatic.com
match.new-programmatic.com — Cisco Umbrella Rank: 37636
262 B
1 targetads.io
eye.targetads.io — Cisco Umbrella Rank: 64670
168 B
1 360yield.com
euw-ice.360yield.com — Cisco Umbrella Rank: 12595
199 B
1 mpartner.digital
dsp.mpartner.digital — Cisco Umbrella Rank: 61162
374 B
1 tns-counter.ru
cm.tns-counter.ru — Cisco Umbrella Rank: 69858
387 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1634
202 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
235 B
1 digital-services.solutions
yandex.digital-services.solutions — Cisco Umbrella Rank: 38974
274 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 37243
241 B
1 sape.ru
ssp-rtb.sape.ru — Cisco Umbrella Rank: 25777
698 B
1 arcspire.io
px.arcspire.io — Cisco Umbrella Rank: 66710
317 B
1 yandex.net
avatars.mds.yandex.net — Cisco Umbrella Rank: 7692
59 KB
1 mpraven.org
mpraven.org
507 B
1 msetup-partners.com
msetup-partners.com
594 B
1 installpack.net
installpack.net
713 B
1 hunterers.com
hunterers.com
9 KB
0 whiteboxdigital.ru Failed
mitdmp.whiteboxdigital.ru Failed
362 67
Domain Requested by
50 pagead2.googlesyndication.com download-tlgm.ru
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
48 s0.2mdn.net download-tlgm.ru
s0.2mdn.net
47 download-tlgm.ru download-tlgm.ru
28 tpc.googlesyndication.com googleads.g.doubleclick.net
download-tlgm.ru
imasdk.googleapis.com
tpc.googlesyndication.com
s0.2mdn.net
pagead2.googlesyndication.com
25 an.yandex.ru 1 redirects yandex.ru
download-tlgm.ru
20 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
download-tlgm.ru
20 yandex.ru 8 redirects download-tlgm.ru
yandex.ru
yastatic.net
15 mc.yandex.com 4 redirects download-tlgm.ru
mc.yandex.ru
11 cm.g.doubleclick.net 7 redirects download-tlgm.ru
googleads.g.doubleclick.net
9 yastatic.net yandex.ru
yastatic.net
download-tlgm.ru
9 fonts.gstatic.com fonts.googleapis.com
download-tlgm.ru
7 googleads4.g.doubleclick.net download-tlgm.ru
7 csi.gstatic.com imasdk.googleapis.com
6 ade.googlesyndication.com download-tlgm.ru
6 track.adform.net 1 redirects imasdk.googleapis.com
download-tlgm.ru
6 dmg.digitaltarget.ru 5 redirects uuidksinc.net
6 ads.betweendigital.com 5 redirects download-tlgm.ru
6 fonts.googleapis.com download-tlgm.ru
googleads.g.doubleclick.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 muloyorom.com 1 redirects download-tlgm.ru
muloyorom.com
4 sync.teads.tv googleads.g.doubleclick.net
4 us-u.openx.net googleads.g.doubleclick.net
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 www.googletagservices.com download-tlgm.ru
googleads.g.doubleclick.net
4 d.uuidksinc.net uuidksinc.net
4 fcgi4.gnezdo.ru 4 redirects
4 mc.yandex.ru 1 redirects download-tlgm.ru
yastatic.net
3 www.gstatic.com googleads.g.doubleclick.net
3 sync.bumlam.com 2 redirects download-tlgm.ru
3 acint.net 3 redirects
3 imasdk.googleapis.com googleads.g.doubleclick.net
download-tlgm.ru
2 www.google.com 1 redirects tpc.googlesyndication.com
2 top-fwz1.mail.ru 1 redirects uuidksinc.net
2 sync.adspend.space 2 redirects
2 dmpprof.com uuidksinc.net
2 x01.aidata.io 2 redirects
2 sync.upravel.com 2 redirects
2 sync.gonet-ads.com 2 redirects
2 ssp.adriver.ru download-tlgm.ru
2 counter.yadro.ru 2 redirects
2 sonar.semantiqo.com 1 redirects download-tlgm.ru
2 shopnetic.com 1 redirects download-tlgm.ru
2 px.adhigh.net 2 redirects
2 nr.bidderstack.com 1 redirects download-tlgm.ru
2 tech.rtb.mts.ru 2 redirects
2 vma.mts.ru 2 redirects
2 sm.rtb.mts.ru 2 redirects
2 sync.dsp.solta.io 2 redirects
2 kimberlite.io 2 redirects
2 exchange.buzzoola.com 2 redirects
2 dm.hybrid.ai download-tlgm.ru
2 cr.frontend.weborama.fr 1 redirects download-tlgm.ru
2 dpm.demdex.net 1 redirects download-tlgm.ru
2 s.uuidksinc.net 2 redirects
1 ups.analytics.yahoo.com download-tlgm.ru
1 s1.adform.net download-tlgm.ru
1 bid.g.doubleclick.net imasdk.googleapis.com
1 1010--1501445047--e4c713ec-90bc-436b-88bf-0d0097e74882.stbid.ru 1 redirects
1 prodmp.ru 1 redirects
1 dm-eu.hybrid.ai uuidksinc.net
1 z.cdn.adtarget.me uuidksinc.net
1 yandex-sync.rutarget.ru 1 redirects
1 yandex-dmp-sync.rutarget.ru 1 redirects
1 sync.dmp.otm-r.com download-tlgm.ru
1 rtb-eu-warsaw.intent.ai download-tlgm.ru
1 profile.ssp.rambler.ru 1 redirects
1 match.new-programmatic.com 1 redirects
1 eye.targetads.io 1 redirects
1 euw-ice.360yield.com download-tlgm.ru
1 dsp.mpartner.digital 1 redirects
1 cm.tns-counter.ru 1 redirects
1 sync.adkernel.com download-tlgm.ru
1 x.bidswitch.net download-tlgm.ru
1 yandex.digital-services.solutions 1 redirects
1 im.bluevoox.com download-tlgm.ru
1 ssp-rtb.sape.ru 1 redirects
1 px.arcspire.io 1 redirects
1 uuidksinc.net muloyorom.com
1 avatars.mds.yandex.net download-tlgm.ru
1 mpraven.org hunterers.com
1 msetup-partners.com hunterers.com
1 installpack.net download-tlgm.ru
1 hunterers.com download-tlgm.ru
0 ysa-static.passport.yandex.ru Failed download-tlgm.ru
0 mitdmp.whiteboxdigital.ru Failed download-tlgm.ru
362 85

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
download-tlgm.ru
R3		 2024-01-25 -
2024-04-24		 3 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018		 2023-10-26 -
2024-04-24		 6 months crt.sh
hunterers.com
R3		 2024-01-15 -
2024-04-14		 3 months crt.sh
installpack.net
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-12-26 -
2024-06-05		 5 months crt.sh
muloyorom.com
R3		 2023-12-02 -
2024-03-01		 3 months crt.sh
msetup-partners.com
R3		 2023-12-06 -
2024-03-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
mpraven.org
R3		 2024-01-24 -
2024-04-23		 3 months crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2023-12-20 -
2024-07-21		 7 months crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-09-24 -
2024-03-24		 6 months crt.sh
*.avatars.yandex.net
GlobalSign RSA OV SSL CA 2018		 2023-09-11 -
2024-04-12		 7 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
uuidksinc.net
R3		 2024-01-08 -
2024-04-07		 3 months crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2023-09-14 -
2024-09-13		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
intent.ai
GTS CA 1P5		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.adriver.ru
GlobalSign GCC R3 DV TLS CA 2020		 2023-03-07 -
2024-04-07		 a year crt.sh
*.bumlam.com
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
*.dmp.otm-r.com
AlphaSSL CA - SHA256 - G4		 2023-06-19 -
2024-07-20		 a year crt.sh
adtarget.me
R3		 2023-12-20 -
2024-03-19		 3 months crt.sh
dmpprof.com
R3		 2024-01-16 -
2024-04-15		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
teads.tv
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh

This page contains 34 frames:

Primary Page: http://download-tlgm.ru/
Frame ID: B8D757F4BA0300765E97AFB380CB7192
Requests: 98 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: DC67AB9B4963AE526D563C37A74F3D11
Requests: 1 HTTP requests in this frame

Frame: https://muloyorom.com/js/cs?uuid=3692eefa-f201-4cd9-be90-68cdf7dc3175&oid=9JrbPI0EQbl1xl64QLvU
Frame ID: 8F87E1A8C8475C1EB8A79E43D2597C56
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4622439471653545&output=html&h=280&slotname=3547231412&adk=3563481279&adf=3642323547&pi=t.ma~as.3547231412&w=1040&fwrn=4&fwrnh=100&lmt=1706340457&rafmt=1&format=1040x280&url=http%3A%2F%2Fdownload-tlgm.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1706340456996&bpp=3&bdt=517&idt=298&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&correlator=2048886132120&frm=20&pv=2&ga_vid=969955348.1706340457&ga_sid=1706340457&ga_hid=886679608&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080589%2C95321627%2C95322165%2C95323006&oid=2&pvsid=199225707555881&tmod=2064311856&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=305
Frame ID: 399BAFD2B8469C5449AF78FB6251AFD0
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4622439471653545&output=html&adk=1812271804&adf=3025194257&lmt=1706340457&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=http%3A%2F%2Fdownload-tlgm.ru%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1706340457011&bpp=1&bdt=532&idt=300&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=1040x280&nras=1&correlator=2048886132120&frm=20&pv=1&ga_vid=969955348.1706340457&ga_sid=1706340457&ga_hid=886679608&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080589%2C95321627%2C95322165%2C95323006&oid=2&pvsid=199225707555881&tmod=2064311856&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=307
Frame ID: 8BE4F428B95825211971613A0A002EFF
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 6047C1B68F324D6DFE6443E6CCB5F43A
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: 0BB69F8434A67DACC590C33404F063D8
Requests: 54 HTTP requests in this frame

Frame: https://uuidksinc.net/matchx
Frame ID: 1C4FFD61CF80A2C81A69696F68C2D819
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 3A9586959CF2A3B4D60ACBDB01C3D7FB
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 74BECEAD73889B84D2E0D21845726EF9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 51A4FD2D294784A3C0B758A091B1EAEF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 83DDAF1789A52EFE9E09CB11277CE524
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmL35xgEwAQ&v=APEucNWfGe3sTruwSC2ffgnwj8l7ylronGvGYlWa9zONUtnfbNDuSCCDkxr2ZBh8fbEOFWKecvBCxtYionkcfLP7PsM6Z9ngEBMKZFpflie50R7tP6iodMKHJn7JESuVWmBczLQvuFjdEJqzRM2YA6xupa2ZVvm-3dUO9ztwMmbFoee5ia1f2Q0
Frame ID: CF3B4E412CE27B6C1B58B653B6DBE28B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: EA88E7956507C9EC0AF488BACD1A6636
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmL35xgEwAQ&v=APEucNXG6_gjBpsgHj0DlUk63a6I5amkp3wfQPI2VfV5mZZ_9op9yTM_ASeC6di1HFzB8vtPLy8mK2tIqMO6DNBAaFuJCmYF1g76veqaHQR_evnvgZp72dcEg8NLcWONso0xrTMdMl_TCItRWJhGnhNh9bFkPnnG4g2ewL1qAjefhFXmvoo7kvc
Frame ID: C2337C487F52AF92AC42049A1C27EB11
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 8C366B97B58150E8CF020F9124141B03
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYtuz4xgEwAQ&v=APEucNVpviiETOvV1r0eBB8PB1PizgNgaNN0_N_YJ_HH6lMIVxzwVYviNC8RG5RJfmcsZhdI5qFXr_nZsoz_3Tr1OAzWMVzQnq507tynxKOyS0635FaHs3zUXyHxhjNxE_rZ0cxaXpx_5zA7BoHY7ppsbBey-wKyESodgnQFEINZPyoCZIVWXl0
Frame ID: 3D667AF434D174D014D9047E06A49CEC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 6928B7ECA473AF3534B60BFDEA4CA0C3
Requests: 18 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 6F525AC40C27E03C41617D7F710F2E7B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 81B2A57E6FF8C5BCDDC7EC4B03B46C26
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: D833FCA25329BB00968519A2C5C370D0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 200AFAED6893C0D1090F89BE1D6E0AE4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 359933A2023B7923C4C327CF338B4FC7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C30A5427963AEFE994AFE29C6D03FADC
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=OXY7gb8vFJ&t=1&renderingType=2&ev=01_250
Frame ID: 6BBFF7D18FE7FF9C97E4DAD4E6BE9E36
Requests: 18 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12155554735787715593/index.html?e=69&leftOffset=0&topOffset=0&c=PWrV01EcN6&t=1&renderingType=2&ev=01_250
Frame ID: 4D9EE9CE87778E8577836DB297686088
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=TnAaXH1kz1&t=1&renderingType=2&ev=01_250
Frame ID: BFDEDE706345219E0BAC401925CDC496
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 49F6CDDA5077232ADEC6FAF962289919
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Frame ID: 11F698C40C6D7C7D0846736756BED0B9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Frame ID: F492708288F26BF6A3DA5229D0D67555
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Frame ID: 791D6FDF9F2CAA9DF8BF4E3B06938F7E
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: EA475F520FA9BB669638FA7CEDE868B8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 777DB53761B9626DA6DC33A19768F04B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A99E09F171E0B76BD77E497F4D5A13BB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Telegram Messenger | Информационный сайт

Detected technologies

Overall confidence: 100%
Detected patterns
  • /woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?
Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

362
Requests

84 %
HTTPS

22 %
IPv6

67
Domains

85
Subdomains

53
IPs

12
Countries

22831 kB
Transfer

27969 kB
Size

92
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • http://download-tlgm.ru/?wc-ajax=get_refreshed_fragments HTTP 307
  • https://download-tlgm.ru/?wc-ajax=get_refreshed_fragments
Request Chain 81
  • https://muloyorom.com/js/cs?uuid=3692eefa-f201-4cd9-be90-68cdf7dc3175 HTTP 302
  • https://s.uuidksinc.net/match/1165/?remote_uid=3692eefa-f201-4cd9-be90-68cdf7dc3175&cb_url=https%3A%2F%2Fmuloyorom.com%2Fjs%2Fcs%3Fuuid%3D3692eefa-f201-4cd9-be90-68cdf7dc3175%26oid%3D%5BUID%5D HTTP 302
  • https://muloyorom.com/js/cs?uuid=3692eefa-f201-4cd9-be90-68cdf7dc3175&oid=9JrbPI0EQbl1xl64QLvU
Request Chain 84
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10261.5qsi5jlnm4ruwRFvC2p4Sz63BHvmaSZnepvoQ2El2qS99ba2dkutpj3AEkryZAAP.K5HUsJEDfW1DpE-Vi4b93HfieyU%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10261.hk9mWAwU8G2NrOFsrjCCNbPV9j00ZDvgoWSbj2v5U9xj5mUFXIxGusd-ZhS8uwGUuuWNIYhad-P5BFcnGISPUSH_-1SQUeTWrVi9oPNLnskW3qaVsa64RdwRJ296LwbYpNCZwS98t6rurgf5k_b_2GTgoDw9V9pbnxdr1P0DZV5HlEfTu_ZLD9N1J0AduNGOr9vvisrbRSt1HBn6QBMKo05GzCCH5v_xeBEDoAdqArE%2C.OSQzL5mYibj1uHx2bZyVNA7z-4g%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10261.KVHHN1Xp3EkmTFEOFuhCw2GQsgEidH6hr1qFCEAjKU3Hxx1K2ScqB-Yhu0oD1-AlRMeoBhdgIJDel7xNC0rRjeYXLYsjsy3G-UaFeuVfKqgbzod6wmGKhXenxXgsNHSrBneHwWTtZVXiN4lkWeTITVybsciMyrmc5z6fZNNoq0FeuF5bRwLySyhmypySvFXV3qjtNOLDUA0mmHKYMSZ_YQ%2C%2C.WJmg0eCwp2Eecz6LVfxcxFealiM%2C
Request Chain 87
  • https://mc.yandex.com/watch/48291797?wmode=7&page-url=http%3A%2F%2Fdownload-tlgm.ru%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xy7yz3pqvro10cvu5q72wt7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A1%3Adp%3A0%3Als%3A1521558744615%3Ahid%3A183843390%3Az%3A60%3Ai%3A20240127082737%3Aet%3A1706340457%3Ac%3A1%3Arn%3A145664887%3Arqn%3A1%3Au%3A1706340457493392520%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A41%2C57%2C62%2C114%2C%2C0%2C%2C390%2C1%2C%2C%2C%2C665%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1706340456314%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706340458%3At%3ATelegram%20Messenger%20%7C%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/48291797/1?wmode=7&page-url=http%3A%2F%2Fdownload-tlgm.ru%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xy7yz3pqvro10cvu5q72wt7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A1%3Adp%3A0%3Als%3A1521558744615%3Ahid%3A183843390%3Az%3A60%3Ai%3A20240127082737%3Aet%3A1706340457%3Ac%3A1%3Arn%3A145664887%3Arqn%3A1%3Au%3A1706340457493392520%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A41%2C57%2C62%2C114%2C%2C0%2C%2C390%2C1%2C%2C%2C%2C665%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1706340456314%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706340458%3At%3ATelegram%20Messenger%20%7C%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
Request Chain 91
  • https://mc.yandex.com/watch/2027212?wmode=7&page-url=http%3A%2F%2Fdownload-tlgm.ru%2F&nohit=1&charset=utf-8&cnt-class=1&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xy7yz3pqvro10cvu5q72wt7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A2%3Adp%3A0%3Als%3A543688175544%3Ahid%3A183843390%3Az%3A60%3Ai%3A20240127082737%3Aet%3A1706340458%3Ac%3A1%3Arn%3A515641005%3Au%3A1706340457493392520%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1706340456314%3Ahsa%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706340458%3At%3ATelegram%20Messenger%20%7C%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82&t=mc(p-1)clc(0-0-0)aw(1)rcm(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/2027212/1?wmode=7&page-url=http%3A%2F%2Fdownload-tlgm.ru%2F&nohit=1&charset=utf-8&cnt-class=1&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xy7yz3pqvro10cvu5q72wt7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A2%3Adp%3A0%3Als%3A543688175544%3Ahid%3A183843390%3Az%3A60%3Ai%3A20240127082737%3Aet%3A1706340458%3Ac%3A1%3Arn%3A515641005%3Au%3A1706340457493392520%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1706340456314%3Ahsa%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706340458%3At%3ATelegram%20Messenger%20%7C%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82&t=mc%28p-1%29clc%280-0-0%29aw%281%29rcm%281%29ti%281%29
Request Chain 107
  • https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389 HTTP 307
  • https://an.yandex.ru/mapuid/arcspireis/cfab8b45dcb263bb9649aa
Request Chain 108
  • https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D HTTP 302
  • https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1 HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=1D03420A6AB0B465ED02AA1502FA8294&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D HTTP 302
  • https://an.yandex.ru/mapuid/sapeis/0A00007F69B0B465EF0015A30265D33A
Request Chain 109
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1&rts=4654927728312389746 HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/95b0ce55-05a3-521b-8c0b-5c39e9bfec50
Request Chain 110
  • https://yandex.ru/an/mapuid/adobedmp/ HTTP 302
  • https://dpm.demdex.net/ibs:dpid=423652&dpuuid=988F4FF9F69D3978 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=988F4FF9F69D3978
Request Chain 111
  • https://yandex.ru/an/mapuid/betweenx/ HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=161&external_user_id=E0E61C1F0CD7AA05 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=161&external_user_id=E0E61C1F0CD7AA05&crf=1&rts=42003785419164241
Request Chain 112
  • https://yandex.ru/an/mapuid/blueseaxcom/ HTTP 302
  • https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=CAB998B2130EAB21
Request Chain 113
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=62F690F54BEDEA1A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Request Chain 114
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=62F690F54BEDEA1A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Request Chain 115
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandexru HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=62F690F54BEDEA1A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Request Chain 117
  • https://yandex.ru/an/mapuid/minimobww/ HTTP 302
  • https://yandex.digital-services.solutions/api/sync?demand=YANV2EU&userid=35D69D182392CC99&expires=1&usergroup=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=469&user_id=35D69D182392CC99&expires=1&user_group=1
Request Chain 120
  • https://yandex.ru/an/mapuid/xapadsssp/ HTTP 302
  • https://sync.adkernel.com/user-sync?dsp=94&t=image&uid=B653178CFD5E0868
Request Chain 122
  • https://cm.tns-counter.ru/yacm HTTP 302
  • https://an.yandex.ru/mapuid/mediascope/4ec490b33b1fd63fdf0cda7dfae55bf01683a39a5020462c8fb0030b66bfbc40
Request Chain 123
  • https://cr.frontend.weborama.fr/cr?key=yandex&url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F{WEBO_CID} HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=yandex&url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=2240567668
Request Chain 126
  • https://dmg.digitaltarget.ru/1/119/i/i?i=1706340457 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1706340458048&i=1706340457 HTTP 307
  • https://an.yandex.ru/mapuid/dmpamberdata/vY4.0mOCd47Tc857Js2U
Request Chain 127
  • https://dsp.mpartner.digital/dmp/syncsspdmp?sspid=4 HTTP 301
  • https://an.yandex.ru/mapuid/mediasurferis/HsmPvZizfhblgTuBvAMFTpaywbkXdjSP
Request Chain 129
  • https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D HTTP 301
  • https://an.yandex.ru/mapuid/buzzooladspis/56d6a050-576d-4341-73b6-1c17522bc7d7
Request Chain 130
  • https://eye.targetads.io/sync/yandex/ HTTP 302
  • https://an.yandex.ru/mapuid/targetads/1673779647470262086
Request Chain 131
  • https://kimberlite.io/rtb/sync/yandex HTTP 307
  • https://sync.dsp.solta.io/match/kimberlite?id=ZbSwantLFg0 HTTP 302
  • https://sync.dsp.solta.io/match/kimberlite?id=ZbSwantLFg0&chk=1 HTTP 302
  • https://kimberlite.io/rtb/sync/iage?u=NjYxN2Q4YjM5OGU0ZWU0NA HTTP 307
  • https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZbSwantLFg0 HTTP 301
  • https://vma.mts.ru/match/second?ssp=59&exu=ZbSwantLFg0 HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=ab6ac913-f8eb-4f06-a556-7a2c38c96ba1&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2Fq2rJE_jrTwalVnosOMlroQ%3Flocation%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59%2526em%253D0%26sign%3D2853111327 HTTP 302
  • https://an.yandex.ru/setud/mts_banner/q2rJE_jrTwalVnosOMlroQ?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=2853111327
Request Chain 132
  • https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
  • https://an.yandex.ru/mapuid/targetrtbis/
Request Chain 134
  • https://nr.bidderstack.com/yandex/cm?user_id={partner_user_id} HTTP 302
  • https://nr.bidderstack.com/yandex/cm?user_id={partner_user_id}&pupa=1
Request Chain 135
  • https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
  • https://an.yandex.ru/mapuid/ramblerssp/
Request Chain 136
  • https://px.adhigh.net/p/cm/yandexssp HTTP 302
  • https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
  • https://an.yandex.ru/mapuid/getintentis/PQ6xLLYnGGn.AikABlGNSdEfIA
Request Chain 138
  • https://s.uuidksinc.net/match/501 HTTP 302
  • https://an.yandex.ru/mapuid/kadamis/9JrbPI0EQbl1xl64QLvU
Request Chain 139
  • https://shopnetic.com/api/rtb/dmp/pixel?partner=yandex HTTP 302
  • https://shopnetic.com/api/rtb/dmp/pixel?partner=yandex&tc=1
Request Chain 140
  • https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
  • https://vma.mts.ru/match/second?ssp=55 HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=ab6ac913-f8eb-4f06-a556-7a2c38c96ba1&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Fab6ac913-f8eb-4f06-a556-7a2c38c96ba1 HTTP 302
  • https://an.yandex.ru/mapuid/mtsdspis/ab6ac913-f8eb-4f06-a556-7a2c38c96ba1
Request Chain 141
  • https://sonar.semantiqo.com/dmp/scr.php HTTP 302
  • https://counter.yadro.ru/id127/reff-id.gif?sid=2526f8e4e7234761b62174925dd5b117 HTTP 302
  • https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=2526f8e4e7234761b62174925dd5b117
Request Chain 145
  • https://sync.bumlam.com/?src=yandex2 HTTP 302
  • https://sync.bumlam.com/?src=yandex2&s_data=CAIQARjq4NKtBqIBEIxfKma85RHuhuAAJZDAZHw* HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/8c5f2a66-bce5-11ee-86e0-002590c0647c
Request Chain 147
  • https://sync.gonet-ads.com/match/yandex?id=[buyerUid] HTTP 302
  • https://sync.gonet-ads.com/match/yandex?id=%5BbuyerUid%5D&chk=1 HTTP 302
  • https://an.yandex.ru/mapuid/gonetisnew/NTdmYWZiZWJkMjk3MTI0Mw
Request Chain 148
  • https://sync.upravel.com/yandex/sync HTTP 302
  • https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
  • https://an.yandex.ru/mapuid/upravelis/6af38137-bd50-492a-8ec2-97e81d22f434
Request Chain 149
  • https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
  • https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
  • https://an.yandex.ru/mapuid/dmpaidatame/9zhSFbZCariCe2SR2l9xYg?sign=942918540
Request Chain 150
  • https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
  • https://an.yandex.ru/mapuid/dmpsegmento/mEyDtUoP5s__?sign=2346100225
Request Chain 151
  • https://yandex-sync.rutarget.ru/sync HTTP 302
  • https://an.yandex.ru/mapuid/rutargetis/VOIuO_aGTLPo
Request Chain 153
  • https://fcgi4.gnezdo.ru/cookie_matching/kadam/9JrbPI0EQbl1xl64QLvU HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching/kadam/9JrbPI0EQbl1xl64QLvU/?redirect=1 HTTP 302
  • https://d.uuidksinc.net/match/216/?remote_uid=XV9maWW0sGqctaWjIHNQAg==
Request Chain 155
  • https://ads.betweendigital.com/match?bidder_id=44509&callback_url=https://d.uuidksinc.net/match/372/?remote_uid=${USER_ID}&cb_url=https://d.uuidksinc.net/match/354/?remote_uid=${USER_ID}& HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44509&callback_url=https://d.uuidksinc.net/match/372/?remote_uid=${USER_ID}&cb_url=https://d.uuidksinc.net/match/354/?remote_uid=${USER_ID}&&crf=1&rts=3887261548179547041 HTTP 302
  • https://d.uuidksinc.net/match/372/?remote_uid=95b0ce55-05a3-521b-8c0b-5c39e9bfec50
Request Chain 159
  • https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https://d.uuidksinc.net/match/444/?remote_uid=${UUID} HTTP 301
  • https://d.uuidksinc.net/match/444/?remote_uid=81b38011-4bf3-4b22-6193-f088ab89c35b
Request Chain 160
  • https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/9JrbPI0EQbl1xl64QLvU HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/9JrbPI0EQbl1xl64QLvU/?redirect=1 HTTP 302
  • https://d.uuidksinc.net/match/493/?remote_uid=XV9maWW0sGqctaWjIHNQAg==
Request Chain 161
  • https://sync.adspend.space/kadam?uid=9JrbPI0EQbl1xl64QLvU HTTP 302
  • https://sync.adspend.space/check?r=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3De4c713ec-90bc-436b-88bf-0d0097e74882%26i%3D7889460698039615923%26r%3Dhttps%253A%252F%252Fprodmp.ru%252Fadspend-sync.gif%253Fdsp_provider_id%253D2%2526uid%253De4c713ec-90bc-436b-88bf-0d0097e74882%2526r%253D HTTP 302
  • https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=e4c713ec-90bc-436b-88bf-0d0097e74882&i=7889460698039615923&r=https%3A%2F%2Fprodmp.ru%2Fadspend-sync.gif%3Fdsp_provider_id%3D2%26uid%3De4c713ec-90bc-436b-88bf-0d0097e74882%26r%3D HTTP 307
  • https://prodmp.ru/adspend-sync.gif?dsp_provider_id=2&uid=e4c713ec-90bc-436b-88bf-0d0097e74882&r= HTTP 302
  • https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=e4c713ec-90bc-436b-88bf-0d0097e74882&r=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3De4c713ec-90bc-436b-88bf-0d0097e74882%26i%3D1706340458368%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fdmpmediadesk%252Fe4c713ec-90bc-436b-88bf-0d0097e74882%253Fsign%253D6384d5a9%2526location%253Dhttps%25253A%25252F%25252F1010--1501445047--e4c713ec-90bc-436b-88bf-0d0097e74882.stbid.ru%25252F%25253Fr%25253Dhttps%252525253A%252525252F%252525252Ftop-fwz1.mail.ru%252525252Fcounter%252525253Fid%252525253D3138228&version=2.0 HTTP 302
  • https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=e4c713ec-90bc-436b-88bf-0d0097e74882&i=1706340458368&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpmediadesk%2Fe4c713ec-90bc-436b-88bf-0d0097e74882%3Fsign%3D6384d5a9%26location%3Dhttps%253A%252F%252F1010--1501445047--e4c713ec-90bc-436b-88bf-0d0097e74882.stbid.ru%252F%253Fr%253Dhttps%2525253A%2525252F%2525252Ftop-fwz1.mail.ru%2525252Fcounter%2525253Fid%2525253D3138228 HTTP 307
  • https://an.yandex.ru/mapuid/dmpmediadesk/e4c713ec-90bc-436b-88bf-0d0097e74882?sign=6384d5a9&location=https%3A%2F%2F1010--1501445047--e4c713ec-90bc-436b-88bf-0d0097e74882.stbid.ru%2F%3Fr%3Dhttps%25253A%25252F%25252Ftop-fwz1.mail.ru%25252Fcounter%25253Fid%25253D3138228 HTTP 302
  • https://1010--1501445047--e4c713ec-90bc-436b-88bf-0d0097e74882.stbid.ru/?r=https%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228 HTTP 302
  • https://top-fwz1.mail.ru/counter?id=3138228 HTTP 302
  • https://top-fwz1.mail.ru/counter2?id=3138228
Request Chain 162
  • https://dmg.digitaltarget.ru/1/6573/i/i?a=662&e=9JrbPI0EQbl1xl64QLvU&i=0.5555328506276491 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1706340458030&a=662&e=9JrbPI0EQbl1xl64QLvU&i=0.5555328506276491
Request Chain 208
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJqJ4WDBgkxf_A8MNdXspOU&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJqJ4WDBgkxf_A8MNdXspOU&google_cver=1&C=1
Request Chain 210
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbSwasdTc1cRAu45FzilOwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJqJ4WDBgkxf_A8MNdXspOU&google_cver=1
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFTzbeKSOoCU-JIZ_WGN2ZU&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFTzbeKSOoCU-JIZ_WGN2ZU%26google_cver%3D1
Request Chain 212
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg0MjU4NzMyNjc2NzQzMjc3
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE3-7_ijH032HwN30dyF-lw&google_cver=1
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEH74jO75R9i60Z5KqVrxpE8&google_cver=1
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE3-7_ijH032HwN30dyF-lw&google_cver=1
Request Chain 219
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEH74jO75R9i60Z5KqVrxpE8&google_cver=1
Request Chain 266
  • https://track.adform.net/videoad/impr/?bn=67886237;rotseqno=1;smid=0;1x1inv=1;srctype=3;unloadid=7674214883904101070;ord=793944 HTTP 302
  • https://track.adform.net/videoad/impr/?CC=1&bn=67886237;rotseqno=1;smid=0;1x1inv=1;srctype=3;unloadid=7674214883904101070;ord=793944
Request Chain 268
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CKKLg6UDEN7rwqoDGLfWqPYBIAEwAQ&v=APEucNUNbFnyLWONj1kDtchtV24AdnuqQtGyzWaCzSK4nW7FnDJRge3vFOE0sR44DTPRRE0FIte6HkUi5JNwMpsHah4cKl9lCw HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true

362 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
download-tlgm.ru/ 		137 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://download-tlgm.ru/
Protocol
HTTP/1.1
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 / PHP/7.4.26
Resource Hash
7849bcf6c426021d4666fa0fd5d3346178478b492663b7ffa4bd86dddad56c58

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 27 Jan 2024 07:27:36 GMT
Server
nginx/1.16.1
Transfer-Encoding
chunked
X-Cache
HIT
X-Powered-By
PHP/7.4.26
css
fonts.googleapis.com/ 		2 KB
572 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu+Condensed&subset=cyrillic,cyrillic-ext
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
03cd27383624fe9c5fd5c20ae3cf56553e254b1b796327d452550908cd7ba21d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 Jan 2024 07:27:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 07:27:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Jan 2024 07:27:36 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Comfortaa:300,400,700&subset=cyrillic,cyrillic-ext
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5363abf907918a9ec9fb946a2c462e8407886498ff5542b1c2cd80decd622856
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 Jan 2024 07:27:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 07:27:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Jan 2024 07:27:36 GMT
style.min.css
download-tlgm.ru/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Mon, 04 Sep 2023 07:25:49 GMT
server
nginx/1.16.1
etag
W/"64f5867d-19824"
content-type
text/css
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
style-front.min.css
download-tlgm.ru/wp-content/plugins/art-decoration-shortcode/assets/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/plugins/art-decoration-shortcode/assets/css/style-front.min.css
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
9e582699ee606fb76de4200464effb6ce20832ab3838f7c65f0ee58e2914805d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Fri, 24 Jan 2020 12:31:23 GMT
server
nginx/1.16.1
etag
W/"5e2ae39b-39a6"
content-type
text/css
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
kk-star-ratings.min.css
download-tlgm.ru/wp-content/plugins/kk-star-ratings/src/core/public/css/ 		2 KB
800 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
1cd6396792d7bfdd898dcb9f2ee195387179b30fb4cc2cdc0c57575fab655230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Wed, 02 Aug 2023 12:39:17 GMT
server
nginx/1.16.1
etag
W/"64ca4e75-8d3"
content-type
text/css
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
menu-image.css
download-tlgm.ru/wp-content/plugins/menu-image/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/plugins/menu-image/includes/css/menu-image.css
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
75db663f63c3505c2d1d2c41b82da41465bcd39b390516728f7fd323f95f644e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Wed, 02 Aug 2023 12:39:21 GMT
server
nginx/1.16.1
etag
W/"64ca4e79-d0f"
content-type
text/css
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
dashicons.min.css
download-tlgm.ru/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-includes/css/dashicons.min.css
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 14:35:20 GMT
server
nginx/1.16.1
etag
W/"60784f28-e688"
content-type
text/css
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
screen.min.css
download-tlgm.ru/wp-content/plugins/table-of-contents-plus/ 		1 KB
663 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/plugins/table-of-contents-plus/screen.min.css
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Mon, 25 Sep 2023 12:20:10 GMT
server
nginx/1.16.1
etag
W/"65117afa-484"
content-type
text/css
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
woocommerce-layout.css
download-tlgm.ru/wp-content/plugins/woocommerce/assets/css/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
71ad78c9d608c1331deb09bdd53f68a524aff1b39271f04c7343dfbd43f47d4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Thu, 15 Jul 2021 02:35:33 GMT
server
nginx/1.16.1
etag
W/"60ef9ef5-40e7"
content-type
text/css
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
woocommerce.css
download-tlgm.ru/wp-content/plugins/woocommerce/assets/css/ 		60 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/plugins/woocommerce/assets/css/woocommerce.css
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
889c485a7b4333e76a42c57ce4eb843d0e274350683300e82844654dc20a8463
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Thu, 15 Jul 2021 02:35:33 GMT
server
nginx/1.16.1
etag
W/"60ef9ef5-f1f2"
content-type
text/css
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
style.css
download-tlgm.ru/wp-content/plugins/wp-first-letter-avatar/css/ 		490 B
465 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/plugins/wp-first-letter-avatar/css/style.css
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
511786f8ddf9e4bbd4d1ab3cf1a2b06ca2fe3453847286d1afeddf4d778f8dc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Fri, 19 Jul 2019 09:21:30 GMT
server
nginx/1.16.1
etag
W/"5d318b9a-1ea"
content-type
text/css
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
pagenavi-css.css
download-tlgm.ru/wp-content/plugins/wp-pagenavi/ 		374 B
446 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/plugins/wp-pagenavi/pagenavi-css.css
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Tue, 20 Jun 2023 12:17:51 GMT
server
nginx/1.16.1
etag
W/"649198ef-176"
content-type
text/css
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
css
fonts.googleapis.com/ 		50 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%7CPlayfair+Display%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc15f689a37625b49993e28b2029500fc3d9e17525517f8f238add19df3f733d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 Jan 2024 07:27:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 07:27:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Jan 2024 07:27:36 GMT
style.css
download-tlgm.ru/wp-content/themes/tlgm/ 		41 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/themes/tlgm/style.css
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
70c8485b8ba17ce2a2a8ec1fca791acf0cc8197298d2b0ee7221735188069976
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Fri, 19 Jul 2019 09:19:27 GMT
server
nginx/1.16.1
etag
W/"5d318b1f-a387"
content-type
text/css
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
genericons.css
download-tlgm.ru/wp-content/themes/tlgm/assets/fonts/genericons/ 		28 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/themes/tlgm/assets/fonts/genericons/genericons.css
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Sat, 20 Jul 2019 04:04:38 GMT
server
nginx/1.16.1
etag
W/"5d3292d6-6e6a"
content-type
text/css
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
font-norwester.css
download-tlgm.ru/wp-content/themes/tlgm/assets/css/ 		327 B
380 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/themes/tlgm/assets/css/font-norwester.css
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
e15e05a4cdae4e357e01c8fe83dccfd08f980d6347eb409b6f851ea5256141c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Sat, 20 Jul 2019 03:51:27 GMT
server
nginx/1.16.1
etag
W/"5d328fbf-147"
content-type
text/css
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
jquery.fancybox.min.css
download-tlgm.ru/wp-content/plugins/easy-fancybox/fancybox/1.5.4/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/plugins/easy-fancybox/fancybox/1.5.4/jquery.fancybox.min.css
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
4bce18de486fea257a1a5c9d5477070cec0ca1dff3438e5784161e8a8756da44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Tue, 14 Mar 2023 08:56:21 GMT
server
nginx/1.16.1
etag
W/"641036b5-1514"
content-type
text/css
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
jquery.min.js
download-tlgm.ru/wp-includes/js/jquery/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-includes/js/jquery/jquery.min.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Mon, 04 Sep 2023 07:25:49 GMT
server
nginx/1.16.1
etag
W/"64f5867d-155ba"
content-type
application/javascript
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
vertical.css
download-tlgm.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/themes/ 		2 KB
797 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/themes/vertical.css?version=3.6.4
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
376fd1eb7ae817a27cacf8d720f71050c406824a87f606c775beba4ef04795da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Sat, 20 Jul 2019 03:51:04 GMT
server
nginx/1.16.1
etag
W/"5d328fa8-83a"
content-type
text/css
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
context.js
yandex.ru/ads/system/ 		346 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
802b42fe0250c8201f41f330430e122adbce1d41a187144c3ff6520f005ee824
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1706340456999183-11654133342462489188-balancer-l7leveler-kubr-yp-vla-136-BAL-9715
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 27 Jan 2024 08:27:37 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
072d90252a1bd43b95aea887900a41fb51c60fbb0b31a2c1ca306521c09f5757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 07:27:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
54450
X-XSS-Protection
0
Server
cafe
ETag
14436326546533725763
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin
*
Link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
Expires
Sat, 27 Jan 2024 07:27:36 GMT
web-24x24.png
download-tlgm.ru/wp-content/uploads/2018/03/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-tlgm.ru/wp-content/uploads/2018/03/web-24x24.png
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
a90a6ffc2d2d6ecce646faf795b30baf7341ecbd2669414f563f1e603541e824
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
last-modified
Thu, 23 Mar 2023 10:22:34 GMT
server
nginx/1.16.1
etag
"641c286a-668"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1640
expires
Sat, 03 Feb 2024 07:27:36 GMT
logo-best.png
download-tlgm.ru/wp-content/uploads/2018/03/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-tlgm.ru/wp-content/uploads/2018/03/logo-best.png
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
34a954f019ad9bcd42bb486c0353b3fa1d1bf85e247d8f6c665aa743256f8d4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 14 Mar 2023 09:31:46 GMT
server
nginx/1.16.1
etag
"64103f02-17c2"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
6082
expires
Sat, 03 Feb 2024 07:27:36 GMT
Telegram-dlya-android.jpg
download-tlgm.ru/wp-content/uploads/2018/03/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-tlgm.ru/wp-content/uploads/2018/03/Telegram-dlya-android.jpg
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
9d5f00eac5750cb4dd9bb6dd8e91e45607a47b06281748c3af3216af86acad1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 14 Mar 2023 09:32:21 GMT
server
nginx/1.16.1
etag
"64103f25-90bb"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
37051
expires
Sat, 03 Feb 2024 07:27:36 GMT
Telegram-dlya-iphone.jpg
download-tlgm.ru/wp-content/uploads/2018/03/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-tlgm.ru/wp-content/uploads/2018/03/Telegram-dlya-iphone.jpg
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
67344660d1169a1acdb10d280e286e4b62856f00990b41ece1fdf6c52d88ccea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 14 Mar 2023 09:32:23 GMT
server
nginx/1.16.1
etag
"64103f27-9d64"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
40292
expires
Sat, 03 Feb 2024 07:27:36 GMT
Telegram-dlya-windows-phone.jpg
download-tlgm.ru/wp-content/uploads/2018/03/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-tlgm.ru/wp-content/uploads/2018/03/Telegram-dlya-windows-phone.jpg
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
a017d699da0ba967c45c18ff362d858d0671f22da470b6f4a12a7496534fff53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 14 Mar 2023 09:32:24 GMT
server
nginx/1.16.1
etag
"64103f28-96cb"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
38603
expires
Sat, 03 Feb 2024 07:27:36 GMT
mSetupWidget
hunterers.com/api/scripts/ 		39 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hunterers.com/api/scripts/mSetupWidget?id=242
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.46.156 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
cc78df42c084391a326bd060c3d6a3b60797b3c4610c19c58008d3f16e9e6b53
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 27 Jan 2024 07:27:36 GMT
Content-Encoding
gzip
Server
openresty
Transfer-Encoding
chunked
X-Frame-Options
DENY
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Cache-Control
private, must-revalidate
Connection
keep-alive
X-Request-Id
092b7e05021f1ac6b1eb2577a1179c52
expires
-1
kk-star-ratings.min.js
download-tlgm.ru/wp-content/plugins/kk-star-ratings/src/core/public/js/ 		1 KB
958 B 		Script
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/plugins/kk-star-ratings/src/core/public/js/kk-star-ratings.min.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
acdebf935ded5cb063dcca7c46be5bbc503af5e76e295f6d0b7093c4514ed256
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Wed, 02 Aug 2023 12:39:17 GMT
server
nginx/1.16.1
etag
W/"64ca4e75-54f"
content-type
application/javascript
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
front.min.js
download-tlgm.ru/wp-content/plugins/table-of-contents-plus/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/plugins/table-of-contents-plus/front.min.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
c18f5c0855f4b76c30dd796f7164f9d1bb23c2c85b070cfad938787a214a2639
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Mon, 25 Sep 2023 12:20:10 GMT
server
nginx/1.16.1
etag
W/"65117afa-180f"
content-type
application/javascript
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
jquery.blockUI.min.js
download-tlgm.ru/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Thu, 15 Jul 2021 02:35:33 GMT
server
nginx/1.16.1
etag
W/"60ef9ef5-255e"
content-type
application/javascript
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
js.cookie.min.js
download-tlgm.ru/wp-content/plugins/woocommerce/assets/js/js-cookie/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Thu, 15 Jul 2021 02:35:33 GMT
server
nginx/1.16.1
etag
W/"60ef9ef5-736"
content-type
application/javascript
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
woocommerce.min.js
download-tlgm.ru/wp-content/plugins/woocommerce/assets/js/frontend/ 		562 B
507 B 		Script
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
c6361a648d15fdf9cad312750da2568bd07a34a58e2ee1e1cf6b50d878e11a08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Thu, 15 Jul 2021 02:35:33 GMT
server
nginx/1.16.1
etag
W/"60ef9ef5-232"
content-type
application/javascript
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
cart-fragments.min.js
download-tlgm.ru/wp-content/plugins/woocommerce/assets/js/frontend/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
ee3398bdd77ecef0ed98349221612af04335c2c0a4c372bd84682fabc0d23068
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Thu, 15 Jul 2021 02:35:33 GMT
server
nginx/1.16.1
etag
W/"60ef9ef5-a08"
content-type
application/javascript
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
owl.carousel.min.js
download-tlgm.ru/wp-content/themes/tlgm/assets/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/themes/tlgm/assets/js/owl.carousel.min.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Sat, 20 Jul 2019 03:51:29 GMT
server
nginx/1.16.1
etag
W/"5d328fc1-5d52"
content-type
application/javascript
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
imagesloaded.min.js
download-tlgm.ru/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-includes/js/imagesloaded.min.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Fri, 02 Oct 2020 15:42:19 GMT
server
nginx/1.16.1
etag
W/"5f774a5b-15fd"
content-type
application/javascript
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
theme.js
download-tlgm.ru/wp-content/themes/tlgm/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/themes/tlgm/assets/js/theme.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
7184722e8650c6701e1ab08da523b355147037f9cf772912cb4832341067a7d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Sat, 20 Jul 2019 03:51:30 GMT
server
nginx/1.16.1
etag
W/"5d328fc2-12aa"
content-type
application/javascript
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
jquery.fancybox.min.js
download-tlgm.ru/wp-content/plugins/easy-fancybox/fancybox/1.5.4/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/plugins/easy-fancybox/fancybox/1.5.4/jquery.fancybox.min.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
e0a709b63261993d42234f053ee43b75d43af3d7b0f147eced60c97c3e6c8f95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Tue, 14 Mar 2023 08:56:21 GMT
server
nginx/1.16.1
etag
W/"641036b5-454a"
content-type
application/javascript
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
jquery.easing.min.js
download-tlgm.ru/wp-content/plugins/easy-fancybox/vendor/ 		2 KB
984 B 		Script
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/plugins/easy-fancybox/vendor/jquery.easing.min.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Tue, 14 Mar 2023 08:56:21 GMT
server
nginx/1.16.1
etag
W/"641036b5-8fe"
content-type
application/javascript
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
woocommerce-smallscreen.css
download-tlgm.ru/wp-content/plugins/woocommerce/assets/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
ef4d4117ea73e72211fbea31631154195fdbe5ede6b97df2cbb3e465a9f81315
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Thu, 15 Jul 2021 02:35:33 GMT
server
nginx/1.16.1
etag
W/"60ef9ef5-1aa2"
content-type
text/css
cache-control
max-age=604800
expires
Sat, 03 Feb 2024 07:27:36 GMT
fon-best.jpg
download-tlgm.ru/wp-content/uploads/2018/03/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-tlgm.ru/wp-content/uploads/2018/03/fon-best.jpg
Requested by
Host: download-tlgm.ru
URL: https://download-tlgm.ru/wp-content/themes/tlgm/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
5510ee61a6bea61b5e4b08fc1d98de864b1773a783c60a6dd7075141aa0885cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://download-tlgm.ru/wp-content/themes/tlgm/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 14 Mar 2023 09:31:47 GMT
server
nginx/1.16.1
etag
"64103f03-2ff9"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
12281
expires
Sat, 03 Feb 2024 07:27:36 GMT
icons.svg
installpack.net/wp-content/themes/installpack/images/ 		621 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://installpack.net/wp-content/themes/installpack/images/icons.svg
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.99.5.252 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
54bc30a4cd8464bb75013d18866ffa4f74e08d1ffe3238e0100770ada8947969
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 07:27:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 24 Apr 2018 13:24:09 GMT
Server
nginx
ETag
W/"5adf2ff9-26d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Sun, 26 Jan 2025 07:27:36 GMT
1Ptsg8LJRfWJmhDAuUs4TYFq.woff2
fonts.gstatic.com/s/comfortaa/v45/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/comfortaa/v45/1Ptsg8LJRfWJmhDAuUs4TYFq.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Comfortaa:300,400,700&subset=cyrillic,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4fc84ee04adaaab536bfd9e79fd2d30cf6c16eb85e4ac25c692b3a4a2b91e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://download-tlgm.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:34:41 GMT
x-content-type-options
nosniff
age
287575
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30512
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:50:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:34:41 GMT
u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Tfq8Ho.woff2
fonts.gstatic.com/s/ubuntucondensed/v16/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntucondensed/v16/u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Tfq8Ho.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu+Condensed&subset=cyrillic,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4627acba7d2699a6e0ed65aa44db5581ae3f0df45d5fd38d5f7bfc2e385cdf8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://download-tlgm.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:40:44 GMT
x-content-type-options
nosniff
age
362812
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16852
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:46:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 02:40:44 GMT
u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Dfqw.woff2
fonts.gstatic.com/s/ubuntucondensed/v16/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntucondensed/v16/u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Dfqw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu+Condensed&subset=cyrillic,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b1adc37a16294b5127dc6e84c9fc36e1f50bac718dcfe35f60f466fdf692bbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://download-tlgm.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:27:17 GMT
x-content-type-options
nosniff
age
288019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29252
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:46:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:27:17 GMT
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin
http://download-tlgm.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
Norwester-Regular.woff
download-tlgm.ru/wp-content/themes/tlgm/assets/fonts/ 		0
0
1Ptsg8LJRfWJmhDAuUs4SYFqPfE.woff2
fonts.gstatic.com/s/comfortaa/v45/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/comfortaa/v45/1Ptsg8LJRfWJmhDAuUs4SYFqPfE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Comfortaa:300,400,700&subset=cyrillic,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c01deeb82a9541c4c056db918b63c8ae4a4038c23aa201d43026d7a0a5334ac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://download-tlgm.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:32:34 GMT
x-content-type-options
nosniff
age
287702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18300
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:50:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:32:34 GMT
Telegram-dlya-pc.jpg
download-tlgm.ru/wp-content/uploads/2018/03/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-tlgm.ru/wp-content/uploads/2018/03/Telegram-dlya-pc.jpg
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
bb5dcd13a3de5c8e7514e331964ead4cbc4b60280f75e36238982df12ba06bac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:36 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 14 Mar 2023 09:32:26 GMT
server
nginx/1.16.1
etag
"64103f2a-a980"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
43392
expires
Sat, 03 Feb 2024 07:27:36 GMT
watch.js
mc.yandex.ru/metrika/ 		157 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
03a76474d3688f27218b2162729d23eb82b7bf7d1e52abfedc7247030a2a170b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 12:09:51 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65b3a10f-ddf6"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
56822
expires
Sat, 27 Jan 2024 08:27:37 GMT
535391.js
muloyorom.com/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://muloyorom.com/535391.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.46.53 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
2821cdf09add615de93a777f1ede38757c8816b266d090fd9bc2c3c0f89e22bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 07:27:37 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
icon.jpg
download-tlgm.ru/wp-content/uploads/2018/03/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-tlgm.ru/wp-content/uploads/2018/03/icon.jpg
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
8b050dbee3ec23d25a5ebba65c8bb2fc1b2f7cfac1a5fada6de45aabc4aae5d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:37 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 14 Mar 2023 09:32:19 GMT
server
nginx/1.16.1
etag
"64103f23-3d71"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
15729
expires
Sat, 03 Feb 2024 07:27:37 GMT
connect.png
download-tlgm.ru/wp-content/uploads/2018/03/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-tlgm.ru/wp-content/uploads/2018/03/connect.png
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
e3d3e85702ddd516a62c6737e342ffc047a5dbdfc128b7177a762c731d697632
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:37 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 14 Mar 2023 09:30:19 GMT
server
nginx/1.16.1
etag
"64103eab-6687"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
26247
expires
Sat, 03 Feb 2024 07:27:37 GMT
coordinate.png
download-tlgm.ru/wp-content/uploads/2018/03/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-tlgm.ru/wp-content/uploads/2018/03/coordinate.png
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
f57f53d3cd03a82122103a8ec0daec7b0dcb848f158f943e5756201af9b4b5fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:37 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 14 Mar 2023 09:30:21 GMT
server
nginx/1.16.1
etag
"64103ead-63d2"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
25554
expires
Sat, 03 Feb 2024 07:27:37 GMT
synchronize.png
download-tlgm.ru/wp-content/uploads/2018/03/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-tlgm.ru/wp-content/uploads/2018/03/synchronize.png
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
a764a286e66b169e6f5f1af884eb5d41bee03c2d7af643dc89e797df03c1a885
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:37 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 14 Mar 2023 09:30:31 GMT
server
nginx/1.16.1
etag
"64103eb7-6243"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
25155
expires
Sat, 03 Feb 2024 07:27:37 GMT
send.png
download-tlgm.ru/wp-content/uploads/2018/03/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-tlgm.ru/wp-content/uploads/2018/03/send.png
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
e2682c84853e522c3dc71819357af7e7941e8ab4457d4b64c987918e301d9e25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:37 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 14 Mar 2023 09:30:28 GMT
server
nginx/1.16.1
etag
"64103eb4-76d0"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
30416
expires
Sat, 03 Feb 2024 07:27:37 GMT
encrypt.png
download-tlgm.ru/wp-content/uploads/2018/03/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-tlgm.ru/wp-content/uploads/2018/03/encrypt.png
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
4fdc98567a41735b10075525d5fc74388bad90415af679f8cae7e96cfdebd122
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:37 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 14 Mar 2023 09:30:25 GMT
server
nginx/1.16.1
etag
"64103eb1-62d1"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
25297
expires
Sat, 03 Feb 2024 07:27:37 GMT
destruct.png
download-tlgm.ru/wp-content/uploads/2018/03/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-tlgm.ru/wp-content/uploads/2018/03/destruct.png
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
4d88e46e23144adc20f210e3a49fda9153387747f36119942c3443d3e93ee5fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:37 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 14 Mar 2023 09:30:23 GMT
server
nginx/1.16.1
etag
"64103eaf-6775"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
26485
expires
Sat, 03 Feb 2024 07:27:37 GMT
store.png
download-tlgm.ru/wp-content/uploads/2018/03/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-tlgm.ru/wp-content/uploads/2018/03/store.png
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
7c6b9f1256f3b23a1cd4dcc3368753a6bf0fec3cbc08a072f2e1c8bcdfe0901f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:37 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 14 Mar 2023 09:30:29 GMT
server
nginx/1.16.1
etag
"64103eb5-659c"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
26012
expires
Sat, 03 Feb 2024 07:27:37 GMT
build.png
download-tlgm.ru/wp-content/uploads/2018/03/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-tlgm.ru/wp-content/uploads/2018/03/build.png
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
1f4de2d3d0961e5448ad9c43a6254129c6019f94ea10bc0f845c1144f2102854
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:37 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 14 Mar 2023 09:30:18 GMT
server
nginx/1.16.1
etag
"64103eaa-6194"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
24980
expires
Sat, 03 Feb 2024 07:27:37 GMT
process.png
download-tlgm.ru/wp-content/uploads/2018/03/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-tlgm.ru/wp-content/uploads/2018/03/process.png
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
e7554b3ed3202232f01139ac31ec578f24bb49f5487b366cc574600f6cceafdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:37 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 14 Mar 2023 09:30:26 GMT
server
nginx/1.16.1
etag
"64103eb2-6866"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
26726
expires
Sat, 03 Feb 2024 07:27:37 GMT
getslugv3
msetup-partners.com/api/ 		80 B
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://msetup-partners.com/api/getslugv3?pa=f78aa05b93a2181d373d558bdd004a7b&bl=0&raw=Telegram%20Messenger&sourceURL=&sourceName=&sourceIntro=&sourceNote=&priority=source&tag=telegram&rnd=966648010005e477656ae83677c89671&d=0&utm_content=&err=0&b=0&rfr=http%3A%2F%2Fdownload-tlgm.ru%2F
Requested by
Host: hunterers.com
URL: https://hunterers.com/api/scripts/mSetupWidget?id=242
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.208.13.82 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
0097ea340c2f2b250ce4525f7ebdf92ad3df2f1b88840795d1df188bfd669971

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 07:27:37 GMT
Content-Encoding
gzip
Server
nginx
X-Slug
check Tag
X-SF
bad request
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/ 		405 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4622439471653545&plah=download-tlgm.ru
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e24f5f8ba510d2dc2601bfd92046d74ce0899910682ce2853bb391f89d5c353
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140752
x-xss-protection
0
server
cafe
etag
17644369162046562843
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 07:27:37 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame DC67 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://download-tlgm.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
59496
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 14:56:01 GMT
etag
3890843268177463596
expires
Fri, 09 Feb 2024 14:56:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
download-tlgm.ru/
Redirect Chain
  • http://download-tlgm.ru/?wc-ajax=get_refreshed_fragments
  • https://download-tlgm.ru/?wc-ajax=get_refreshed_fragments
0
0
/
download-tlgm.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://download-tlgm.ru/?wc-ajax=get_refreshed_fragments
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.246.66.33 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
bsserver.fvds.ru
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
POST
Origin
http://download-tlgm.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html
date
Sat, 27 Jan 2024 07:27:37 GMT
server
nginx/1.16.1
Norwester-Regular.ttf
download-tlgm.ru/wp-content/themes/tlgm/assets/fonts/ 		0
0
jserror
mpraven.org/api/ 		14 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mpraven.org/api/jserror?data=ZXJyPVR5cGVFcnJvciUzQSUyMENhbm5vdCUyMHJlYWQlMjBwcm9wZXJ0aWVzJTIwb2YlMjBudWxsJTIwKHJlYWRpbmclMjAnYWRkRXZlbnRMaXN0ZW5lcicpJTBBJTIwJTIwJTIwJTIwYXQlMjByZW5kZXJCdG4lMjAoaHR0cHMlM0ElMkYlMkZodW50ZXJlcnMuY29tJTJGYXBpJTJGc2NyaXB0cyUyRm1TZXR1cFdpZGdldCUzRmlkJTNEMjQyJTNBNDI1JTNBMjMpJTBBJTIwJTIwJTIwJTIwYXQlMjBodHRwcyUzQSUyRiUyRmh1bnRlcmVycy5jb20lMkZhcGklMkZzY3JpcHRzJTJGbVNldHVwV2lkZ2V0JTNGaWQlM0QyNDIlM0E2OTglM0EyNSUwQSUyMCUyMCUyMCUyMGF0JTIwWE1MSHR0cFJlcXVlc3QuJTNDYW5vbnltb3VzJTNFJTIwKGh0dHBzJTNBJTJGJTJGaHVudGVyZXJzLmNvbSUyRmFwaSUyRnNjcmlwdHMlMkZtU2V0dXBXaWRnZXQlM0ZpZCUzRDI0MiUzQTEyMCUzQTMzKSZlcnJNZXNzYWdlPUNhbm5vdCUyMHJlYWQlMjBwcm9wZXJ0aWVzJTIwb2YlMjBudWxsJTIwKHJlYWRpbmclMjAnYWRkRXZlbnRMaXN0ZW5lcicpJnBhcnRuZXJfYXBpa2V5PWY3OGFhMDViOTNhMjE4MWQzNzNkNTU4YmRkMDA0YTdiJmV4dHJhUGFyYW09NiUzQSUzQSUyMC0mcmZyPWh0dHAlM0ElMkYlMkZkb3dubG9hZC10bGdtLnJ1JTJG
Requested by
Host: hunterers.com
URL: https://hunterers.com/api/scripts/mSetupWidget?id=242
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.208.5.115 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
b46f0c580b3e0c5e10ef63e66e41e0e2e33aed5fb55a82bb7004fb4d8a0059a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 07:27:37 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
truncated
/ 		477 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d74b7089a68f822f535c265ed9b4faf167417defaeed5985d00f7d1f8d83007

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://download-tlgm.ru/
Origin
http://download-tlgm.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:39:44 GMT
x-content-type-options
nosniff
age
287273
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26240
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:39:44 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://download-tlgm.ru/
Origin
http://download-tlgm.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:31:24 GMT
x-content-type-options
nosniff
age
384973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Jan 2025 20:31:24 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%7CPlayfair+Display%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://download-tlgm.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:31:50 GMT
x-content-type-options
nosniff
age
287747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:31:50 GMT
69699
muloyorom.com/ 		5 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://muloyorom.com/69699
Requested by
Host: muloyorom.com
URL: https://muloyorom.com/535391.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.46.53 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
7f0467bb5f25e2ce48c22f14854b2770250c6cd6b6dfd504f9378fdf9e0feaac

Request headers

Referer
http://download-tlgm.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 07:27:37 GMT
Server
nginx
Accept-CH
Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
http://download-tlgm.ru
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
0
set
muloyorom.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://muloyorom.com/event/set
Requested by
Host: muloyorom.com
URL: https://muloyorom.com/535391.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.46.53 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://download-tlgm.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 27 Jan 2024 07:27:37 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Transfer-Encoding
chunked
Access-Control-Allow-Methods
PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://download-tlgm.ru
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control
4bf4b451a6e5e404e5f6.js
yastatic.net/partner-code-bundles/952831/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/952831/4bf4b451a6e5e404e5f6.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
07a805cb92ab58c5f6f0dda27540d18e050b01d9c3f456b3a3fcf4311c1de004
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://download-tlgm.ru/
Origin
http://download-tlgm.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:19:46 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4769
last-modified
Thu, 25 Jan 2024 13:36:06 GMT
etag
"f363f4c59da83f9e27e699f0d35147be"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 26 Jan 2054 14:03:37 GMT
1f80401c46b9783202c5.js
yastatic.net/partner-code-bundles/952831/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/952831/1f80401c46b9783202c5.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
cc77ebc24842520a8f8af0dae5a55b8e5129ae49b2b30688040ee13d1e09c58d
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://download-tlgm.ru/
Origin
http://download-tlgm.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 06:29:46 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
7949
last-modified
Thu, 25 Jan 2024 13:36:06 GMT
etag
"b946302f33e6bffea60e4428095e0ca1"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 26 Jan 2054 14:03:37 GMT
49d75ad31d3d61f35f30.js
yastatic.net/partner-code-bundles/952831/ 		118 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/952831/49d75ad31d3d61f35f30.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8497df469ba36be9d811c4e746bfcae4e89a018c634eaa5c339af36dfb6bd68f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://download-tlgm.ru/
Origin
http://download-tlgm.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:19:46 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
24619
last-modified
Thu, 25 Jan 2024 13:36:06 GMT
etag
"4b421e8179c204118d8f84c290d015b8"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 26 Jan 2054 14:03:37 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://download-tlgm.ru/
Origin
http://download-tlgm.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:19:46 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
etag
"f80882bf67cf261aa08d636da095149a"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 26 Jan 2054 14:03:37 GMT
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://download-tlgm.ru/
Origin
http://download-tlgm.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 06:39:46 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26004
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
etag
"7f0cdaf91230f9789ca4162aedff612e"
vary
Accept-Encoding
x-nginx-request-id
dadc0748afd8c1d8
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin
*
content-type
font/woff2
cache-control
public, max-age=31556952
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Jan 2025 13:16:49 GMT
690bab6df81f8f57e32c.js
yastatic.net/partner-code-bundles/952831/ 		57 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/952831/690bab6df81f8f57e32c.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
ffd260c5b40dcd03f608c1139d46c331b51060b5add207fd79c89143c3d8b448
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://download-tlgm.ru/
Origin
http://download-tlgm.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 06:29:46 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
14691
last-modified
Thu, 25 Jan 2024 13:36:07 GMT
etag
"28dbd9d38a8b5317efa36e34bf0d67b5"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 26 Jan 2054 14:03:37 GMT
c9f2e4d9b16ebb3004df.js
yastatic.net/partner-code-bundles/952831/ 		565 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/952831/c9f2e4d9b16ebb3004df.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
30c8402fae92f6c56db2e0a6b1fc4941a759bb3ddabcaa93ad477d71356e1dd6
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://download-tlgm.ru/
Origin
http://download-tlgm.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 06:29:45 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
108677
last-modified
Thu, 25 Jan 2024 13:36:09 GMT
etag
"7ee93fb7cc8eb56fad241fd594910ba4"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 26 Jan 2054 14:03:37 GMT
2027212
yandex.ru/ads/meta/ 		31 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/meta/2027212?target-ref=http%3A%2F%2Fdownload-tlgm.ru%2F&pcode-test-ids=936322%2C0%2C60%3B918135%2C0%2C99%3B909920%2C0%2C94%3B944516%2C0%2C16%3B949816%2C0%2C14%3B944512%2C0%2C46%3B952880%2C0%2C49%3B953805%2C0%2C55%3B940963%2C0%2C48%3B945008%2C0%2C86%3B892905%2C0%2C86%3B947810%2C0%2C24%3B940996%2C0%2C9%3B947805%2C0%2C8%3B937600%2C0%2C36%3B943287%2C0%2C18%3B938404%2C0%2C71%3B952831%2C0%2C79%3B912284%2C0%2C75&pcode-flags-map=eJy1Wdty2zgS%2FRc92xneL3kDSVDCmrcFQTtKagqlcTQZ7fqy5Tgzs0nl37cbAClR8kCVZDYPikQLB0BfTp9ufVlck172q%2FZGkkJWJKOVLFsuWSMz0jSUL16%2F%2B7L4fXP3abt4vRB8oIuLxfP24zN7D5%2BjyPeDePH154s9TMfbYshFL9tGdmToqRUhdtPA1wgF60lWUZm3QyMkpwXjNBdwEtJ1dgzPCQJvOgVsKeuhEoy3VQVojcA3lMsbIvIVLaRgNZVtWfZU2HF9z4n3t%2BNU8DXeqqHipuVXknLe2u0Th1EQpxMC7J5fgZHX7SBkX7Xwwt5SmcGFC8IZ7e1gceIGrgLDGyBGx6m65P6616ygrTR%2Fn8G5Dvyb4aV%2BGjtn8LKhLMF0tO7EWlasZseg34x43RFW%2FP0nLAd4%2F72oDcbq33zSv8D8If%2B8jPn%2Fs8D3eh%2BDfclJJivaLMVqtgiSNTlcljiJEwfTMtooEhCcQKpcs34gleYVZCX6RlDewJOit1NC4nqR8x2g6kFPSipLTmo7dak9ND1wjjzTwzeAsGBDgWTaEYQA7F6hkqFgrcw5JYJdn0n1JHA8N5yOPzpJtEBCvSBcIA2VjMNG%2BWpormRJWDVDDOceTwIv9vaARAj0af8tiL4NEO4KrJtXjAJ1V3QJ1mRN2cqbFVOM3lxT2EIHP9rnzO1DJ0kOeLcpIAhJhiYgBSKxHh4MvMJD39CsPWfN2An2LLykcMehF20tr2vSTda9JtUw93h0lDdJFPrRvtDQHCByQXTQ1KSq7MeIkyAITlerlfKGiZUUEIvfgjH6rh4E1DUwxmlJCmfLU891IrW8B6tKU3ILDFex7iiW%2Fa69oZyWJcvBmfl6Brb98z9zuFnqkqIYM60jSyixnWCQFToRMNSUuSvWXNnvmKapqXNjOW%2Bokidj8qDrbedKXQc0gULo8ragP4jRAy8AdTR9RdDM4LeONHAzgLMjJFHiTQiKFvAgawLx%2FEaSxrrYcyN3T6YlgxDphqxiuSQ9CJf%2B2%2Fgw9YPEi2aeEhA7rDjwzlnHpH4UOXvHQOihqyEfezDGbGUaOl7oz9aGXpjMdZ7Rd3nPbYYIUxdiXi1UdUmrUjk0rGTgDNaABUqSUztG4hkhh1EA0Q2Js5JVu2S5bV3kJn4UzA4NDuQQ240wYg6Lbg8xRRvZH%2FngBCx1TermmPBtMxJbCVeQTBUcOBMpqDWsojhJI81mGE0l6MamqNa6YGECH8tl%2B%2FrsSolQHU%2BaoAEDYjxr7ShpYIofolQUUgsQauuaKAkiHT8HZltyEFkF7a9Eaz93EgWuf2g%2FRXZQYgDkAK8BWQ0Fp2TLAXoIkDDYS%2BQUUt5q1th1gjgcq7kOEzHwxrgHSht4W6x4OyxX1iyJXXesNhV5u1YelYqGDpd9Wfy6fb79rd48fdg9LF67oXOxuH%2F8ZXe37W83d7uHD4vX3tcZaggxrMmkRsr%2F50AHCgTQyaxCVVOxeVV9t7jf7O5ePX2Cs%2F138%2FB%2B%2Bye8%2F2l3v%2Fmw%2FTh79GFzr568%2F7x90F%2Ff%2FL57ftRv718dfHj%2FsDNPEXlCgAdPm893j59%2FM3%2F%2B%2FKT%2F%2F%2FS0efWw%2FePjyRf%2BtXm836mlP798xUZTdE35El8LRqQgy97qP9%2FzTHCptKDge6D6XJUg%2B8LQdwxNgzIoaEmAZ3QFa4Y6o1Z6ikPXN6JXNbuqXcXaB%2F0zzXVGguBkwB1nYGInnGoFKWpkp6WiHFaU5NS9M8slYZiaYjHL4MO8EO2Qr3R2VG2vTqjFA6f%2FAB4%2Bkx2QfIGWZGuoY%2BCeXJs4q1oIPshgUHqCvhCF%2FJJdekHqguy%2FdAHy8LN39Nk%2F%2Bhyoz%2BTSC6GFiT2znlyGCRLJpeu6swBKnDRydZErGRTYgnQqjHSTPSytUsYNgzA4yC9UiazGIECH6IC0AoRukGqAsgfntdBLsDf2Fb5vCM3EO0QrdibIo0QJchxeQI2HFGgGO1SQGrGyIrxQmkej9BDQguQr62rInSiayuOyExJihnXi3CJzX1WD8QotShETHaqQqTnSmbqYgIaM%2FBeAjNzpiLCffr9%2BP0GqMYe0Lp%2Fv%2Fi5NkWdi7yIF8weOH11EfgrU74ezUEqAE9IZqOlqcuyTfgjX11YzShmjC6V4Dn6zy%2BIkjE10c1q3GC7AEpmV25Ik8kyVLvuxyI6qX0LGypqg5Icwt%2Bt810nSM%2Fyi%2BrIctWirWAY1JmfLFbyD61W0FLqxJsDKZzaLPNdE48DR5piG9nvCmsSf6NOk01LzHiaQ0sxWve04YegcOmZsWtsOQLjIQBwRCdKgPCK40fGANrp%2Bxkqp40WpO51Nc0q2lhzj3ExJl8jysxu%2B8yMHJEk6RwId64ze5PQGQobqxs3eSniOo7nbiGfWqC2xXJHKpBzYq81A3MKdIYXhcHRp7f0ANTRDV6NjpyZHtbLIJDhkwJ7JjuN74X6QMM2dAQ77Gyt1wNogTOapr3Sa0n9If8eNyQlA6Ju4QWOMIONEAPO8aPOhRr0%2FGmUykx0YZxg2kV1CieDnOkgofO65vEP8aYKjpAarmJiOacX3nTAx44BVO1SFniEqG2prjs2yapUOdwUuYctm3zCI5TypN3d38vFpt3143jzvHh%2Fk7d3u9t%2BbX%2B628%2F19aJIP9ze5d7rRrDs53uzkWhNs8Xa00BWtqDgXDW4ykr5RgRAF4HcKDfJxshxYeooM%2BiavBii9NSfM7lhoK818Tx8Oim17hbfF806b2iFiJ93PXhBmBUSLhQr6eJMHau5YiKE5EwaxZ9JIDdNQzkEsrZidMf0Ysm%2FiNdWcAylBX9KrsmKfrgSg6IxUE%2FIlXiScEzsBBW4czuu%2BISJzCJ1tyNyaUawVJA1C33iEMK77tYMJx3y64cdROhsM4rzDKChcDdmohoz4Q9bxzzrvUv8iDS48x4tdeIUCfeG5bhjhawpPXC%2BZk%2F6L0MpiRxXDdULHsSz9VmF2sHw2v9JlFaevSjrkV5C7rT1U3MT1w1OkBiUq%2FmYhwMqoEiDZlfA8R9tOOsrdus1wwtwXs1EMDuOZqkkvKo7bh%2Be574PQ3Q%2FH%2BgFoc60zat2tgJKE%2FYeANEgTs36MRIxgyCVgCSiDaqLak2vWLPXU6OxhdF0lBVzrJPhCDxTv0WgNn0zTLaV9x9bnCgsqq6qsPdaXt893cxQ%2FMR3oiyg%2FslaJgWwQx%2Fz71zAHKk518%2BSKjt0Y1lErSgBt4F4L7qe1ihLPkcColEZH3rACxAyIRwHeO6NBvXQ8PfBQRgm2Csc5dnLYOHGPZOd%2Buqybg7kGmjX%2BeNc0OraYaQ%2FGX9Dnp852Hx6PT%2BAc0%2FgbRtqaHa5L5swfOc7LzH%2BmYhyuUzSAsTIddBRgdov5nhkk9zheMdP0osVOxr57EpifBBW7v5RYvnucWD4q96%2F%2FA3F1p88%3D&pcode-active-testids=938404%2C0%2C71&pcode-icookie=NbXI1CMItYfRK3WFrnzUvfagIKZ9irHDI35UBCTeapWr4csG%2BNXqp5wh%2FQtBS%2Bf5xkF3UkqEcY32R%2Fe23ASn8VCVcok%3D&imp-id=3&charset=utf-8&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=280925220896770&ad-session-id=8242191706340457241&target-id=10562716&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fdownload-tlgm.ru&top-ancestor-undetermined=0&pcode-version=952831&pcodever=952831&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.3%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1040%2C%22h%22%3A0%2C%22width%22%3A1040%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A280%2C%22top%22%3A354%2C%22sspInfo%22%3A%7B%22deviceSizeSsp%22%3A%7B%7D%7D%2C%22ad_no%22%3A0%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A0%7D&grab-orig-len=3888&grab=eyJncmFiX3ZlcnNpb24iOjJ9CkKlpJAkN-qBEUBnKkyWJjEyNtXVTZb0-1eMfkgnQ_pru7SjrNu0rY6jCz4Ommy6Q85Nop98i2QT-voFVzepU6dpA-g3gCuM5iHWNKH8vu164zFjxigQY8ybWhpKcpVaWlZylToswrxUgVbmpSyuJJ22jKIyk5VxB1gPoARcnyTg-OQBTiDyQQ74ASfgPif0AFz3YQWiAJxPptbMerWkDKueVZISmVZeRoq4SMIizbRdkWZhmYXItC7h9dHB_XUwZ3sg6E--wIf1PIInHz8A_4jkz7Q_GSQBf0kRBTyf6GFxAoKA45IQiLo8pczytJLXYS6TMMXiHkD4zXj9JxE8I_4vInuU6Z_fDxD3afrkPumShvvbcLpPGOB9n7iBgEmrUak1U2JlKqfoiryKImRaaSope1LJyjosJUlehWZEFz0yc1CL87ymLOShtD74bKmaWdaJNOkOg0Jeo6JHgaZTJrVCHIWppM5TWdplcSpOauWj9LiQScM6ryhScahVqeUFHG-MqAjL565cBKoiqfMio-qf2LLM6vh7KuOfGvZTo3lYPUy9PKo11QT1B7t9YT28BnLrME2UlRn-La2KbBlklcsjec76EQpZtTG9lFVqce6yLzPxxyqc-tAfTl5856oAoAHvMyC8xPmEO5_mYOeFjWL9M0u6i1qHFEnZimjnSpWglIrQwCGtolohLXJ5XGZ2HjoG1HTaHR5oL3o-RIl2eGeSSKx0xmE1bJJGIdxDNUy6CWA1KwoG1Ch3Vtc733l5PmGfIAmwfSIf2jnmeT6WU1mWn2sDqsjEsG3l0SUZ1CJ734s6AyOmmNFhih08BCyZ0VaKjpCGHVNAKsVZKHbgaMQ5JkIaPWlGRY-SXmso1SX9o0dwFxVwMZHuaQdpJo_TQs6yzgUCaZqVmKoLZtkgSqmKiiVb0PNKQaUs45iCJTMaComyqDJWLCtJJM5kOsmz0q8SKoxePnoSREdHz94NsfdduT6MTw0Zhl3Ry2El1-0HLEXQd4jC0iE8ln1bjq6b6ellENBI4YOV85hcBsC-5-Gfks6i1c8d_1T81-Shm-IpAOoX4-hzQL7oXzXaABPqK8lkNg5TpdVRUmWWmktWjT-FtK6ow7c3Jh6tk1ZQS6Vac9tVYMfb0aJAvSVCjAQhq0oB_weI_QB5X1n-XN3qhqLzXr5JA7MZBZO3rx6vea3eqoiP0l1HZRUrpE8SdRpLnmUDcCjbgUxaszKuMnmRydjozInNxWfExLxm9NqmJZuIpy6rUByX8rqppP3UpiFOZ9rGkM24Zp5nVFevIHa7hnYIz-xUUOuS4zetl5enoimouoNWMzC6E1ZxWCjy0mNwITyK1cb0hOuhRuE3FtWJWJkXkbRLf9KYQmvS05bLUdOkDBb4puhwZeqvDYOlLBZ61lpa-ivz3Msc2xfVtUSJfoIxvhRx4lgk9G3Vtx_m8LMGV015R1_pGmNJFSFEwh5mADGA7O5I7HA4P-fLkj_na2bkj_Qi6fsLOOYmea5_iF4yHUnuRNBj-E7zDBunsJ9oOb__HnCUhXtjK1DqS3lMO7mU_ovcl4Am7fHuMHzSs0arl7q1PD3oB-ac1Tl-wH1M01v7duQgH8Rr_ygIrM22OZ5szo2-EwrcAt8W7CVZ-Bnl38icBwzBB6mx-nIvJ95TvyZPbBJcoY46b4WvAPiXtsivhS80zjIQvGx0vcNyJ32Yuxh3SRP4xLuWt4IO_xltsZjbGE-ocI-L9Iyyl-otCu_K7qWfrQSCvdvxV4wHvyI7uJPVm6m8sX4dwUktzwp7UzSledhMPYBiS9UPT-iqQUf3t39v1-_Nv7UaPP-p5Ob1RyV0x362PkgnNPdNdzM4R2jfRD8Roh_7zAXHUIAJwqUu2OQLvRgnOUz7sy39gaE9Zeg-8UQz3pZ5SZ9gZHVyKHtV1HCKkjJJ47Bm0Hvj_1zAxzVlXCXJHqPNLpyYUSnLd4EAmB9s5MfN9AVKgANm90zFAnVacR4WNGUoTjyOsFIehnN4mOgP4B9eKFcFkEz41pMHfBeDm_-NkG6phN2xl0_rgWNnMVBPn3gNzOJgk23QczYWRB429CirLdg2ZL5gE00nEhuXmftycJWxz1NMJAvWyzZJxBth_FNCj_iJhhamAY4-seeSuBuZXHbNc9e_cVsk4V5DWG7RtLpoWiHmjKLXZ4vUTZVSHIZpFtmT4YX6f69rw-A2C4WSERVaNIxoUKNCcXpVANwTNs6JN-Phz9uuL57EdgFgOFm-PciRbwxNgNuj7tHYE6ZjjK1hdSg6VMLGAq4kOjKYStilq3WNobUiN94pp8mKnnJhfFlr-R--dz3GjDVMwbW9Ahfvz8M6E9w9bQCMAnH3bpEyfOjIPUPA3AuENJqRVZhH7GG22CDmkYJAPynoPxDAawHvmc9G8u9C17K30TZewS0Zwk2e7vM1b-d7p9oez_KSPuGzHHwy_I1sgiVym-afCRrkdo3tZUB4RPBXWO-lVv_wid4Uw3TtcncNO3-mxbuxzmAPni13zVLDoSK5v7kZhWcmv2CktkKQnd7gQz_7e-_yXe8-4baIs-wFtp896wfhSSIfxzpDcqo8iQejCShMTd9-N7nendJYbQ4NLU3XtfdCu8o6Vfh6j1OfrP4i-h8ZWYB7Y7gW3TGI2zGuIxyC4UqQ78CeWXBpunbOzhLYVWIJx_K6ocdxJWGelx47ZUj2HnkeJZLZcRbru8S_g2OedbhN3RR6f_DH8xNsnJ6uv4HcLOG5u2vz7KQBt8lq4W3lEH3hz33tFWZnfaytQ97Jmv2BZRNR7GyhGFS9Rn_7JJ_bGAjuc6o2KkBuAdzqGkdmsgtwNm2paeXjd_tRtki-L-9NST1SPhaZl61wNXVX0fsY-mHGZotGCfSJN5NbuP63K9jjJX2FWV8ogrZ5Fm5XBNd2P5s1Wevnl462JGgKD1pVAILjyQ0qtWM0HgZbAdgLCYhN6FgBZKy1cBS79kdE9sB7cnmrALTTMqpcAd9hAvU0qXbrhAP9l-MpKVb94nC7zZICFgNhf0BObsgn6C1evT40KpB9ZIPug3GioNrkZAuF8ZXXrNjvGqBN6967e8Xj_PqG4_DCsU7jWYowTjPZnbFwIZ0SjR7bgniPB-ei3Sd90zSMWIpi3jYgnVt2wsQ9wDHTGNkF9IYE8Tovd127YRE3m7KDnC5K8OTjN4Mn8ol1ydU4iitWhEGymnuRTS8wvd35J0aaBeAZ2ZHrmxglaG8LRDe2F3Xe2N3qJulE56bio7vOAGpv6xJr1-y9E1yr9BeDkc4hmiU4UUeKADFGVkM-KbFZ1DvyOZ_dJRwbzKb-r-YD5O8Jpg9jzIGuXHStrX-3kzioNDh3E_2obq6OrEci-dDmflB7utsIxzhg2khq2J2PejiWulhz1GkamqFZDa9V0p9fp7firRxmuj7kLfThrFhwczCNe2L8S43-IFB0cZBYtm-G6L_TQxpMY1gG-O8-5M3CNlPd7k-_c85OPEou1wK6vmcmDV185Q7sfAeUfIwV3wxth2ULQAyyIOYhQMFjNYfB73Twajagiow6Xd_qSNKEYkHD7_SM9GhclfzFc8hr3vjmr1u5mj2e4IL4LWpCuod9L1xRfD9E0HTP05JAXmnbuEJoMVV9v2wEBw__cAXQ2bKizR3-uwTPkeikYZhEyDUaE2jaTN2ARTBuZOHL0s93CdvwQLSgKSgRgULLSAtY-AyIAA4YClr4CkBkDFqVAxa115Vo__T6XPF0MV23_DAcw_NTITdk0kA4NWV80gLEPU7RgeZM2nQqjiOdn1KtZ80NC6VwqNB2yiRr2KHKMNOessubY_PSPeGA8ZWptxUYe098-2YrkFscTcOBXnBlAfA%3D&uniformat=true&callback=Ya%5B3606406797476%5D
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
b6f695f87cfca13dd4addfcef61be73b3b72dca643436e673a58c9af723154df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://download-tlgm.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 27 Jan 2024 07:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1706340457283706-3522755925587116348-balancer-l7leveler-kubr-yp-vla-136-BAL-5684
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type
MediaImage
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 27 Jan 2024 07:27:37 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat
true
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
application/json
access-control-allow-origin
http://download-tlgm.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 27 Jan 2024 07:27:37 GMT
cs
muloyorom.com/js/ Frame 8F87
Redirect Chain
  • https://muloyorom.com/js/cs?uuid=3692eefa-f201-4cd9-be90-68cdf7dc3175
  • https://s.uuidksinc.net/match/1165/?remote_uid=3692eefa-f201-4cd9-be90-68cdf7dc3175&cb_url=https%3A%2F%2Fmuloyorom.com%2Fjs%2Fcs%3Fuuid%3D3692eefa-f201-4cd9-be90-68cdf7dc3175%26oid%3D%5BUID%5D
  • https://muloyorom.com/js/cs?uuid=3692eefa-f201-4cd9-be90-68cdf7dc3175&oid=9JrbPI0EQbl1xl64QLvU
43 B
491 B 		Document
General
Check archive.org
Download Go to
Full URL
https://muloyorom.com/js/cs?uuid=3692eefa-f201-4cd9-be90-68cdf7dc3175&oid=9JrbPI0EQbl1xl64QLvU
Requested by
Host: muloyorom.com
URL: https://muloyorom.com/535391.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.46.53 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://download-tlgm.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Connection
keep-alive
Content-Type
image/gif
Date
Sat, 27 Jan 2024 07:27:37 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

content-length
0
date
Sat, 27 Jan 2024 07:27:37 GMT
location
https://muloyorom.com/js/cs?uuid=3692eefa-f201-4cd9-be90-68cdf7dc3175&oid=9JrbPI0EQbl1xl64QLvU
server
nginx/1.23.2
ads
googleads.g.doubleclick.net/pagead/ Frame 399B 		93 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4622439471653545&output=html&h=280&slotname=3547231412&adk=3563481279&adf=3642323547&pi=t.ma~as.3547231412&w=1040&fwrn=4&fwrnh=100&lmt=1706340457&rafmt=1&format=1040x280&url=http%3A%2F%2Fdownload-tlgm.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1706340456996&bpp=3&bdt=517&idt=298&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&correlator=2048886132120&frm=20&pv=2&ga_vid=969955348.1706340457&ga_sid=1706340457&ga_hid=886679608&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080589%2C95321627%2C95322165%2C95323006&oid=2&pvsid=199225707555881&tmod=2064311856&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=305
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4622439471653545&plah=download-tlgm.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13cbe8a4547521fb80fe4f1618efa1c9e4142069481bb547384400702a794abb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://download-tlgm.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
29648
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 07:27:37 GMT
expires
Sat, 27 Jan 2024 07:27:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8BE4 		319 KB
71 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4622439471653545&output=html&adk=1812271804&adf=3025194257&lmt=1706340457&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=http%3A%2F%2Fdownload-tlgm.ru%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1706340457011&bpp=1&bdt=532&idt=300&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=1040x280&nras=1&correlator=2048886132120&frm=20&pv=1&ga_vid=969955348.1706340457&ga_sid=1706340457&ga_hid=886679608&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080589%2C95321627%2C95322165%2C95323006&oid=2&pvsid=199225707555881&tmod=2064311856&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=307
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4622439471653545&plah=download-tlgm.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73908a6a38a55f430d713c9b048c9e3dd4090d0557f5656a3979b1a0a1369fb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://download-tlgm.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
72347
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 07:27:37 GMT
expires
Sat, 27 Jan 2024 07:27:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10261.5qsi5jlnm4ruwRFvC2p4Sz63BHvmaSZnepvoQ2El2qS99ba2dkutpj3AEkryZAAP.K5HUsJEDfW1DpE-Vi4b93HfieyU%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10261.hk9mWAwU8G2NrOFsrjCCNbPV9j00ZDvgoWSbj2v5U9xj5mUFXIxGusd-ZhS8uwGUuuWNIYhad-P5BFcnGISPUSH_-1SQUeTWrVi9oPNLnskW3qaVsa64RdwRJ296LwbYpNCZwS98t6...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10261.KVHHN1Xp3EkmTFEOFuhCw2GQsgEidH6hr1qFCEAjKU3Hxx1K2ScqB-Yhu0oD1-AlRMeoBhdgIJDel7xNC0rRjeYXLYsjsy3G-UaFeuVfKqgbz...
43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10261.KVHHN1Xp3EkmTFEOFuhCw2GQsgEidH6hr1qFCEAjKU3Hxx1K2ScqB-Yhu0oD1-AlRMeoBhdgIJDel7xNC0rRjeYXLYsjsy3G-UaFeuVfKqgbzod6wmGKhXenxXgsNHSrBneHwWTtZVXiN4lkWeTITVybsciMyrmc5z6fZNNoq0FeuF5bRwLySyhmypySvFXV3qjtNOLDUA0mmHKYMSZ_YQ%2C%2C.WJmg0eCwp2Eecz6LVfxcxFealiM%2C
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:37 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10261.KVHHN1Xp3EkmTFEOFuhCw2GQsgEidH6hr1qFCEAjKU3Hxx1K2ScqB-Yhu0oD1-AlRMeoBhdgIJDel7xNC0rRjeYXLYsjsy3G-UaFeuVfKqgbzod6wmGKhXenxXgsNHSrBneHwWTtZVXiN4lkWeTITVybsciMyrmc5z6fZNNoq0FeuF5bRwLySyhmypySvFXV3qjtNOLDUA0mmHKYMSZ_YQ%2C%2C.WJmg0eCwp2Eecz6LVfxcxFealiM%2C
date
Sat, 27 Jan 2024 07:27:37 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:37 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 12:09:51 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65b3a10f-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 27 Jan 2024 08:27:37 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame 6047 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
9df4ea0c8c25b6c96ccb4ef96780a7b074ee266972670f2572d38a961f1b481f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://download-tlgm.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
869
content-type
text/html
date
Sat, 27 Jan 2024 07:27:37 GMT
etag
"65b3a10f-365"
expires
Sat, 27 Jan 2024 08:27:37 GMT
last-modified
Fri, 26 Jan 2024 12:09:51 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
1
mc.yandex.com/watch/48291797/
Redirect Chain
  • https://mc.yandex.com/watch/48291797?wmode=7&page-url=http%3A%2F%2Fdownload-tlgm.ru%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xy7yz3pqvro10cvu5q72wt7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-...
  • https://mc.yandex.com/watch/48291797/1?wmode=7&page-url=http%3A%2F%2Fdownload-tlgm.ru%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xy7yz3pqvro10cvu5q72wt7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
466 B
585 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/48291797/1?wmode=7&page-url=http%3A%2F%2Fdownload-tlgm.ru%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xy7yz3pqvro10cvu5q72wt7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A1%3Adp%3A0%3Als%3A1521558744615%3Ahid%3A183843390%3Az%3A60%3Ai%3A20240127082737%3Aet%3A1706340457%3Ac%3A1%3Arn%3A145664887%3Arqn%3A1%3Au%3A1706340457493392520%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A41%2C57%2C62%2C114%2C%2C0%2C%2C390%2C1%2C%2C%2C%2C665%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1706340456314%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706340458%3At%3ATelegram%20Messenger%20%7C%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
24390adf7efd53ea9a2f59b9b093892831a470a4b7546122025f8945e5bef69e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 27-Jan-2024 07:27:37 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
http://download-tlgm.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
466
x-xss-protection
1; mode=block
expires
Sat, 27-Jan-2024 07:27:37 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:37 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 27-Jan-2024 07:27:37 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/48291797/1?wmode=7&page-url=http%3A%2F%2Fdownload-tlgm.ru%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xy7yz3pqvro10cvu5q72wt7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A1%3Adp%3A0%3Als%3A1521558744615%3Ahid%3A183843390%3Az%3A60%3Ai%3A20240127082737%3Aet%3A1706340457%3Ac%3A1%3Arn%3A145664887%3Arqn%3A1%3Au%3A1706340457493392520%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A41%2C57%2C62%2C114%2C%2C0%2C%2C390%2C1%2C%2C%2C%2C665%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1706340456314%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706340458%3At%3ATelegram%20Messenger%20%7C%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin
http://download-tlgm.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 27-Jan-2024 07:27:37 GMT
event_confirmation
an.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://download-tlgm.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
http://download-tlgm.ru
access-control-max-age
1728000
content-encoding
gzip
date
Sat, 27 Jan 2024 07:27:37 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-xss-protection
1; mode=block
event_confirmation
an.yandex.ru/ 		0
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://download-tlgm.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 07:27:37 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
http://download-tlgm.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:37 GMT
orig
avatars.mds.yandex.net/get-direct-picture/994844/HMwfP9QswuPJQIbV2VxHZA/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct-picture/994844/HMwfP9QswuPJQIbV2VxHZA/orig
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::184 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
9fdedb91076ba01329d0eabf7e740e6ac805dccc2edf7301a40c0af95adec8bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:37 GMT
last-modified
Fri, 03 Mar 2023 13:03:20 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
59726
x-request-id
64e573511e3dcc6b
1
mc.yandex.com/watch/2027212/
Redirect Chain
  • https://mc.yandex.com/watch/2027212?wmode=7&page-url=http%3A%2F%2Fdownload-tlgm.ru%2F&nohit=1&charset=utf-8&cnt-class=1&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xy7yz3pqvro10cvu5q72wt7%3Afu%3A0%3Aen...
  • https://mc.yandex.com/watch/2027212/1?wmode=7&page-url=http%3A%2F%2Fdownload-tlgm.ru%2F&nohit=1&charset=utf-8&cnt-class=1&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xy7yz3pqvro10cvu5q72wt7%3Afu%3A0%3A...
411 B
446 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/2027212/1?wmode=7&page-url=http%3A%2F%2Fdownload-tlgm.ru%2F&nohit=1&charset=utf-8&cnt-class=1&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xy7yz3pqvro10cvu5q72wt7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A2%3Adp%3A0%3Als%3A543688175544%3Ahid%3A183843390%3Az%3A60%3Ai%3A20240127082737%3Aet%3A1706340458%3Ac%3A1%3Arn%3A515641005%3Au%3A1706340457493392520%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1706340456314%3Ahsa%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706340458%3At%3ATelegram%20Messenger%20%7C%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82&t=mc%28p-1%29clc%280-0-0%29aw%281%29rcm%281%29ti%281%29
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
ccbcccd2fef05029e565bdf38eb68bca95714212faa4f5aa2760ef98ebd9890d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 27-Jan-2024 07:27:37 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
http://download-tlgm.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
411
x-xss-protection
1; mode=block
expires
Sat, 27-Jan-2024 07:27:37 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:37 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 27-Jan-2024 07:27:37 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/2027212/1?wmode=7&page-url=http%3A%2F%2Fdownload-tlgm.ru%2F&nohit=1&charset=utf-8&cnt-class=1&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xy7yz3pqvro10cvu5q72wt7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A2%3Adp%3A0%3Als%3A543688175544%3Ahid%3A183843390%3Az%3A60%3Ai%3A20240127082737%3Aet%3A1706340458%3Ac%3A1%3Arn%3A515641005%3Au%3A1706340457493392520%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1706340456314%3Ahsa%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706340458%3At%3ATelegram%20Messenger%20%7C%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82&t=mc%28p-1%29clc%280-0-0%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin
http://download-tlgm.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 27-Jan-2024 07:27:37 GMT
render.html
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 0BB6 		24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Requested by
Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://download-tlgm.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=946708560
content-encoding
br
content-length
6262
content-type
text/html
date
Sat, 27 Jan 2024 06:44:17 GMT
etag
"eb77de48712912aadc9aa8171ac75ede"
expires
Mon, 26 Jan 2054 14:03:37 GMT
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
vary
Accept-Encoding
x-robots-tag
noindex, noarchive, nofollow
1
mc.yandex.com/watch/48291797/ 		43 B
86 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/48291797/1?page-url=http%3A%2F%2Fdownload-tlgm.ru%2F&charset=utf-8&uah=che%0A0&hittoken=1706340457_7b844980f1a4718a749f43e8c5de883c192b9e1e9855c0bb97ccd07424b743bf&browser-info=pa%3A1%3Aar%3A1%3Avf%3A6xy7yz3pqvro10cvu5q72wt7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A1%3Adp%3A0%3Als%3A1521558744615%3Ahid%3A183843390%3Az%3A60%3Ai%3A20240127082737%3Aet%3A1706340458%3Ac%3A1%3Arn%3A388701754%3Arqn%3A2%3Au%3A1706340457493392520%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1706340456314%3Ahsa%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706340458&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(2)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%228242191706340457241%22%7D%7D
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:37 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 27-Jan-2024 07:27:37 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
http://download-tlgm.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 27-Jan-2024 07:27:37 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 399B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4622439471653545&output=html&h=280&slotname=3547231412&adk=3563481279&adf=3642323547&pi=t.ma~as.3547231412&w=1040&fwrn=4&fwrnh=100&lmt=1706340457&rafmt=1&format=1040x280&url=http%3A%2F%2Fdownload-tlgm.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1706340456996&bpp=3&bdt=517&idt=298&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&correlator=2048886132120&frm=20&pv=2&ga_vid=969955348.1706340457&ga_sid=1706340457&ga_hid=886679608&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080589%2C95321627%2C95322165%2C95323006&oid=2&pvsid=199225707555881&tmod=2064311856&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 11:54:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
70400
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 11:54:17 GMT
css
fonts.googleapis.com/ Frame 399B 		8 KB
846 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4622439471653545&output=html&h=280&slotname=3547231412&adk=3563481279&adf=3642323547&pi=t.ma~as.3547231412&w=1040&fwrn=4&fwrnh=100&lmt=1706340457&rafmt=1&format=1040x280&url=http%3A%2F%2Fdownload-tlgm.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1706340456996&bpp=3&bdt=517&idt=298&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&correlator=2048886132120&frm=20&pv=2&ga_vid=969955348.1706340457&ga_sid=1706340457&ga_hid=886679608&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080589%2C95321627%2C95322165%2C95323006&oid=2&pvsid=199225707555881&tmod=2064311856&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 Jan 2024 07:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 05:41:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Jan 2024 07:27:37 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 399B 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4622439471653545&output=html&h=280&slotname=3547231412&adk=3563481279&adf=3642323547&pi=t.ma~as.3547231412&w=1040&fwrn=4&fwrnh=100&lmt=1706340457&rafmt=1&format=1040x280&url=http%3A%2F%2Fdownload-tlgm.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1706340456996&bpp=3&bdt=517&idt=298&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&correlator=2048886132120&frm=20&pv=2&ga_vid=969955348.1706340457&ga_sid=1706340457&ga_hid=886679608&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080589%2C95321627%2C95322165%2C95323006&oid=2&pvsid=199225707555881&tmod=2064311856&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
287267
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2939
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 02:36:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:39:50 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 399B 		378 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4622439471653545&output=html&h=280&slotname=3547231412&adk=3563481279&adf=3642323547&pi=t.ma~as.3547231412&w=1040&fwrn=4&fwrnh=100&lmt=1706340457&rafmt=1&format=1040x280&url=http%3A%2F%2Fdownload-tlgm.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1706340456996&bpp=3&bdt=517&idt=298&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&correlator=2048886132120&frm=20&pv=2&ga_vid=969955348.1706340457&ga_sid=1706340457&ga_hid=886679608&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080589%2C95321627%2C95322165%2C95323006&oid=2&pvsid=199225707555881&tmod=2064311856&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:27:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
288034
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134582
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 02:36:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:27:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 399B 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4622439471653545&output=html&h=280&slotname=3547231412&adk=3563481279&adf=3642323547&pi=t.ma~as.3547231412&w=1040&fwrn=4&fwrnh=100&lmt=1706340457&rafmt=1&format=1040x280&url=http%3A%2F%2Fdownload-tlgm.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1706340456996&bpp=3&bdt=517&idt=298&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&correlator=2048886132120&frm=20&pv=2&ga_vid=969955348.1706340457&ga_sid=1706340457&ga_hid=886679608&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080589%2C95321627%2C95322165%2C95323006&oid=2&pvsid=199225707555881&tmod=2064311856&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
27940
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 23:41:57 GMT
matchx
uuidksinc.net/ Frame 1C4F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uuidksinc.net/matchx
Requested by
Host: muloyorom.com
URL: https://muloyorom.com/535391.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
95848d06ddc0e58d0d130e3d3c1d757c849f8c98cc681d435682f3bd38d7b23f

Request headers

Referer
http://download-tlgm.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 27 Jan 2024 07:27:37 GMT
server
nginx/1.23.2
vary
Accept-Encoding
event_confirmation
an.yandex.ru/ 		0
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://download-tlgm.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 07:27:37 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
http://download-tlgm.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:37 GMT
event_confirmation
an.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://download-tlgm.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
http://download-tlgm.ru
access-control-max-age
1728000
content-encoding
gzip
date
Sat, 27 Jan 2024 07:27:37 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-xss-protection
1; mode=block
1T9wB4Fz0Mi200000000U9nJp6JXFtRnLRUYuG71nfohRZvCbfaRjgGo084dJ2Jqy-GBGh5dtianf382nJCF21vC1OcNCWDvjLU1H2jZ0f3i1Ca20HF3J4Rsen3EGiOQ4GXh9QDF6aH-BsFW3dQ6es3-MKQG8LSPGMhkCZB8C33y1RFdCZ41oQLCDu3KMgOe8Fiiq...
yandex.ru/an/rtbcount/ 		43 B
395 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/an/rtbcount/1T9wB4Fz0Mi200000000U9nJp6JXFtRnLRUYuG71nfohRZvCbfaRjgGo084dJ2Jqy-GBGh5dtianf382nJCF21vC1OcNCWDvjLU1H2jZ0f3i1Ca20HF3J4Rsen3EGiOQ4GXh9QDF6aH-BsFW3dQ6es3-MKQG8LSPGMhkCZB8C33y1RFdCZ41oQLCDu3KMgOe8FiiqtyWUCKae1kvJU-082F3ZVvB4I_usHZ-Ch60dC3C2YHxcHM1v5HcaA5pcK56h6HcSbG0MxkHMVAtkFG6rQIYaymmNrzb1biC9fyorzv_mVMJsS697-9qbhPWi0J31fR_CC2u0ubz08bzamNYkG_s3raMzwWVPLnttVuj2yYB2rWvJx9ch-K5IrzWRMX8kCcQSU1bc5DjhifNLf3cNwoSXXR61iR6vaQc3Mn_zoqExs1hO9d0zh9ZpuOvjtuTLPp1TkLmy0AsvcyzgtSk__rl4-DADfWT1zWyJh0nFsBZZKnnjGgpIA-eCed8Dt_91dFDJpXh8llf_4ApffblxMUnircQ6baO6svWPzh1pdY2NVm1-_jPCzR-FNFZcyKFTfu57ErTx2iu_gnWsS1nvWpZ3Wx6MnmOmVwKWu6XmRwN4-J5gPmWto_WR61UmTd2j85Jz0GdumLEbXUSZ1yu6NzmCYxW0Xe808-bq080?pcode-active-testids=938404%2C0%2C71
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/952831/c9f2e4d9b16ebb3004df.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1706340457801448-17551625781322025777-balancer-l7leveler-kubr-yp-vla-136-BAL
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 27 Jan 2024 07:27:37 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
image/gif
access-control-allow-origin
http://download-tlgm.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 27 Jan 2024 07:27:37 GMT
1
mc.yandex.com/watch/2027212/ 		43 B
74 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/2027212/1?page-url=http%3A%2F%2Fdownload-tlgm.ru%2F&charset=utf-8&cnt-class=1&uah=che%0A0&hittoken=1706340457_81cbeb3d06334e9d28414ac96799f991e58bfa59c3ec8f283a121c1a1413ea30&browser-info=pa%3A1%3Aar%3A1%3Avf%3A6xy7yz3pqvro10cvu5q72wt7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A2%3Adp%3A0%3Als%3A543688175544%3Ahid%3A183843390%3Az%3A60%3Ai%3A20240127082737%3Aet%3A1706340458%3Ac%3A1%3Arn%3A581651830%3Arqn%3A1%3Au%3A1706340457493392520%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A41%2C57%2C62%2C114%2C%2C0%2C%2C390%2C1%2C%2C%2C%2C665%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1706340456314%3Ahsa%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706340458&t=mc(p-2-h-1)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%228242191706340457241%22%7D%7D
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:37 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 27-Jan-2024 07:27:37 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
http://download-tlgm.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 27-Jan-2024 07:27:37 GMT
2027212
mc.yandex.com/watch/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/2027212?page-url=http%3A%2F%2Fdownload-tlgm.ru%2F&charset=utf-8&cnt-class=1&uah=che%0A0&hittoken=1706340457_81cbeb3d06334e9d28414ac96799f991e58bfa59c3ec8f283a121c1a1413ea30&browser-info=pv%3A1%3Aar%3A1%3Avf%3A6xy7yz3pqvro10cvu5q72wt7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A2%3Adp%3A0%3Als%3A543688175544%3Ahid%3A183843390%3Az%3A60%3Ai%3A20240127082737%3Aet%3A1706340458%3Ac%3A1%3Arn%3A1008058318%3Arqn%3A2%3Au%3A1706340457493392520%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1706340456314%3Ahsa%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706340458%3At%3ATelegram%20Messenger%20%7C%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82&t=mc(p-2-h-1)clc(0-0-0)rqnt(2)aw(1)rcm(1)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:37 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 27-Jan-2024 07:27:37 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
http://download-tlgm.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 27-Jan-2024 07:27:37 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/ 		165 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4622439471653545&plah=download-tlgm.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e4de7a854eb37a5e5c4e94cb292f89fc0bbc97e18572ad25f20bec306e8a68a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57002
x-xss-protection
0
server
cafe
etag
14178142082826229170
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 07:27:37 GMT
WZ4ejI_zOoVX2LcG0HqH0CDVUZw4M2P4s8Dez23A89Xy4t8ZdfoK9r3OTXe5s2dJJZlafRupDl54IqjBIqjBPySa0U9c3jc-yoTqslpm5oEixik7CFt1Qq0IoIyVTW-2aHx6dithoLSI9eQ5KZo8InX0nwaYDSe0np62Z1m6Jugg1ZCusENDrqOFafoh2bk4Z2h2m...
yandex.ru/an/tracking/ Frame 0BB6 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yandex.ru/an/tracking/WZ4ejI_zOoVX2LcG0HqH0CDVUZw4M2P4s8Dez23A89Xy4t8ZdfoK9r3OTXe5s2dJJZlafRupDl54IqjBIqjBPySa0U9c3jc-yoTqslpm5oEixik7CFt1Qq0IoIyVTW-2aHx6dithoLSI9eQ5KZo8InX0nwaYDSe0np62Z1m6Jugg1ZCusENDrqOFafoh2bk4Z2h2mKm01p6F_hXXl8GIRn3RM5ss7Se8zqEr7tA26iQ-Xjn4WolyKZFsLTyu93LYPasOXjWZMAy1qq9wDAdXWg3hDVhq2f00jXY-c324RHnGwXCwODWo88da5mmwFTP3C13HAGnyWMj0OQ65dO0ZaO9TthbibHXTrvcOiDWPSbEcKTcyKCxWhsgiz060HxnfK6EGAMlAP4sKdrXWmOyYBIWKMLBGVTi4iuntGYFCX79Jr--Oz6nSZFX2-OilHkjZT0zZji06ywLPg6XYBH806APBW9IYNzu5fb1Jhu5FVjQTVzZdAU7nmH8OQVjVQ22MxuK6OlbS1zoU_auBwT7aQpsJ7cu_wvdqS6EQGS0nooOQTLtNiRGvXiiHBhtxj3okiIVxjBmlaNuSebiL1T9_QU-red5H4qJZeYRejHxixIq9byzwgRSn9cHSd8JuUPqv8sOE1Cz5RfihbKgbjSqhPDDQvG-X09MPKgbK1X3y2vJXa5C_sBluuKh8uu1VtTcYWWAefe8wKSwwNRoZLzT8mtGkQbyu5lXb2wIoOA1fr3Sm70W0~2?action-id=11
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Sat, 27 Jan 2024 07:27:37 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1706340457906321-14018186174478216003-balancer-l7leveler-kubr-yp-vla-136-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:37 GMT
cfab8b45dcb263bb9649aa
an.yandex.ru/mapuid/arcspireis/ Frame 0BB6
Redirect Chain
  • https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389
  • https://an.yandex.ru/mapuid/arcspireis/cfab8b45dcb263bb9649aa
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/arcspireis/cfab8b45dcb263bb9649aa
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 07:27:38 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:38 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/arcspireis/cfab8b45dcb263bb9649aa
date
Sat, 27 Jan 2024 07:27:37 GMT
x-envoy-upstream-service-time
0
server
envoy
content-length
0
0A00007F69B0B465EF0015A30265D33A
an.yandex.ru/mapuid/sapeis/ Frame 0BB6
Redirect Chain
  • https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D
  • https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14
  • https://acint.net/rmatch?dp=14&euid=1D03420A6AB0B465ED02AA1502FA8294&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D
  • https://an.yandex.ru/mapuid/sapeis/0A00007F69B0B465EF0015A30265D33A
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/sapeis/0A00007F69B0B465EF0015A30265D33A
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 07:27:38 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:38 GMT

Redirect headers

date
Sat, 27 Jan 2024 07:27:38 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://an.yandex.ru/mapuid/sapeis/0A00007F69B0B465EF0015A30265D33A
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
95b0ce55-05a3-521b-8c0b-5c39e9bfec50
an.yandex.ru/mapuid/betweendigitalis/ Frame 0BB6
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1&rts=4654927728312389746
  • https://an.yandex.ru/mapuid/betweendigitalis/95b0ce55-05a3-521b-8c0b-5c39e9bfec50
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/95b0ce55-05a3-521b-8c0b-5c39e9bfec50
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 07:27:38 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:38 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/betweendigitalis/95b0ce55-05a3-521b-8c0b-5c39e9bfec50
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
demconf.jpg
dpm.demdex.net/ Frame 0BB6
Redirect Chain
  • https://yandex.ru/an/mapuid/adobedmp/
  • https://dpm.demdex.net/ibs:dpid=423652&dpuuid=988F4FF9F69D3978
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=988F4FF9F69D3978
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=988F4FF9F69D3978
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
63.33.78.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-78-63.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-06695c737.edge-irl1.demdex.com 1 ms
pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
qAwW7O65QnY=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-2-v054-082fe620b.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
F1DhRPsMRi0=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=988F4FF9F69D3978
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
match
ads.betweendigital.com/ Frame 0BB6
Redirect Chain
  • https://yandex.ru/an/mapuid/betweenx/
  • https://ads.betweendigital.com/match?bidder_id=161&external_user_id=E0E61C1F0CD7AA05
  • https://ads.betweendigital.com/match?bidder_id=161&external_user_id=E0E61C1F0CD7AA05&crf=1&rts=42003785419164241
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=E0E61C1F0CD7AA05&crf=1&rts=42003785419164241
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
188.42.34.64 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
/match?bidder_id=161&external_user_id=E0E61C1F0CD7AA05&crf=1&rts=42003785419164241
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
pixel
im.bluevoox.com/ Frame 0BB6
Redirect Chain
  • https://yandex.ru/an/mapuid/blueseaxcom/
  • https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=CAB998B2130EAB21
0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=CAB998B2130EAB21
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
HTTP/1.1
Server
52.45.175.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-175-185.compute-1.amazonaws.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
close
Date
Sat, 27 Jan 2024 07:27:38 GMT
Server
openresty

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Sat, 27 Jan 2024 07:27:37 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1706340457911128-10461201142323415740-balancer-l7leveler-kubr-yp-vla-136-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=CAB998B2130EAB21
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:37 GMT
pixel
cm.g.doubleclick.net/ Frame 0BB6
Redirect Chain
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=62F690F54BEDEA1A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=62F690F54BEDEA1A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Sat, 27 Jan 2024 07:27:37 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1706340457911372-10865945246469782685-balancer-l7leveler-kubr-yp-vla-136-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=62F690F54BEDEA1A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:37 GMT
pixel
cm.g.doubleclick.net/ Frame 0BB6
Redirect Chain
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=62F690F54BEDEA1A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=62F690F54BEDEA1A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Sat, 27 Jan 2024 07:27:37 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1706340457911723-8104244294579788343-balancer-l7leveler-kubr-yp-vla-136-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=62F690F54BEDEA1A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:37 GMT
pixel
cm.g.doubleclick.net/ Frame 0BB6
Redirect Chain
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandexru
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=62F690F54BEDEA1A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=62F690F54BEDEA1A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Sat, 27 Jan 2024 07:27:37 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1706340457912018-2446185524737413454-balancer-l7leveler-kubr-yp-vla-136-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=62F690F54BEDEA1A&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:37 GMT
/
yandex.ru/an/mapuid/mailweb/ Frame 0BB6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yandex.ru/an/mapuid/mailweb/
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
sync
x.bidswitch.net/ Frame 0BB6
Redirect Chain
  • https://yandex.ru/an/mapuid/minimobww/
  • https://yandex.digital-services.solutions/api/sync?demand=YANV2EU&userid=35D69D182392CC99&expires=1&usergroup=1
  • https://x.bidswitch.net/sync?dsp_id=469&user_id=35D69D182392CC99&expires=1&user_group=1
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=469&user_id=35D69D182392CC99&expires=1&user_group=1
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
HTTP/1.1
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 07:27:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=469&user_id=35D69D182392CC99&expires=1&user_group=1
date
Sat, 27 Jan 2024 07:27:38 GMT
x-powered-by
Express
content-length
109
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
/
yandex.ru/an/mapuid/operacom/ Frame 0BB6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yandex.ru/an/mapuid/operacom/
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
/
yandex.ru/an/mapuid/videonowssp/ Frame 0BB6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yandex.ru/an/mapuid/videonowssp/
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
user-sync
sync.adkernel.com/ Frame 0BB6
Redirect Chain
  • https://yandex.ru/an/mapuid/xapadsssp/
  • https://sync.adkernel.com/user-sync?dsp=94&t=image&uid=B653178CFD5E0868
42 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?dsp=94&t=image&uid=B653178CFD5E0868
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
HTTP/1.1
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 07:27:38 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
42
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Sat, 27 Jan 2024 07:27:37 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1706340457966339-3502807587688886672-balancer-l7leveler-kubr-yp-vla-136-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://sync.adkernel.com/user-sync?dsp=94&t=image&uid=B653178CFD5E0868
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:37 GMT
/
yandex.ru/an/mapuid/yeahmobissp/ Frame 0BB6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yandex.ru/an/mapuid/yeahmobissp/
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
4ec490b33b1fd63fdf0cda7dfae55bf01683a39a5020462c8fb0030b66bfbc40
an.yandex.ru/mapuid/mediascope/ Frame 0BB6
Redirect Chain
  • https://cm.tns-counter.ru/yacm
  • https://an.yandex.ru/mapuid/mediascope/4ec490b33b1fd63fdf0cda7dfae55bf01683a39a5020462c8fb0030b66bfbc40
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/mediascope/4ec490b33b1fd63fdf0cda7dfae55bf01683a39a5020462c8fb0030b66bfbc40
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 07:27:38 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:38 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
server
ms-counter-4.4.3/1.22.1
content-type
text/html
location
https://an.yandex.ru/mapuid/mediascope/4ec490b33b1fd63fdf0cda7dfae55bf01683a39a5020462c8fb0030b66bfbc40
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cr
cr.frontend.weborama.fr/ Frame 0BB6
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=yandex&url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F{WEBO_CID}
  • https://cr.frontend.weborama.fr/cr?key=yandex&url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=2240567668
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=yandex&url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=2240567668
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:37 GMT
via
1.1 google
last-modified
Sat, 27 Jan 2024 07:27:37 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:37 GMT
via
1.1 google
last-modified
Sat, 27 Jan 2024 07:27:37 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=yandex&url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=2240567668
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
match
dm.hybrid.ai/ Frame 0BB6 		0
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=182
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.230.131.21 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:37 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
https://yastatic.net
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
552
x-xss-protection
1; mode=block
expires
-1
yandexdmp-match
dm.hybrid.ai/ Frame 0BB6 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/yandexdmp-match
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.230.131.21 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:37 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
561
x-xss-protection
1; mode=block
expires
-1
vY4.0mOCd47Tc857Js2U
an.yandex.ru/mapuid/dmpamberdata/ Frame 0BB6
Redirect Chain
  • https://dmg.digitaltarget.ru/1/119/i/i?i=1706340457
  • https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1706340458048&i=1706340457
  • https://an.yandex.ru/mapuid/dmpamberdata/vY4.0mOCd47Tc857Js2U
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpamberdata/vY4.0mOCd47Tc857Js2U
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 07:27:38 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:38 GMT

Redirect headers

Date
Sat, 27 Jan 2024 07:27:38 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Server
nginx
X-Permitted-Cross-Domain-Policies
master-only
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Location
https://an.yandex.ru/mapuid/dmpamberdata/vY4.0mOCd47Tc857Js2U
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
HsmPvZizfhblgTuBvAMFTpaywbkXdjSP
an.yandex.ru/mapuid/mediasurferis/ Frame 0BB6
Redirect Chain
  • https://dsp.mpartner.digital/dmp/syncsspdmp?sspid=4
  • https://an.yandex.ru/mapuid/mediasurferis/HsmPvZizfhblgTuBvAMFTpaywbkXdjSP
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/mediasurferis/HsmPvZizfhblgTuBvAMFTpaywbkXdjSP
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 07:27:38 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:38 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/mediasurferis/HsmPvZizfhblgTuBvAMFTpaywbkXdjSP
date
Sat, 27 Jan 2024 07:27:38 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/html; charset=utf-8
content-length
109
p3p
policyref="//dsp.mpartner.digital/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
server_match
euw-ice.360yield.com/ Frame 0BB6 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID}
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.35.143.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-143-96.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 07:27:38 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
56d6a050-576d-4341-73b6-1c17522bc7d7
an.yandex.ru/mapuid/buzzooladspis/ Frame 0BB6
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D
  • https://an.yandex.ru/mapuid/buzzooladspis/56d6a050-576d-4341-73b6-1c17522bc7d7
43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/buzzooladspis/56d6a050-576d-4341-73b6-1c17522bc7d7
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 07:27:38 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:38 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/buzzooladspis/56d6a050-576d-4341-73b6-1c17522bc7d7
date
Sat, 27 Jan 2024 07:27:37 GMT
server
nginx
content-length
113
serverid
TODO
content-type
text/html; charset=utf-8
1673779647470262086
an.yandex.ru/mapuid/targetads/ Frame 0BB6
Redirect Chain
  • https://eye.targetads.io/sync/yandex/
  • https://an.yandex.ru/mapuid/targetads/1673779647470262086
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/targetads/1673779647470262086
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 07:27:38 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:38 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/targetads/1673779647470262086
date
Sat, 27 Jan 2024 07:27:37 GMT
server
ycalb
content-length
0
q2rJE_jrTwalVnosOMlroQ
an.yandex.ru/setud/mts_banner/ Frame 0BB6
Redirect Chain
  • https://kimberlite.io/rtb/sync/yandex
  • https://sync.dsp.solta.io/match/kimberlite?id=ZbSwantLFg0
  • https://sync.dsp.solta.io/match/kimberlite?id=ZbSwantLFg0&chk=1
  • https://kimberlite.io/rtb/sync/iage?u=NjYxN2Q4YjM5OGU0ZWU0NA
  • https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZbSwantLFg0
  • https://vma.mts.ru/match/second?ssp=59&exu=ZbSwantLFg0
  • https://tech.rtb.mts.ru/?dsp_uid=ab6ac913-f8eb-4f06-a556-7a2c38c96ba1&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2Fq2rJE_jrTwalVnosOMlroQ%3Flocation%3Dhttps%253A%252F%252Fvma.mts.ru...
  • https://an.yandex.ru/setud/mts_banner/q2rJE_jrTwalVnosOMlroQ?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=2853111327
43 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/setud/mts_banner/q2rJE_jrTwalVnosOMlroQ?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=2853111327
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 07:27:38 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:38 GMT

Redirect headers

Date
Sat, 27 Jan 2024 07:27:38 GMT
Server
nginx/1.20.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://an.yandex.ru/setud/mts_banner/q2rJE_jrTwalVnosOMlroQ?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=2853111327
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
an.yandex.ru/mapuid/targetrtbis/ Frame 0BB6
Redirect Chain
  • https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
  • https://an.yandex.ru/mapuid/targetrtbis/
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/targetrtbis/
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 07:27:38 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:38 GMT

Redirect headers

Date
Sat, 27 Jan 2024 07:27:38 GMT
Server
nginx/1.22.1
Vary
Origin
Access-Control-Allow-Origin
*
Location
https://an.yandex.ru/mapuid/targetrtbis/
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
mitdmp.whiteboxdigital.ru/ Frame 0BB6 		0
0
cm
nr.bidderstack.com/yandex/ Frame 0BB6
Redirect Chain
  • https://nr.bidderstack.com/yandex/cm?user_id={partner_user_id}
  • https://nr.bidderstack.com/yandex/cm?user_id={partner_user_id}&pupa=1
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nr.bidderstack.com/yandex/cm?user_id={partner_user_id}&pupa=1
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
HTTP/1.1
Server
167.235.186.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.113.186.235.167.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 27 Jan 2024 07:27:38 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0

Redirect headers

Location
/yandex/cm?user_id={partner_user_id}&pupa=1
Access-Control-Allow-Origin
*
Date
Sat, 27 Jan 2024 07:27:38 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
/
an.yandex.ru/mapuid/ramblerssp/ Frame 0BB6
Redirect Chain
  • https://profile.ssp.rambler.ru/sync3.302?pid=188
  • https://an.yandex.ru/mapuid/ramblerssp/
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/ramblerssp/
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 07:27:38 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:38 GMT

Redirect headers

date
Sat, 27 Jan 2024 07:27:38 GMT
strict-transport-security
max-age=0
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location
//an.yandex.ru/mapuid/ramblerssp/
content-type
application/x-javascript
x-passed
0bal1
content-length
0
PQ6xLLYnGGn.AikABlGNSdEfIA
an.yandex.ru/mapuid/getintentis/ Frame 0BB6
Redirect Chain
  • https://px.adhigh.net/p/cm/yandexssp
  • https://px.adhigh.net/p/cm/yandexssp?bounced=1
  • https://an.yandex.ru/mapuid/getintentis/PQ6xLLYnGGn.AikABlGNSdEfIA
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/getintentis/PQ6xLLYnGGn.AikABlGNSdEfIA
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 07:27:38 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:38 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
server
nginx
x-backend-id
f6-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
location
https://an.yandex.ru/mapuid/getintentis/PQ6xLLYnGGn.AikABlGNSdEfIA
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
y
rtb-eu-warsaw.intent.ai/um/ Frame 0BB6 		68 B
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-eu-warsaw.intent.ai/um/y
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
68
pragma
no-cache
last-modified
Sat, 27 Jan 2024 07:27:38 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1D10CmB%2BJmkUEQKRyFHJMD7cP27UJfeuuamCMgeLowv2kSV%2FHGNyvIAy%2BJII76N8NBu%2Fwy2jZ7x33%2Fso5kCoAididVbMJxFbfFOH0oqBZMCc3QAMTD0vVkJuCXOSxouwYLwWXBOJN06qAQa0Ghcz2Nf8pMhH"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
cf-ray
84bf4637aa161e3e-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Wed, 11 Nov 1998 11:11:11 GMT
9JrbPI0EQbl1xl64QLvU
an.yandex.ru/mapuid/kadamis/ Frame 0BB6
Redirect Chain
  • https://s.uuidksinc.net/match/501
  • https://an.yandex.ru/mapuid/kadamis/9JrbPI0EQbl1xl64QLvU
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/kadamis/9JrbPI0EQbl1xl64QLvU
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 07:27:37 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:37 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/kadamis/9JrbPI0EQbl1xl64QLvU
date
Sat, 27 Jan 2024 07:27:37 GMT
server
nginx/1.23.2
content-length
0
pixel
shopnetic.com/api/rtb/dmp/ Frame 0BB6
Redirect Chain
  • https://shopnetic.com/api/rtb/dmp/pixel?partner=yandex
  • https://shopnetic.com/api/rtb/dmp/pixel?partner=yandex&tc=1
43 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shopnetic.com/api/rtb/dmp/pixel?partner=yandex&tc=1
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
77.244.216.90 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS"
content-type
image/gif
cache-control
no-cache, private, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 03:00:00 MSK

Redirect headers

location
https://shopnetic.com/api/rtb/dmp/pixel?partner=yandex&tc=1
date
Sat, 27 Jan 2024 07:27:38 GMT
server
nginx
content-length
154
content-type
text/html
ab6ac913-f8eb-4f06-a556-7a2c38c96ba1
an.yandex.ru/mapuid/mtsdspis/ Frame 0BB6
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=yandex&id=map
  • https://vma.mts.ru/match/second?ssp=55
  • https://tech.rtb.mts.ru/?dsp_uid=ab6ac913-f8eb-4f06-a556-7a2c38c96ba1&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Fab6ac913-f8eb-4f06-a556-7a2c38c96ba1
  • https://an.yandex.ru/mapuid/mtsdspis/ab6ac913-f8eb-4f06-a556-7a2c38c96ba1
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/mtsdspis/ab6ac913-f8eb-4f06-a556-7a2c38c96ba1
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 07:27:38 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:38 GMT

Redirect headers

Date
Sat, 27 Jan 2024 07:27:38 GMT
Server
nginx/1.20.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://an.yandex.ru/mapuid/mtsdspis/ab6ac913-f8eb-4f06-a556-7a2c38c96ba1
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
data_sess_sync.php
sonar.semantiqo.com/fbfli/ Frame 0BB6
Redirect Chain
  • https://sonar.semantiqo.com/dmp/scr.php
  • https://counter.yadro.ru/id127/reff-id.gif?sid=2526f8e4e7234761b62174925dd5b117
  • https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=2526f8e4e7234761b62174925dd5b117
0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=2526f8e4e7234761b62174925dd5b117
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.109.217.95.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
mode
no-cors
server
nginx/1.20.1
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=2526f8e4e7234761b62174925dd5b117
Date
Sat, 27 Jan 2024 07:27:38 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Connection
keep-alive
Content-Length
364
Content-Type
text/html; charset=iso-8859-1
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 0BB6 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad15.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 07:27:38 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 0BB6 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad15.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 07:27:38 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
/
sync.bumlam.com/ Frame 0BB6 		43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=yandex
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sat, 27 Jan 2024 07:27:38 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
8c5f2a66-bce5-11ee-86e0-002590c0647c
an.yandex.ru/mapuid/adsniperis/ Frame 0BB6
Redirect Chain
  • https://sync.bumlam.com/?src=yandex2
  • https://sync.bumlam.com/?src=yandex2&s_data=CAIQARjq4NKtBqIBEIxfKma85RHuhuAAJZDAZHw*
  • https://an.yandex.ru/mapuid/adsniperis/8c5f2a66-bce5-11ee-86e0-002590c0647c
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/adsniperis/8c5f2a66-bce5-11ee-86e0-002590c0647c
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 07:27:38 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:38 GMT

Redirect headers

Date
Sat, 27 Jan 2024 07:27:38 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://an.yandex.ru/mapuid/adsniperis/8c5f2a66-bce5-11ee-86e0-002590c0647c
Access-Control-Allow-Origin
https://yastatic.net
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
yandexortb
sync.dmp.otm-r.com/match/ Frame 0BB6 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/yandexortb
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.65.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.68.65.201.138.clients.your-server.de
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 07:27:38 GMT
server
nginx/1.17.4
NTdmYWZiZWJkMjk3MTI0Mw
an.yandex.ru/mapuid/gonetisnew/ Frame 0BB6
Redirect Chain
  • https://sync.gonet-ads.com/match/yandex?id=[buyerUid]
  • https://sync.gonet-ads.com/match/yandex?id=%5BbuyerUid%5D&chk=1
  • https://an.yandex.ru/mapuid/gonetisnew/NTdmYWZiZWJkMjk3MTI0Mw
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/gonetisnew/NTdmYWZiZWJkMjk3MTI0Mw
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 07:27:38 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:38 GMT

Redirect headers

date
Sat, 27 Jan 2024 07:27:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
location
https://an.yandex.ru/mapuid/gonetisnew/NTdmYWZiZWJkMjk3MTI0Mw
content-length
0
x-xss-protection
1; mode=block
6af38137-bd50-492a-8ec2-97e81d22f434
an.yandex.ru/mapuid/upravelis/ Frame 0BB6
Redirect Chain
  • https://sync.upravel.com/yandex/sync
  • https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
  • https://an.yandex.ru/mapuid/upravelis/6af38137-bd50-492a-8ec2-97e81d22f434
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/upravelis/6af38137-bd50-492a-8ec2-97e81d22f434
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 07:27:38 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:38 GMT

Redirect headers

date
Sat, 27 Jan 2024 07:27:38 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://an.yandex.ru/mapuid/upravelis/6af38137-bd50-492a-8ec2-97e81d22f434
access-control-allow-origin
*
content-type
image/png
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
false
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
9zhSFbZCariCe2SR2l9xYg
an.yandex.ru/mapuid/dmpaidatame/ Frame 0BB6
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=YANDEX
  • https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
  • https://an.yandex.ru/mapuid/dmpaidatame/9zhSFbZCariCe2SR2l9xYg?sign=942918540
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpaidatame/9zhSFbZCariCe2SR2l9xYg?sign=942918540
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 07:27:38 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:38 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
last-modified
Sat, 27 Jan 2024 07:27:37 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://an.yandex.ru/mapuid/dmpaidatame/9zhSFbZCariCe2SR2l9xYg?sign=942918540
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Sat, 27 Jan 2024 07:27:37 GMT
mEyDtUoP5s__
an.yandex.ru/mapuid/dmpsegmento/ Frame 0BB6
Redirect Chain
  • https://yandex-dmp-sync.rutarget.ru/sync
  • https://an.yandex.ru/mapuid/dmpsegmento/mEyDtUoP5s__?sign=2346100225
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpsegmento/mEyDtUoP5s__?sign=2346100225
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 07:27:39 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:39 GMT

Redirect headers

Location
https://an.yandex.ru/mapuid/dmpsegmento/mEyDtUoP5s__?sign=2346100225
Date
Sat, 27 Jan 2024 07:27:39 GMT
Server
nginx
Connection
close
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
VOIuO_aGTLPo
an.yandex.ru/mapuid/rutargetis/ Frame 0BB6
Redirect Chain
  • https://yandex-sync.rutarget.ru/sync
  • https://an.yandex.ru/mapuid/rutargetis/VOIuO_aGTLPo
43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/rutargetis/VOIuO_aGTLPo
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 27 Jan 2024 07:27:39 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Jan 2024 07:27:39 GMT

Redirect headers

Location
https://an.yandex.ru/mapuid/rutargetis/VOIuO_aGTLPo
Date
Sat, 27 Jan 2024 07:27:39 GMT
Server
nginx
Connection
close
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 0BB6 		0
0
/
d.uuidksinc.net/match/216/ Frame 1C4F
Redirect Chain
  • https://fcgi4.gnezdo.ru/cookie_matching/kadam/9JrbPI0EQbl1xl64QLvU
  • https://fcgi4.gnezdo.ru/cookie_matching/kadam/9JrbPI0EQbl1xl64QLvU/?redirect=1
  • https://d.uuidksinc.net/match/216/?remote_uid=XV9maWW0sGqctaWjIHNQAg==
74 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.uuidksinc.net/match/216/?remote_uid=XV9maWW0sGqctaWjIHNQAg==
Requested by
Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol
H2
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uuidksinc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
server
nginx/1.23.2
content-length
74
content-type
image/png

Redirect headers

location
https://d.uuidksinc.net/match/216/?remote_uid=XV9maWW0sGqctaWjIHNQAg==
access-control-allow-origin
*
date
Sat, 27 Jan 2024 07:27:38 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
access-control-allow-methods
GET, POST, HEAD
smc
z.cdn.adtarget.me/ Frame 1C4F 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z.cdn.adtarget.me/smc?s=22&u=9JrbPI0EQbl1xl64QLvU
Requested by
Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
81.171.9.38 Renswoude, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uuidksinc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:28:51 GMT
server
nginx
/
d.uuidksinc.net/match/372/ Frame 1C4F
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44509&callback_url=https://d.uuidksinc.net/match/372/?remote_uid=${USER_ID}&cb_url=https://d.uuidksinc.net/match/354/?remote_uid=${USER_ID}&
  • https://ads.betweendigital.com/match?bidder_id=44509&callback_url=https://d.uuidksinc.net/match/372/?remote_uid=${USER_ID}&cb_url=https://d.uuidksinc.net/match/354/?remote_uid=${USER_ID}&&crf=1&rts...
  • https://d.uuidksinc.net/match/372/?remote_uid=95b0ce55-05a3-521b-8c0b-5c39e9bfec50
74 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.uuidksinc.net/match/372/?remote_uid=95b0ce55-05a3-521b-8c0b-5c39e9bfec50
Requested by
Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol
H2
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uuidksinc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
server
nginx/1.23.2
content-length
74
content-type
image/png

Redirect headers

location
https://d.uuidksinc.net/match/372/?remote_uid=95b0ce55-05a3-521b-8c0b-5c39e9bfec50
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
pixel.gif
dmpprof.com/matching/external/ Frame 1C4F 		43 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmpprof.com/matching/external/pixel.gif?sid=14&uid=9JrbPI0EQbl1xl64QLvU
Requested by
Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uuidksinc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
last-modified
Sat, 27 Jan 2024 07:27:38 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
image/gif
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
pixel.gif
dmpprof.com/matching/external/ Frame 1C4F 		43 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmpprof.com/matching/external/pixel.gif?sid=16&uid=9JrbPI0EQbl1xl64QLvU
Requested by
Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uuidksinc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
last-modified
Sat, 27 Jan 2024 07:27:38 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
image/gif
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
match
dm-eu.hybrid.ai/ Frame 1C4F 		0
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm-eu.hybrid.ai/match?id=158&vid=9JrbPI0EQbl1xl64QLvU
Requested by
Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.230.131.21 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uuidksinc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:37 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
https://uuidksinc.net
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
557
x-xss-protection
1; mode=block
expires
-1
/
d.uuidksinc.net/match/444/ Frame 1C4F
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https://d.uuidksinc.net/match/444/?remote_uid=${UUID}
  • https://d.uuidksinc.net/match/444/?remote_uid=81b38011-4bf3-4b22-6193-f088ab89c35b
74 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.uuidksinc.net/match/444/?remote_uid=81b38011-4bf3-4b22-6193-f088ab89c35b
Requested by
Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol
H2
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uuidksinc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:37 GMT
server
nginx/1.23.2
content-length
74
content-type
image/png

Redirect headers

location
https://d.uuidksinc.net/match/444/?remote_uid=81b38011-4bf3-4b22-6193-f088ab89c35b
date
Sat, 27 Jan 2024 07:27:39 GMT
server
nginx
content-length
117
serverid
TODO
content-type
text/html; charset=utf-8
/
d.uuidksinc.net/match/493/ Frame 1C4F
Redirect Chain
  • https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/9JrbPI0EQbl1xl64QLvU
  • https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/9JrbPI0EQbl1xl64QLvU/?redirect=1
  • https://d.uuidksinc.net/match/493/?remote_uid=XV9maWW0sGqctaWjIHNQAg==
74 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.uuidksinc.net/match/493/?remote_uid=XV9maWW0sGqctaWjIHNQAg==
Requested by
Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol
H2
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uuidksinc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
server
nginx/1.23.2
content-length
74
content-type
image/png

Redirect headers

location
https://d.uuidksinc.net/match/493/?remote_uid=XV9maWW0sGqctaWjIHNQAg==
access-control-allow-origin
*
date
Sat, 27 Jan 2024 07:27:38 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
access-control-allow-methods
GET, POST, HEAD
counter2
top-fwz1.mail.ru/ Frame 1C4F
Redirect Chain
  • https://sync.adspend.space/kadam?uid=9JrbPI0EQbl1xl64QLvU
  • https://sync.adspend.space/check?r=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3De4c713ec-90bc-436b-88bf-0d0097e74882%26i%3D7889460698039615923%26r%3Dhttps%253A%252F%252Fprod...
  • https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=e4c713ec-90bc-436b-88bf-0d0097e74882&i=7889460698039615923&r=https%3A%2F%2Fprodmp.ru%2Fadspend-sync.gif%3Fdsp_provider_id%3D2%26uid%3De4c713ec-90bc-43...
  • https://prodmp.ru/adspend-sync.gif?dsp_provider_id=2&uid=e4c713ec-90bc-436b-88bf-0d0097e74882&r=
  • https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=e4c713ec-90bc-436b-88bf-0d0097e74882&r=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3De4c713ec-90bc-436b-88bf-0d0097e74882...
  • https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=e4c713ec-90bc-436b-88bf-0d0097e74882&i=1706340458368&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpmediadesk%2Fe4c713ec-90bc-436b-88bf-0d0097e74882%3Fsig...
  • https://an.yandex.ru/mapuid/dmpmediadesk/e4c713ec-90bc-436b-88bf-0d0097e74882?sign=6384d5a9&location=https%3A%2F%2F1010--1501445047--e4c713ec-90bc-436b-88bf-0d0097e74882.stbid.ru%2F%3Fr%3Dhttps%252...
  • https://1010--1501445047--e4c713ec-90bc-436b-88bf-0d0097e74882.stbid.ru/?r=https%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228
  • https://top-fwz1.mail.ru/counter?id=3138228
  • https://top-fwz1.mail.ru/counter2?id=3138228
43 B
962 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter2?id=3138228
Requested by
Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol
H2
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uuidksinc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:40 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

date
Sat, 27 Jan 2024 07:27:40 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
0
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime
86400
location
https://top-fwz1.mail.ru/counter2?id=3138228
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
i
dmg.digitaltarget.ru/awg/custom/6573/i/ Frame 1C4F
Redirect Chain
  • https://dmg.digitaltarget.ru/1/6573/i/i?a=662&e=9JrbPI0EQbl1xl64QLvU&i=0.5555328506276491
  • https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1706340458030&a=662&e=9JrbPI0EQbl1xl64QLvU&i=0.5555328506276491
49 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1706340458030&a=662&e=9JrbPI0EQbl1xl64QLvU&i=0.5555328506276491
Requested by
Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol
HTTP/1.1
Server
185.15.175.130 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uuidksinc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 07:27:38 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Server
nginx
X-Permitted-Cross-Domain-Policies
master-only
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
49
X-XSS-Protection
1; mode=block

Redirect headers

Date
Sat, 27 Jan 2024 07:27:38 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Server
nginx
X-Permitted-Cross-Domain-Policies
master-only
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Location
https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1706340458030&a=662&e=9JrbPI0EQbl1xl64QLvU&i=0.5555328506276491
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
csi
csi.gstatic.com/ Frame 399B 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&puid=1~lrvr1vof&c=6006080755292&slotId=3003040377646&qqid=COXXzMaF_YMDFeuGgwcdomYAUg&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:809::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 399B 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:31:16 GMT
x-content-type-options
nosniff
age
287781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:31:16 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 399B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:28:30 GMT
x-content-type-options
nosniff
age
287947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:28:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 399B 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C1UphabC0ZaX_E-uNjuwPos2BkAW2zbjTcvi_05zKEYr9oITDARABII6g0GVglbKVgqQHoAH59-vHKMgBBakCZ9RZb1k1sj6oAwHIA5sEqgT2AU_Qx8eHIttnPwxpG4J-DALr7DXA0J8DCHPC-27zoE9CKVCCw0fZBJTxfjLOE0ZCWWYgG7JLg2rx3ZNjp2NL04HBznGtaAiIjT1_S8NI9PcOookIzKRc9b8N607f2wPwC-oYyJTWrNscuMdvUlcX3wSu20NOe9o7l9xsVjjvbiy2ZQlYK0Qor1v0nG21IAgtQz_VTHro9TCuIi7kr9hFY1l1qG3KR_YvgUDZQFuANDvW3X7Itt9MhiasUZ7FpJFBpWeg1dZc8iCEsgr5gmreJQi6f1pNWQhMrSzb2hl7imHmNsvWwElGf5hpp2zdgxe_ROSlBaHxc8AEuMbhn7sE4AQDiAWEmLitTJAGAaAGeYAH-a-8pwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljWuszGhf2DA4AKAcgLAeALAYAMAaoNAkRFsBOS1OgV0BMA2BMKiBQB2BQB0BUB-BYBgBcB6BcBshgFGHkiAQA&eventType=clickstring&clientTime=1706340457895&ai=C1UphabC0ZaX_E-uNjuwPos2BkAW2zbjTcvi_05zKEYr9oITDARABII6g0GVglbKVgqQHoAH59-vHKMgBBakCZ9RZb1k1sj6oAwHIA5sEqgT2AU_Qx8eHIttnPwxpG4J-DALr7DXA0J8DCHPC-27zoE9CKVCCw0fZBJTxfjLOE0ZCWWYgG7JLg2rx3ZNjp2NL04HBznGtaAiIjT1_S8NI9PcOookIzKRc9b8N607f2wPwC-oYyJTWrNscuMdvUlcX3wSu20NOe9o7l9xsVjjvbiy2ZQlYK0Qor1v0nG21IAgtQz_VTHro9TCuIi7kr9hFY1l1qG3KR_YvgUDZQFuANDvW3X7Itt9MhiasUZ7FpJFBpWeg1dZc8iCEsgr5gmreJQi6f1pNWQhMrSzb2hl7imHmNsvWwElGf5hpp2zdgxe_ROSlBaHxc8AEuMbhn7sE4AQDiAWEmLitTJAGAaAGeYAH-a-8pwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljWuszGhf2DA4AKAcgLAeALAYAMAaoNAkRFsBOS1OgV0BMA2BMKiBQB2BQB0BUB-BYBgBcB6BcBshgFGHkiAQA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4622439471653545&output=html&h=280&slotname=3547231412&adk=3563481279&adf=3642323547&pi=t.ma~as.3547231412&w=1040&fwrn=4&fwrnh=100&lmt=1706340457&rafmt=1&format=1040x280&url=http%3A%2F%2Fdownload-tlgm.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1706340456996&bpp=3&bdt=517&idt=298&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&correlator=2048886132120&frm=20&pv=2&ga_vid=969955348.1706340457&ga_sid=1706340457&ga_hid=886679608&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080589%2C95321627%2C95322165%2C95323006&oid=2&pvsid=199225707555881&tmod=2064311856&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 399B 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&puid=2~lrvr1voo&c=6006080755292&slotId=3003040377646&qqid=COXXzMaF_YMDFeuGgwcdomYAUg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.gr&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:809::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 399B 		24 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-B2OmQO0LO2orYH9GphJYN8L6AtVzRJVRFi2hv-GmS3wLDn3kSpWsT4B24bfSLxyvyxmTcl21Em3bHsirO84En1lgexmQ&cry=1&dbm_d=AKAmf-A3eQjLm_cR8demFXRzBQUVNvn7BOEAfZqr9NR8Cnf2Z5Ju8XQE8DNTlwaI5U4HFSBRXjxldiRUR_njXGFy6jHuKOAY_uuS2XxCfFD5F-5kGVOh_jQ8GT4FXYGKFfYnmgeKKit4LMkqTNIm50La-vO8Me9QltH2tdUSg5q5t-z0Rh7L48rars6Y9HXTu4zQaGOUIR7z4P79iE_Nj5LIUSGrwXFtIPG_2QxcNWFS_OQfEyiTWPBPdeZLUTM5o_ODFnAgERtwfbLuswJXOu_VvEiVE3p_W7LQ_7tRlE1EL65iUR2M6ZAHIhhZc3MSc92E1pdowwHtEg78PPBc2KbaSjNiI1Y_ACKQfXHVmNVocOR41p-3spsR2K7KW_n74sDmPdbS36s5szBYmotHXE_w7qLiwCBAhxOmY7bkQRDWUVZq0olSLm4wJAdRqliC8oDz_BasXha1uor_PT8-FOXXs68L1__y-4WDP7nAkWW4wuSSEZatriYNYKZ9pwnNt0M57G7AozL6XXQqtPUilZh0OVZV9a7dov8ZPgWnGW8vbirIqYT-CZSKDUI_XVCGP1e-oVuwntmWB67E7GkvXyFj7mDFls8M5wkabDCHCCCTBu5mzrbAEMP_jHp3tctzJTp63lAW2VF00YPUYoKfJQCatgQ6Q_45_EZGQPfdoZG8efu37uW5peKf15SI5_pX3q2n-sTgMDMxmmRmmfM4Q_g3zWlqF6-Mgz5_5UxTeiVR5jJCe1XbWv2t7hRUoutfljk5YGJGy36AzNrWs305ou7EmjBogCq_9SvZdeh80qcxnxN5Y8VbCSRkagjmtw6BZeAcDEzUXoCC9JPiRO_ObN3ZOFbknUGpo0AJz1HUeEyMm41tkfmmwqEYMokVcUztJp9vLv9vOFcQlRAcsNLXLa08AWDiP4DlxJ_lmHgah48NTZIbkZLCWiw85nho4-RmsQCb4zF-aGG0-e9H2hKCGmri75nXNHK_9IUEUH40Hg7AupDG_pQchVw60-kMu0fj8qvfQRDuPDNITZqlIXOHPY5-3HLidDMUuhFuY-2zawHHCm-XbazHMRpxHbrFA5E4U4a0j6ef1Z4PQj9wVkQxQuGVKvA1BMyYcrNJ-W4MffUccrUOhYvMtlYezaUMhvs-HIjZfntjsD0ylol1az8sDbyPh0oSdZ082-iHJ0uY1YImIs0ltq7fu-zTZRt81gBPFx3RWJILxKSoa7m1kw_-Av7QA2hkxN56hgU8fjGXrRhKZN0MYjNMi9Z8ANH-OptF14mkKW_KZtyRlMWZ4p8i1Jma2RADApDwxaF_pCYxqlRPNuRIp7f_aBCdyo0c1hFD4Diky4-ZpGSFZJ9KlyjyV3XmG5Os2sW6Pw-8N8yxVzawzafkp_n2yj5ZElWgezYBgyVlwABFPdgBiZOE3NypsZGUZSvPctWmZRZzmSVkwrKflq6Jn1r43Jtuml_E1y4gciOUJBIHtoE1p07LE4nx6muojYgkS8LKKOJf_vKj83qRy6xHYaN5WpJOgnPHUWMoMSbz_hwZBMQ2mv7IDIce6yAlQcGA34B-7xEJa2Jb6Glpgq1dt_Z7ppu-w9biqA3lzZ4IoYIz4v_StVm4EdTsE8N-YpuDDQrhby0b6szalINUolEKMS7nC7mfNtyVZ4h8P_tvU1137xJN8GfS_fneeHx45c6qSWTrsnrV--B2MotRru043OfUmDLiSzauB-1I5loW8bGQYWEJNDtD_KOD0aHz5IFMexUlpXfj_FjhkVk6gHIgUfGUInZhAABo9ZOmgWmhBzQdyGys2E7KTZ5xChWbEujWLteWSivMOcH-p2-dOsSybBddbL9NDhdX8ZeimImuMShV9fvz85y9HzQIg6gL5sXYqQWKldz-Os6yeSbt2uP8-DIlyCT1ICMX1Qe4wB9IyIeSEsENHU2-JTWBZsZIFAGmEB53Url2a7fNy9CSbBhsjfmxSr_swHLtkgWw4NhwAHEUzieenrugeT9mnOpbICzX0FPt9GUsJ-GyUDu6xeZtCtBxcG-pw-T07WaRufSV9LFixgzVzsIsO2MYvXm-bCMfs1TgHilI_SImWFogK9VmBG120UzP9BStnoG_exN4O_biqQLoz5eeOEkglFb-EZlYAp0ZWqiKxRbcRTG73UyfCkoMn33Yej3bV7YhEhtd7Y8TOKG9oY5D4AWu4AGKbgIIdSqGDgz8FsZt8Pwe_nL8KW1dFb3Rfpz6j3Wb0rqskOYhWvamGIxeRNOVIp7frnUXRwCqOb7yDZSVDik8WQX8VQq8Fhl_FwKpFC96R5e32aP0IntjhKhI5syZA5FJuYam6k1hID26ZHIQlEJ4B9YMvxHJM4YQ4qUUnFDxtv4NUKez73pn11IbE_IrKCeRxxd71sI-SAcPqC3ClXYQKPKAc2KqLqaxcsjXFDpS4nzO7pZxO6Az_aLAlCUhQZXW12eEWVG-fnT4ue6QEi1KjPCxGwcCr0Syt4iTXia-q7SLsGWTT4L0LierQ9khR3fsUB6Yxqcw4MzkxF75hGaa8WMTHHp48tV864XRFtNFWUFMyTRJ5VrhIgjgtt6HWU1H7h7G1UOqS5AIH8ooSpNadh9uXlhPyNWdqpZjk42Uf9kjabXDvyf7jE8-uWdP4gtD0cRLPj_IQIRJD2iqVwKfFa7ykqjwmsaIaYil81NC0Sw92YcQpfRs9hl1_oxk18gCh8hq15tSkwKBwc8pd0tHlOAPPM2zRhXc-Or2gk90cqhhehff2ySDoAy02sLwMpprwSFGy_GXsbbwBfitrlmKtaAxdYMxziiqJ4L5L3uey5KnfRmKARccgrKXVuRDZ0k3VN2Gp_CFUqLgrke1-zEuou_h93PMCIlL8cbsj0Zo5ido0R8O9_obVvUUcnRwsCsbyi3qglL8ahnOEk3f6YBREHYBsqXJTT--JN4eRZOmLlyUpBWujW0TaOio1-KKFyxYZ1yO1vJWkUpeo6X3igYjElG7h9tpd2OjwhFte4OrB-cDZeVF28Ult20xB6sjARr4Ss-o9fgy0rQak1PLrpRaE5wsz2IqwQXMD78FXtGOB6uqPV2GB80dElqrfGTsrYe-SJYPcM-KVbrw9LVYsz6WRd2orJLwZ0PQiov-eCY36oVzBc6EY0NK24A2KuA2Xwjah8NvAlOWRPXvpOK0RbB8ZXRyMXZK_ZlMeIBObAh-8yy1tYTCHCbHjpZpjf9Hf-T9flSDtOkJ4YjsYl6etO95Pag29ujEUBE2ZDNc4W4diq1DRNAW_dtGrN-DlQ9cmgfjmnoPP0fWUXL2qqQt6PXnMmfz-jxMxeYvGe2p7Eh3uYd1iEJdJo8dBFaQuvVbN23OimqXM0Chl_-HRPQ2JGFrUQbiaV4sv29VDy6fT1lG8HrWZ42cduwDZBUandDaQawKsKXtHjUcEG0OmemZuelpwXJ_LFOe-toBX6zqTPw5d8uNLsAZk5NhdOMQeSaveMVTOGvKIRuQTt0RJlPZOoqIDmjRMxT867FxsbrbMqhsUf_sNw_WrSZNQST2JjWETYqJ3pmaD8VGpjMfaFZwWhJnvwYW4ZJlrie4pdS5nwopI77Wyipt_4dJsnCOAt6P_dl9MRzj7Qr_YnOyzXj3JCyqSdCx1qBB2TDG1reI9cJSHRtdb5x1m-mVvAJyia0raVUCadfsgNsk54wjzC20v_-5sQReUYIGrDEzEFDQMFdYL6g1D4l27WaKwIlBWakE12r13EF1H5qgAyl75-pmckqB9EeDG4u8MdPJT3Sxt7cRQHnRsVdawmuhuhINdcieyuTT0rUJx6ZDvIOXEyuTt5Wd8mPoVgNxNXog88vZzpBf8z6QviqpoVtAVINgv3lLFMyqUVlu_efdlOeqHxFXU5OhVoGdJIxSpr9SxTXaQVdjJ_fqvbxuMm5KrOO9Vb0ReeK8THT2CO7P0Yr5qY9q1EG7ccH02JwC6Pw&cid=CAQSTwAvHhf_55tBSbMUZ5F08YKCIVD08OooenRcsvWMmAs3IMBIUYhJEmWzWPQumQTkw8Y3ZypUw7GqOATW_NFt1VHJqV1InZgcWBGgbic6AwsYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f156.1e100.net
Software
cafe /
Resource Hash
08455a24bb70bcd7185baefe33eaf607c5e727e24e435e336c47c8c80db7eb86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15950
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 399B 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0439b6189a66a1ee37ad12e825c93134b62c5840c592dc85665ca4cc1fb089b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 399B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CXg38abC0ZaX_E-uNjuwPos2BkAW2zbjTcvi_05zKEYr9oITDARABII6g0GVglbKVgqQHoAH59-vHKMgBBakCZ9RZb1k1sj6oAwGqBPMBT9DHx4ci22c_DGkbgn4MAuvsNcDQnwMIc8L7bvOgT0IpUILDR9kElPF-Ms4TRkJZZiAbskuDavHdk2OnY0vTgcHOca1oCIiNPX9Lw0j09w6iiQjMpFz1vw3rTt_bA_AL6hjIlNas2xy4x29SVxffBK7bQ0572juX3GxWOO9uLLZlCVgrRCivW_ScbbUgCC1DP9VMeuj1MK4iLuSv2EVjWXWobcpH9i-BQNlAW4A0O9bdfsju3tZztT4XDFkuEgMC5PRmSUR6v_FSsPNh-JIBAhl1c1W8zu6nz0M1N1WS6U-x01592WtTgPcY958kYXwffv5-wAS4xuGfuwTgBAOIBYSYuK1MkgUGCBsQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ5gAf5r7ynA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKEI-oJBi31qj2AdIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY1rrMxoX9gwOACgHICwGwE5LU6BXIE__tuOMD0BMA2BMKiBQB2BQB0BUBgBcBshccChoIABIUcHViLTQ2MjI0Mzk0NzE2NTM1NDUYAOgXAbIYBRh5IgEA&sigh=puZPK1pOZWM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_55tBSbMUZ5F08YKCIVD08OooenRcsvWMmAs3IMBIUYhJEmWzWPQumQTkw8Y3ZypUw7GqOATW_NFt1VHJqV1InZgcWBGgbic6AwsYAQ&vt=10&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4622439471653545&output=html&h=280&slotname=3547231412&adk=3563481279&adf=3642323547&pi=t.ma~as.3547231412&w=1040&fwrn=4&fwrnh=100&lmt=1706340457&rafmt=1&format=1040x280&url=http%3A%2F%2Fdownload-tlgm.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1706340456996&bpp=3&bdt=517&idt=298&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&correlator=2048886132120&frm=20&pv=2&ga_vid=969955348.1706340457&ga_sid=1706340457&ga_hid=886679608&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080589%2C95321627%2C95322165%2C95323006&oid=2&pvsid=199225707555881&tmod=2064311856&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=305
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4622439471653545&output=html&h=280&slotname=3547231412&adk=3563481279&adf=3642323547&pi=t.ma~as.3547231412&w=1040&fwrn=4&fwrnh=100&lmt=1706340457&rafmt=1&format=1040x280&url=http%3A%2F%2Fdownload-tlgm.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1706340456996&bpp=3&bdt=517&idt=298&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&correlator=2048886132120&frm=20&pv=2&ga_vid=969955348.1706340457&ga_sid=1706340457&ga_hid=886679608&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080589%2C95321627%2C95322165%2C95323006&oid=2&pvsid=199225707555881&tmod=2064311856&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=305
Attribution-Reporting-Eligible
event-source
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 27 Jan 2024 07:27:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 27 Jan 2024 07:27:37 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 3A95 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4622439471653545&plah=download-tlgm.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://download-tlgm.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
70067
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 11:59:51 GMT
etag
3890843268177463596
expires
Fri, 09 Feb 2024 11:59:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 74BE 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4622439471653545&plah=download-tlgm.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://download-tlgm.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
70067
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 11:59:51 GMT
etag
3890843268177463596
expires
Fri, 09 Feb 2024 11:59:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 51A4 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4622439471653545&plah=download-tlgm.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://download-tlgm.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
70067
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 11:59:51 GMT
etag
3890843268177463596
expires
Fri, 09 Feb 2024 11:59:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 83DD 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4622439471653545&plah=download-tlgm.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://download-tlgm.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
70067
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 11:59:51 GMT
etag
3890843268177463596
expires
Fri, 09 Feb 2024 11:59:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 3A95 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 05:35:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Jan 2024 07:27:38 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3A95 		205 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:30:04 GMT
x-content-type-options
nosniff
age
28654
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 25 Jan 2025 23:30:04 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3A95 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:43:34 GMT
x-content-type-options
nosniff
age
287044
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 22 Jan 2025 23:43:34 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 3A95 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:35:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
28333
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6870
x-xss-protection
0
server
cafe
etag
16407976921096022632
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 23:35:25 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 3A95 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:31:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
28582
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9462
x-xss-protection
0
server
cafe
etag
4236850132385514013
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 23:31:16 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame CF3B 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmL35xgEwAQ&v=APEucNWfGe3sTruwSC2ffgnwj8l7ylronGvGYlWa9zONUtnfbNDuSCCDkxr2ZBh8fbEOFWKecvBCxtYionkcfLP7PsM6Z9ngEBMKZFpflie50R7tP6iodMKHJn7JESuVWmBczLQvuFjdEJqzRM2YA6xupa2ZVvm-3dUO9ztwMmbFoee5ia1f2Q0
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 07:27:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame EA88 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 07:27:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame EA88 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:08:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
37155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 21:08:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame EA88 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
27941
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 23:41:57 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame EA88 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 07:27:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA88 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BEVCTaiCc60Y3w48Ug5SRAODwe7FXfrPFal3ccieRJ-3T0qBUwK5OygN5_H69cgMBA9ZWYL1fVy6o8wgCRXBqiObaM48UGfXZfOrfjca4XF3oayOA
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C233 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmL35xgEwAQ&v=APEucNXG6_gjBpsgHj0DlUk63a6I5amkp3wfQPI2VfV5mZZ_9op9yTM_ASeC6di1HFzB8vtPLy8mK2tIqMO6DNBAaFuJCmYF1g76veqaHQR_evnvgZp72dcEg8NLcWONso0xrTMdMl_TCItRWJhGnhNh9bFkPnnG4g2ewL1qAjefhFXmvoo7kvc
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 07:27:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 8C36 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 07:27:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8C36 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:08:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
37155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 21:08:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8C36 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
27941
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 23:41:57 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8C36 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 07:27:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C36 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DuGYS1ZQNNDMXH4EOOZXIo7ckaS5kuulHR8bfuFtSe1zKhtuphR13IVPcRryNJV3skFuzYEubiOF5VvxE0xLjKsRAt0JwiFwCuNcuCKL8pWm7EOzY
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3D66 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYtuz4xgEwAQ&v=APEucNVpviiETOvV1r0eBB8PB1PizgNgaNN0_N_YJ_HH6lMIVxzwVYviNC8RG5RJfmcsZhdI5qFXr_nZsoz_3Tr1OAzWMVzQnq507tynxKOyS0635FaHs3zUXyHxhjNxE_rZ0cxaXpx_5zA7BoHY7ppsbBey-wKyESodgnQFEINZPyoCZIVWXl0
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 07:27:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 6928 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 07:27:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 6928 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:08:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
37155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 21:08:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 6928 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
27941
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 23:41:57 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6928 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 07:27:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6928 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AGRAzdu4JibLC32pC4eHjaKVJ7VL47esMwfAz4uvZpB82IuKzx8dRSezvsIdF7OhKT64V5QJob-8kfG5mKPNh_BohPVALOnSVHengBWQU_T2svKUw
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 399B 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&puid=3~lrvr1vp0&c=6006080755292&slotId=3003040377646&qqid=COXXzMaF_YMDFeuGgwcdomYAUg&fb=outstream-lima&vast_v=2.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:809::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/serving/videoad/ Frame 399B 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/videoad/?bn=67886237&v=2&ord=[timestamp]
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e9bdf3db7d32981e6d6d0c8652e88ebdf942fb4da096d5cb3a12f9c890ace4cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
private
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
1631
css
fonts.googleapis.com/ Frame 6F52 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 07:10:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Jan 2024 07:27:38 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 6F52 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 11:54:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
70401
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 11:54:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 6F52 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 11:54:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
70401
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 11:54:17 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 81B2 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2958
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 06:38:20 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 6F52 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:08:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
37155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 21:08:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 6F52 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
27941
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 23:41:57 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6F52 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 07:27:38 GMT
ddb466d8785cb75acd721f17b1b8dd87.js
www.gstatic.com/mysidia/ Frame 6F52 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 16:24:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140587
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15487
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 03:17:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 24 Apr 2024 16:24:31 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 81B2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 07:27:38 GMT
expires
Sat, 27 Jan 2024 07:27:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 07:27:38 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame CF3B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJqJ4WDBgkxf_A8MNdXspOU&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJqJ4WDBgkxf_A8MNdXspOU&google_cver=1&C=1
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJqJ4WDBgkxf_A8MNdXspOU&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmL35xgEwAQ&v=APEucNWfGe3sTruwSC2ffgnwj8l7ylronGvGYlWa9zONUtnfbNDuSCCDkxr2ZBh8fbEOFWKecvBCxtYionkcfLP7PsM6Z9ngEBMKZFpflie50R7tP6iodMKHJn7JESuVWmBczLQvuFjdEJqzRM2YA6xupa2ZVvm-3dUO9ztwMmbFoee5ia1f2Q0
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bUlUTIkbY41DwShxY%2F7TURNJ6KMNDKUkaljcq9chmcYIB10WhoWSDodFgk6rONSQlvvVLIck0VpQJynbOiwRL7irfSET%2B%2FAJFEn3XsDKRArQC2dcsp4b%2BvR7YY40IL%2BEwkPnToVJrOaDRA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84bf46381cff5902-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAc8DILyolrZnfW74DxwAeCrNLcX497WLnt%2FGX0XpZRNOseSIpZrsapZ22ocgeRCAKNpIxQhOKGdbxRiNjuLiVtlpAYRZWorkiMuIK8UhrDtvzXtxmKl568q4O6ny1kXUVQGfBpevdfA6w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEJqJ4WDBgkxf_A8MNdXspOU&google_cver=1&C=1
cache-control
no-cache
cf-ray
84bf4637ac085902-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame CF3B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbSwasdTc1cRAu45FzilOwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJqJ4WDBgkxf_A8MNdXspOU&google_cver=1
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJqJ4WDBgkxf_A8MNdXspOU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmL35xgEwAQ&v=APEucNWfGe3sTruwSC2ffgnwj8l7ylronGvGYlWa9zONUtnfbNDuSCCDkxr2ZBh8fbEOFWKecvBCxtYionkcfLP7PsM6Z9ngEBMKZFpflie50R7tP6iodMKHJn7JESuVWmBczLQvuFjdEJqzRM2YA6xupa2ZVvm-3dUO9ztwMmbFoee5ia1f2Q0
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RepAgMGCjKCT8tdMW5s10aEJMftovJ982pb%2FN%2BwYZcP4PspZcSZ7h1IannbJpVLNrZCpykjY3XuwrX9LPbEufaPnoskjYrysvLINJ2Wrdxn5bhzxm0mS5os6zWuBcA%2B89se5vcrCjfLeQA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84bf4638b8bd44f8-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJqJ4WDBgkxf_A8MNdXspOU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame CF3B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFTzbeKSOoCU-JIZ_WGN2ZU&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFTzbeKSOoCU-JIZ_WGN2ZU%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFTzbeKSOoCU-JIZ_WGN2ZU%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmL35xgEwAQ&v=APEucNWfGe3sTruwSC2ffgnwj8l7ylronGvGYlWa9zONUtnfbNDuSCCDkxr2ZBh8fbEOFWKecvBCxtYionkcfLP7PsM6Z9ngEBMKZFpflie50R7tP6iodMKHJn7JESuVWmBczLQvuFjdEJqzRM2YA6xupa2ZVvm-3dUO9ztwMmbFoee5ia1f2Q0
Protocol
H2
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
an-x-request-uuid
c4b72d15-5fb3-450f-a04e-178ed4e760e9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
84.19.175.184; 84.19.175.184; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
an-x-request-uuid
54bfa466-31d2-4f08-96c0-6cc616ca76ba
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFTzbeKSOoCU-JIZ_WGN2ZU%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
84.19.175.184; 84.19.175.184; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CF3B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg0MjU4NzMyNjc2NzQzMjc3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg0MjU4NzMyNjc2NzQzMjc3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmL35xgEwAQ&v=APEucNWfGe3sTruwSC2ffgnwj8l7ylronGvGYlWa9zONUtnfbNDuSCCDkxr2ZBh8fbEOFWKecvBCxtYionkcfLP7PsM6Z9ngEBMKZFpflie50R7tP6iodMKHJn7JESuVWmBczLQvuFjdEJqzRM2YA6xupa2ZVvm-3dUO9ztwMmbFoee5ia1f2Q0
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
an-x-request-uuid
92ff6d86-7ca6-4f09-9031-0bbb7f97f2c0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg0MjU4NzMyNjc2NzQzMjc3
x-proxy-origin
84.19.175.184; 84.19.175.184; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C233
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE3-7_ijH032HwN30dyF-lw&google_cver=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE3-7_ijH032HwN30dyF-lw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmL35xgEwAQ&v=APEucNXG6_gjBpsgHj0DlUk63a6I5amkp3wfQPI2VfV5mZZ_9op9yTM_ASeC6di1HFzB8vtPLy8mK2tIqMO6DNBAaFuJCmYF1g76veqaHQR_evnvgZp72dcEg8NLcWONso0xrTMdMl_TCItRWJhGnhNh9bFkPnnG4g2ewL1qAjefhFXmvoo7kvc
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE3-7_ijH032HwN30dyF-lw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame C233 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmL35xgEwAQ&v=APEucNXG6_gjBpsgHj0DlUk63a6I5amkp3wfQPI2VfV5mZZ_9op9yTM_ASeC6di1HFzB8vtPLy8mK2tIqMO6DNBAaFuJCmYF1g76veqaHQR_evnvgZp72dcEg8NLcWONso0xrTMdMl_TCItRWJhGnhNh9bFkPnnG4g2ewL1qAjefhFXmvoo7kvc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame C233
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEH74jO75R9i60Z5KqVrxpE8&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEH74jO75R9i60Z5KqVrxpE8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmL35xgEwAQ&v=APEucNXG6_gjBpsgHj0DlUk63a6I5amkp3wfQPI2VfV5mZZ_9op9yTM_ASeC6di1HFzB8vtPLy8mK2tIqMO6DNBAaFuJCmYF1g76veqaHQR_evnvgZp72dcEg8NLcWONso0xrTMdMl_TCItRWJhGnhNh9bFkPnnG4g2ewL1qAjefhFXmvoo7kvc
Protocol
H2
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 27 Jan 2024 07:27:38 GMT
pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEH74jO75R9i60Z5KqVrxpE8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame C233 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmL35xgEwAQ&v=APEucNXG6_gjBpsgHj0DlUk63a6I5amkp3wfQPI2VfV5mZZ_9op9yTM_ASeC6di1HFzB8vtPLy8mK2tIqMO6DNBAaFuJCmYF1g76veqaHQR_evnvgZp72dcEg8NLcWONso0xrTMdMl_TCItRWJhGnhNh9bFkPnnG4g2ewL1qAjefhFXmvoo7kvc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 27 Jan 2024 07:27:38 GMT
pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 3D66
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE3-7_ijH032HwN30dyF-lw&google_cver=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE3-7_ijH032HwN30dyF-lw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYtuz4xgEwAQ&v=APEucNVpviiETOvV1r0eBB8PB1PizgNgaNN0_N_YJ_HH6lMIVxzwVYviNC8RG5RJfmcsZhdI5qFXr_nZsoz_3Tr1OAzWMVzQnq507tynxKOyS0635FaHs3zUXyHxhjNxE_rZ0cxaXpx_5zA7BoHY7ppsbBey-wKyESodgnQFEINZPyoCZIVWXl0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE3-7_ijH032HwN30dyF-lw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 3D66 		43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYtuz4xgEwAQ&v=APEucNVpviiETOvV1r0eBB8PB1PizgNgaNN0_N_YJ_HH6lMIVxzwVYviNC8RG5RJfmcsZhdI5qFXr_nZsoz_3Tr1OAzWMVzQnq507tynxKOyS0635FaHs3zUXyHxhjNxE_rZ0cxaXpx_5zA7BoHY7ppsbBey-wKyESodgnQFEINZPyoCZIVWXl0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 3D66
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEH74jO75R9i60Z5KqVrxpE8&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEH74jO75R9i60Z5KqVrxpE8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYtuz4xgEwAQ&v=APEucNVpviiETOvV1r0eBB8PB1PizgNgaNN0_N_YJ_HH6lMIVxzwVYviNC8RG5RJfmcsZhdI5qFXr_nZsoz_3Tr1OAzWMVzQnq507tynxKOyS0635FaHs3zUXyHxhjNxE_rZ0cxaXpx_5zA7BoHY7ppsbBey-wKyESodgnQFEINZPyoCZIVWXl0
Protocol
H2
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 27 Jan 2024 07:27:38 GMT
pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEH74jO75R9i60Z5KqVrxpE8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 3D66 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYtuz4xgEwAQ&v=APEucNVpviiETOvV1r0eBB8PB1PizgNgaNN0_N_YJ_HH6lMIVxzwVYviNC8RG5RJfmcsZhdI5qFXr_nZsoz_3Tr1OAzWMVzQnq507tynxKOyS0635FaHs3zUXyHxhjNxE_rZ0cxaXpx_5zA7BoHY7ppsbBey-wKyESodgnQFEINZPyoCZIVWXl0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 27 Jan 2024 07:27:38 GMT
pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA88 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9613667889828&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA88 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9613667889828&version=m202309260101&ct=76&x=1&cor=15080808816739363000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame EA88 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B2fgPERKLvAYrxc2OxmRcvK_nNfoNoj7wWv7d8QWodFnGb19mbtff6nATuGuY2M6wT9sSgBkG1amcxzh-81_7n8N87vXbdNfWq3VMa80z7tMECxXJm_xNlbM53syyEhYHhSJWhtOJP2ePBYOS0cm4YcnP5B2qrWvHUNYgZPnRb2hbkizg&dbm_d=AKAmf-DuzqPftqb5R8gGW4cO43rsi649wNm3hDzOed0QU0eETlM7s1xT3wOUVTbJLQowqBIhUXrq3xffWiSyjdzTjhOvLinb17g7IzQ7RPIW2pgXbs-BS7YgzsFphetZ3I1iPq78CtOBopl08QsL1z5dnzAefWE-Cc_Zw6w6lQX6B4tULxDrPfYA6lvScax0xU0bsJy20KgpFAII3IrYGcyFvAZuygPUTuTeLDYoqgVXeH5fPDaL69W4JfJdkj0HYmZsEdIYQei8W1tURUIAcCfvc6COb4WmXx2bhFhfqjfvX4kUcH5eKv0pfegmgG1zbeMByTQtPlZqvAkDNhmocjRQEP6fBAtEK_tugIImZhyrzuvyVjHmKIZw-_tRdLxFoyu15KEbUNQHniAK9N2W7ZaHmjF_psevD8g173L-Cuaa8TI3vl-jsvHXnKcJaI30V3M7L8PbMvjkjBLjF32NU-cJbP4SBiFFJ5dyPhzGjc6ykhoO-xQLkAiVjr47_-2BKoiL6aio_okOKZ8G-juzWJIPsJTberTzlrM9l71kC4YroYCSiYzGILpk4evU8jrr5iAL5hEsFDAkrWIMTIUd7AZo2F1Ei6_xPbnEZQ08apVWKHEEnYEfHqQ2uPlbplWNapthQ-b3Qe5GS8N2Vw5I_0qLz9Do3b-79AHSgLymY4AfHvUH3OIHYFuCgWXEkj3Wm_qVTZHGBmvDT222p89bG5m3Eayr3izKESkoXpDOlnHpAmO_65Vkf6_tfS8AhY8bEUqg_1lCXUqoBGOpIiGmUvVTJOQD_PWuZ-aapD3BkywoLnm1hhq1kP0AJNdlemWbL-pJGqnV6XxoSxxbA1_R6owi-gtefT6vXyE24YvyZPQjOujn-1l3bPoucU1QST8SVvWxstbTn8OQQiKHpGEpjKxv1jTqucv2YDHpX2AvJsmoNoq0QCF4BHnn5KhDYobHReeSqz0uyTHFQp3fPUKBc_LoPH9rVn_mbllEC-d-1Mr05NaEihdQOnSM2GNFKkW8kM8732bM6DCsGYWxRGrcwMoujIffMRGV0ZPq3OxjA6TuudXflAz1wqRFpFADywhBZ7F_4vmKwX11dCYVPabVzVs3u_ERWcio2mt2nGG_HurFH7MqRHsyIeSiFkVwma8g3R8d70Ts4_jWe_nipxNSONUnjQs27Cl5zzUa0TAjerJAXvfbEwQmxAxoq1j2i13pHYWBVdiMkr5RFfboeEL3PPgJ7DEcJO2ufa21bsj8ehsqGxUiWzQSx79vdhEGvLLxJ0nxDl13-x5KeHJKJ8yQBNuBpPJbY3bCZxBFT9y3jHKqqvRGbDDrrxbHmP5crR2MlGV-SoittCjXYTa60DI7m2rRRdZe_9AwU-eALbOVevoJLIbP1yRzje-BNmeTT-UhL9aq7jlMbdekY6J9PAWG1cHZV3RhTIjP7oh2n0FeoeLCvUEi0TpIg_uYRDxE1uGx78mF5SHHz4SUAByQdIQnnDMLG8hAU14N0T8LZLo3o3FWYmCQWFbKkzE51b__uu-lVG3ebJMgRyMPZYEWNH3TP9kfBLAk7SimAu3u2SwLJJIsK1JX8p_kjNIkuf-wLVgUG6JxPnaVeEmzHlPl6n1frlqxHJT1_ed0S2HSz50reR7QTjWc9PLZbipRsDl727cm527xZEx2aUc1iCENRfiOtotBk13eph3V3dGSNpLaHdmJB5KtFvEu0HRJrm2K1TxnXpRgSEMEYi1VQGYC9ZkDH_vfm1xXldGq84PsjP-KWVCLDoXOCwv9NJKv-xMFoEplG6OP6jjwGmKyFifGpjFgLV2vhOl5Ap1WxkkG2PBFQkaq3gcIpJSNvWdQmHG6NXCig9kJ3crf2ob0QlMtbqqe788hvPhsDCLD6UCYS3XrcCQ2bF2UtzqhyyPrO-2qm8j3tq1LuTk1Ne9I9qhDqo5qxU_tY2WBY0IBAgas5FTOBf7HuYjz_BNnhcZb0nqzlZf-CuMzFtm0V0696W1QThwsvHF5Kiissa9LahIr9O1dU-KEQsdrtG-Zc2PGLCDBy8qhx0Ed_enYfkGAyipEluKqmkebWE2sa-KR5VTZicQA9oZnp6KRbhnWe8GEq_3QQsR9RolD4mO1tGKi46dSqJwZWValF05iJAR7xbA6mzdGW5KtUNi4qT1bRE_-Vx0ogVdVQ9Mrd_Il9_xsBTTZgNGfhT6pul2p2CrJ4I5Ox2dosXcqyuOqGcWyQWAP9Q151tfAxiaoHeT7tbIAx57O_wxTdYEi8NOdCyXMNAleZ1FzhiK19REZqYRR0QuDKSje2GeKG37eIJMrFSQL9XGw9Si9Ly5dU9uI3Gaq8IMd_njo5ONBN0thCjp5iRqfjv9zaWLZu9ENuDdR8Yjsz2Qyu4lpmNBvN5iS52ql4bXsm2ASTeWqBg59DgiTSwBPT_uaFrozmV2yups6n_qWdSyGX-YRFuzpugTAc_PXiew83wITCT_7QvB0Xaew0FHgpntTQCvsCfVU_YzoVsxX0agMcmPg6K5xoA_lFBdE9PUzY5NiHIApUk3fqFIA_x_dtki8FtUt1TjPAlsHbG11TdKZwrmY9tKEifIYLRDVN-cdtE8alFvsnC_CPf5zbZbfOkl2JyTd0R64g-a0KTh8t1PTBOEXnG_HbaTbpDaQ0iGSkp-fLGZnjexaHnMe6tbYdbhNU5o0JkNi04YHRVLLnlx8hzljtf0FCu5rE3FPPQSxRaMpbZQTTXjuqypxyvwOWJyMm5-xptuT83aHI-AtHQ8tjvPv7NG31SebLQmUucke1MHULDHWjcbDKTtt2p8S5QtkSL3u6lEF2puDx_yfaVo47ef_Jjbhdh71rHA_VE5txRYwkTBMkIt38FbcdNu40KjhvYtZ-1AhmmjPeTA_ESKDVCEpUawl5vDYoG-TNNgOjo3W_o4njDybu6NOCYHcfIQwJjmonDoRAmyGSSCH3rKVGJCwAtD0z9AMABvm7FUsSCh9x2T3kFb5ZNKG6cpPNm21iBShXI1qWK2RrzaZuQm3p0WY4135_ENPTJLvnVDMKtfFgs9nvX0xgtuk2rYoGnj2zTpZuSaisz7Wuz6qomJOzN2wnG5SwVgjszW5fin74OSsA7rxpT5l7WV8uqHBZWqRuSLmE7bhHSaW0OIwPTFgF7nyLRFfmBj4M3d_JliUuGvQ8fchAnckG1HucgDCqTaLS6cWW0SuNKui5atgBr9CW8k8WRgatxevvbzlY3Dr8zn1EE740rZ1tSbKco9s4HPyuA1fmbIi8wtsxcj1WAytjWHS2g9fcNlmVdhs-moHt6xLXb6P0QAOb8wrj1aunR24Jk2ovY4RQBT1ug6olU22uO4JE2QOm5OZbCLl6Ef_Od9GRZEgc_uS4xvhATgtgKqDGjD6btKicRd13hkWeH3r0jvtY1Qrps8kco824maax6YXGQ57699gRzl53cGvfW7mItCqsy7v9H45tgKNfqHSWVQa-Vfzh8jjMhUApCje2749sn2FheBpzPyGA-gpUbDHaNVJnjX4wf_0mK5pc2vbO86hWuJJO1WUWcXs_u7eQoy4VLZKUeX17dy5skxu3XxaRf151hM42xaIUdDcYFGt3bgRW4x323jM9fgadWCNDDh5KwcdQON2dbld4NdTkFDLqfPLnxZA2O4TGn6xEAGLP2So4MQld1p__Nr6FNZLmnVhx8Vr68EZI-cXemhs72uqhVtglcgWZVmYOwQ5NEnk96veHBfzFkyNyNfNV-B9VvjZ_n09zB17G4wq72Pwv3EWllE4Gz-Mn1bsC7HmzBhLeLl70VY3-jvoq7WwoFb_nguH9ZX3dNqhEvEPTOanBhcOzoOnctUgRnxFB0r_dcmOdoLiE5zBCAXXYqONGDgi3tcQB4UxP1Ne6uiATcIIytMRhvfOc2Be5R7S-zUtKv6oYn6glUjUCoZbhXoT4hlNtsbodeyKZCTwe3AevzLIQoQ-jmBaBKejSCxejo29&cid=CAQSTwAvHhf_Dxnp1oMbEx8rGDgZ2d1I8f35K7hy--ljz30TXrIZJfu0aX0LH4ApvI_sxMWzov2Wajs5pX-VtxoXmpTlZYa1XzqSmTB7hAuCuj0YAQ&dv3_ver=m202309260101&rfl=http%3A%2F%2Fdownload-tlgm.ru%2F&ds=l&xdt=1&iif=1&cor=15080808816739363000&adk=1877897942&idt=112&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85153241a5572ac0eb4bd34e29219b0512ef3f5aea409ced5597d09b169d1216
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39870
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 399B 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&puid=4~lrvr1vtf&c=6006080755292&slotId=3003040377646&qqid=COXXzMaF_YMDFeuGgwcdomYAUg&fb=outstream-lima&vmfc=4&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:809::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 399B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:35:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
287525
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:35:33 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 399B 		453 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-4622439471653545
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
expires
Sat, 27 Jan 2024 08:17:38 GMT
csi
csi.gstatic.com/ Frame 399B 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&puid=5~lrvr1vxe&c=6006080755292&slotId=3003040377646&qqid=COXXzMaF_YMDFeuGgwcdomYAUg&fb=outstream-lima&gpm_i=4&gpm_c=4&gpm_a=4&smb=Infinity&br=625&mt=video%2Fmp4&vs=468x832&msm=1&aits=0&webm=2&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=0&hcn=0&met.4=arp_a_e.pa~atrd.pg~videopreviewvisible.ph&ua_e=1&umsem=0&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:809::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
13533215.mp4
s1.adform.net/banners/elements/files/2056020/ Frame 399B 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/elements/files/2056020/13533215.mp4?bv=10
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
480afb8dc8aa0e73b93c72a29634afa8a6fc4327f1c8bcc1f5fb51062724e1b5

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
last-modified
Wed, 13 Sep 2023 12:57:28 GMT
server
nginx
x-amz-request-id
tx00000adc485c3cb44b616-0065b492f6-32959e94-default
etag
"960a7ca5b4223ec68f49dd108f838433"
x-cache-status
STALE
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-1178410/1178411
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Content-Length
1178411
csi
csi.gstatic.com/ Frame 399B 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&puid=6~lrvr1vxn&c=6006080755292&slotId=3003040377646&qqid=COXXzMaF_YMDFeuGgwcdomYAUg&fb=outstream-lima&gpm_i=4&gpm_c=4&gpm_a=4&smb=Infinity&br=625&mt=video%2Fmp4&vs=468x832&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Ftrack.adform.net%252Fserving%252Fvideoad%252F%253Fbn%253D67886237%2526v%253D2%2526ord%253D%255Btimestamp%255D&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:809::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C36 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9256416999215&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C36 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9256416999215&version=m202309260101&ct=76&x=1&cor=2827461482437855000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 8C36 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHbdnWzhl04b8WRcwaGTJD9CFCuWIb_g_viEA26lfnFYimWHb1vtlS-SlS46hdjzFpj9PJE4zxO2O-0Abl1nO-r6DfdQtKF5bkaGs0-HlImfUMhjfXVhlezIgoImyGcicoF2yOTdxQYCahtrvidLh_JFx0wu0870dUTg68FmljOrIMuLw&dbm_d=AKAmf-ALvw2Rl9vAcdw2lqxdFt3hUGZ0bZLMzJz4o7nOn938y6KUuE6XU4574pYBNSCxjWrxBZ4bSEVur7qM8a9B-S6wjrwiZflYDurRilBdl8SEpnG59EJf8xNT8VYG6i8FgG1fgad4kNC4VGRPJET3bqUYFKyFd2ufwU_8lQUVfCWR5ch0MsqtJmbhkLfJ_qUHy5D7WsVGavlLs0GLt3g6KC3PYAKJig7UFy290P2pmMwcPFoFBcy9-5KCt1xwvbNrt7rsrmQ5UULeCDVvNhjdx2rlTHm5-h25CLMPwob8XAbM3_qmzsDD3RkI0_tH_s-VTFK9MdzDbbQsb-nAuXcFW46CoJIDhYT4SJQcTbiFgdXqAONHShxm8jT3pGyux66HGh6G8dGLMC5W2I94--5RjukA-Qe_ZHR81zYFh1TTyuoTm4LoD0P41LT0fjy4GjZw2DL2-r5Gsm269W_RYKfi8UkooDJOM9WuZ-pc_JKxcHyjbl3ATNxqeDV26x54hTaHXxRNjMFmH5RTTzbrcdpk32jUaXuuAagp-QQl4vvI32R7UU-TAOXyY-1hj2oVX0Pir4LzZhUUSXpTzXP1howZaJkKreyJg6wu-CL4AALUE7AHmXTBVW_ynmCb1E32-_EDzFEPcQG1TM5mYAdChO6IWgR7uEjvXNDTBTfppoOWpFNmZVnXONKL-Ie8pa5vHD2Y_laWmr0jlN0yHQnYGzCW9iAjc9j9o1f7rLZQGYLEdeVvYbzWS-6ZuzwMVMzJxrE6VtMB1teMwbfFIWHmnWsoVuaQpr65UgU64sfsxJrXahtzbu9lZY7jB3-VEQE0_qbqrszHlbPRBllJ2-M1QmFNgM91Fzz0FGW2SK-MtlX3uAMQjiiZIVCitFHw8wZKr7K-gYhtNAPlh2laH6zKyvpnMgYDNOhUDmzNH3XqGb_x2bHGvIqvK7pIXto0CaZn7_212hfr9qBz33BQQetYzMx5ry6RkAG1FxwBSOfaFmzBcjouabzx4MzDTZGVIcR3eTgYMrjcRGNfYGIx2UWcukpOWS28VqZ9qpkS1EhUdq2f_mu80SVHg0bIh0o5hP3Ciq-qzqJJM9yyFuk4sg_B3PJlrqoZJHWN5b7GiQc_XCR9hURPW0YuL2nJQRGKVYMcLL8XAOPfNJLWykbg0UD8Zot9_SH1OSHpWYvpeyouJ1aUq-pRgCRQMtEXzUJIa_t5ODzQXyi4ZZtgkv9iXKquyBsJyw81XRG3NI0yWa911pGdmdnakolHh36F3Mc5e3IrrajYyY1j01VMciSO5jStBsIuFFIUMPUxYqkSOhYmIb1Sr6kN3NMTAWaEcBCTgZnSB-TCnLqoV-SQcTGmtaDHNgbs-XdNtnqKAOpWhkVw0EgvKzxqEWebJJRoFmRZYtVOgrlkz5ibjRSdA93KP0WKIUVIqrRZPVY1OKpnB1g7J2wWCAHsSpCQt8Lw2npe-SMJhjU4CzJCBbLzn5ZjwYqnL6Zp72Hj09neQKvildvi7kWRuV581DSHqd_dXiabNezUZY5gpfS3xOROxXGGhvzvy7dB7JZYk21oMdILNsRrwpT5mdxua0JVet0cyiPEGNZsY8qac18Akp1hrGkMbrKt6PbygnWHAjvXIIMBXEPZ-7dySz3oyzO_EO0uVQgnsf8V3iQaaaCHFJAjjGHHLhECl2TTJznZVq1LnFSI3feIzpgZBNDCaTzr2XklfmivAhCh-L6sfY1hpQB-nrQnX-qErOvvhoY3icEdpcuT7TSc6YvZzMTFA3vfzc-lZ5vt6pEmPEyXlHgNusCHrRvOovsnB4NnyO3xvlOQif4E3YdTLBe2FumAzHUgpOYajk2PSo1uX1pjyLbI6HdpJL8A4_kLQoMmG6NW5kOtcX451szyoXUWvUy5qAXYiuZ8cz8MRLnQpekGMLvensliynV5ro-y1KhEBaydbM2NROIe4CmUM-odDBxVZ2CT6sLUMhEFZHN_xGy4P2vdUgeMFCLUHO7QsHvaeQQRKOee24TybnQtoesca6Ymg4-SGTkI1w9SKoJIhJBba5O9b4K-VUJxZuYzZ--pbsMBRddutA5c6AYeeTLKu6CF-3bB9zv9SiYNOGREGHmgyhimMie9Tsih4rXPBp3F6ZiISrDYVIZ5olhTEQ7JvKMWnxb8mDu6WHfVtCQfy3vI3-FHPOX42--UfEuA_O0KNgPKUUkgtK2nMI832tpEsmhgHWy3w_zVGBSwIcmfuEmqC-FMKWH0DlJie4iiCPhjJsFNbs2-LaH-Jd7M2mAomZ8-CVuJlBHpRezN47DkT8nyjhtq7ExmCY5LyW4CCzfEHNcEtYDjeGf5V8-u_zYQriUMM41LLMy_brweALSr7pG2cnIH8J_lmbONAHwja34QxBoZh2SiA8gu0Qial7Bm7nqPWI9gaDHxyJjgPJ0CidawGlp1zupyqb3YqDH199wwVM3N160Oge6Qu-lqCocmVhNLxBK3rtZ0lkvO5NJD7W7i5SPNtuKvmo2pfnmHGHaIsaUri9vzuxIq-Lb4p5eQ2VRZBtIIt91ATrm5_UzjHpyQY-hyesG3BQrzW5nSTlCqdlzrnnTA82YZzL7AekQD6z5nU_uzOQpfhaot3Fe1JBvEVSRjHjgsV8B9eSwhZMjpep43QUv8izjvw08pCuDe0DRsNpZnJxHUO0OjZ06hAbBEd3fXv6JkkvVcr5fSMsSTlfJMNi-eTsV1FrKSvoK19PRh8Y0RNcGkHUX6FfnvnIuAnpkBr_cd1UhW8Rsdp0GkaWcKxdzQKCjVdnYx0onTHFnqOcPx0HmB-4Nx7wXzHDYSfLaAThvhXQLQkqFEsXHXmO4BJCqhBcO3edB83MQW3qUuRq2VWN9tap1d64ce3j9ptxZc6nD-oppzhW__nOGjl0Ed8T0sUQe62ij1jSx2rwE2vfh7igZ3-TlnZBvztU6aZSL2ek112A0HKxZbzrmiWMLCNKlhVmz7ymKAknG7qshzmbLt1RUmmWqQicyBPFy5c1xwdXZsGIq1lYoOeRkQHy1z0I5QQGKZltI_Pn4wWOXb7qa29ExzUD6DvSx-MPKM4O0diyXrc6amzDBqcxTCjAcgkct_nUflRsT3OcTc52PqDDXaoJtPl6IELfTxvvlMQYvQeUXmeE-gS8LqmtOshaebTA9hiF1ojp6wwJq-4jyda7-tLpqhD1A5B-eXpSWJ6m46vRp7DsNesJdk6jBPFUI0lOtZbG-cuTtlttwmfo9ZyKbUL8T0h9i5yts83F0FtCPc4A-Kgb-FVIk2w8Za9WKTmiDmuOauEc0yRBFP78VJDrssBeLeJuo-_zTDmMFDweBXdNoNRb8GlCLsBi8Pj9CYTmY_MWh3POX8RBhNfWzYZtU0tw5sRYoXY88DuYOb3PnqyGqUZyCdSzQufwV3vWFXy54RNMoOWxntOC-ATJ93iSmv79mvUTn6-CfqsE_gkCUIukQziJzJiO-1wlApKN0QTT25Tc_m5nd2LOYCRSKYpKtUqy2_Oh3pe3RoUPiedYTq98qI_yJNwKSZDeBUkWEFp2jz0pP-pSCPU4y6juj_SQ09EnNvtuK609Px50HDHIsKtWDJl92f58a23rdHeXRmsbu5MygeBSJoegbYdZROYZq_56HVmT_9ltfwXQQPK4nUk8dAOPwRAICGPDAixHQ8qblUK28_S0WEinH1K3ptwHGswt2OCXDrHvGDmrG7lVR3_xmw-Sj5bNJ0BlyGcnwiCUzLCo0q2i3Aavay3uhx5Trgh9Wzz7hKzHte3aH6Yq40VHc23LJC_dAaVtwbqzFKOus0_hJNkuad3S0GbREsfkSYWKm_dFjT_Ej_BNX7xT1osMntwxfDgcDLFzFyqIl2d5An2YFSKmaNdxTviM_8e72ggfQ475LF8AZAeV98C-SZU9053shIJST33jEnamcPrcZiKuu2j1KUN6fa_UjW5SM3D4f7EntM3uSutBidZIkBQDdD&cid=CAQSTwAvHhf_Dxnp1oMbEx8rGDgZ2d1I8f35K7hy--ljz30TXrIZJfu0aX0LH4ApvI_sxMWzov2Wajs5pX-VtxoXmpTlZYa1XzqSmTB7hAuCuj0YAQ&dv3_ver=m202309260101&rfl=http%3A%2F%2Fdownload-tlgm.ru%2F&ds=l&xdt=1&iif=1&cor=2827461482437855000&adk=929882888&idt=157&cac=0&dtd=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87ec2574487b8de0da002d4e8f9d0c09fc31f32164a8de2b661e04a7de428cf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39997
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6928 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4298254739641&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6928 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4298254739641&version=m202309260101&ct=76&x=1&cor=4335594759107708400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6928 		103 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADGHvRsSNe3ucpcKv_jHbRxOivEKuV3F0fwE9yjVOKI65vfv6QKzZN7Vg86lIfyjhAqlBVNhbZ4Ln0XE_ky_0CSM2J68qowqVPhCAwTFQlXTeW1gr0nPjxoyquQPi4RLEcD9vXvGQJTVq6yEFJmlndKHgZ_tHNTRRgNiCSY8Smt2r4yMM&dbm_d=AKAmf-B_XaXGXuafreNEkOKvPrQbHMmLrJRLzbdsl5gp9KVlKCJSL2iDUVKywcrGVPziX6C1IWiJzT4HAiE61pZGt9-rlWmTrFLAeBWV3bA_XWui9KR5kScp17LP0u7cMT-XT8zZPINyXuDmY4tyLSb5Eg-J8Zk_n4QFHOWBjM8XXmgpE1-8id-xDlCu5xnQwIK80k2Bc2OfX52XoAE1hBixkm-qK5VtZ9s4DDZnXWULM3VhcMS-a7LtRPUJVZNe2thqIx01VQMzpV90bvUXC9I9FwItULo63p-iWoAGAFjcwKckcpDQbzr9bA432HoTRHSaDSXlBmeAahQkEMBH0kRKmIsD9TF5dP2Zihb8qyse8DSADb0khMO-tfJg04QB7O37V0Mlp2n4vBrmmiFfPjyj4m_LIu2b2dEf1BFHIJhQV-AlCi_WJwM6qJlw7X2WjhtutyEsLorZ-DauN13NAjw4bC2rFjzaaQCn4iTw-7ouW_oCm8skbMGDQ_8X_t7-P1fREunfhtICKkNsb1XG6aP9v3P2IEeMJnQZJeLHR1wOfZ4YD6PTpoY99-OXOGZZ_IDWlFCfp3L7dNlAEzQbNd74FHBhC9xloks_AQT5cEurJQ3diVIuYLxhBlRytv2YwLKM7Omh-vBg3vMvdUeoboWJtm2BLJ4A1lBCKOfAQsdN-ni2KI04vpxNeOqZ3Dg8jsRK59w7z2r9uWl6T3IW3y3ihqwCr61Ar6d9egejzlYQweKaz1Dmd6BjTOGmr7fnzYi5p0KKQ172QZFK_CHxkn8y61uzzg0tihsqLY6dFK1gE05Lqq0DMVEfMIBYIJbnLJIOq53ivnI2QA3fd8p_4M_a2LB_o2jCd3zTQw_4JpSbvQQyibSq3uJNMRVLrLW1Cy15TQ26alvaM1Mgi0toPJYF1Sd2NI-X7I10ZOcjUU5YfrWD1o5WoXvfS2DNvy9yr_uwr1WnIkYLgZCg694D7uW54rINYL7f-xL_vSMZW8EAjIYFmltTRwafugJVAtUnsYUfbl5PpFenn_jCG6bqugCcl0Yr8R9fTF9UF31lIl8EupsxQZe0A47-M44ZT1PvqNpfiTwMFOa7qLwnE0wovIoFrItc0N5obEHxEABRQzNi6m_ALVM_KsE-qNZVvPVm8i91MV_k-yVeOIjownxJB9ezBw_Ry8V2hZZBHJ8Kjwx7cCMKFpxaRSkAhmzcQ6abED6FzffJYzDTJNal55v3EFame-kMlQh_haglFAxMqVbnuagsTijUTo3pKGXhN_xEcBWatd3Q-oz3qrlncZzLMY9QslhphbcjRgcnOHwVCQQ8ROpV4WASlBKqaspGgZG8n_My_JsEVwE1KmPQU2JEWuXkbb5kgJzT4M0G_AN3-MuqEyO6d7ndHbmklq_Tvs7bxZL8pFUvJBlgjlFThiv1ls8uhazyAqHLKeBcYOdOVS1tFM2qZ4dlxlLwR3kHWfpDPM92bqCFP_aB8NFBVgLMppZQBKFCtJfD7Xe08EirdexllIule0wvmrPMQKitOJA5JFi10cION3Q73LvLgJsbpRZMOkYQfJAT9tfLxda01zH5e1znDN6ADsAmkXzuUafm7LChbUVZ5LPZ7B1BFTV2-Zxljr0op4bdR5QO6nnsE41zhmP0X4AgVSq4Zxhs5aTCvMkGMDeBTsnptg1r-h82mIzowVBxskflGpMS5WiQTQZxZK-x_rtV1PFxcYhdNI4SRk8EFYKialefF-wOZxbh8SBSaRArw_TXV8zefcTzkwXYDUXRlMnJ9EahJWy_ka0gXxRm5-kfTV9YICHbkN8iCMk7mQbxqYN9jjK35KiQp1XWkkGLno_24HVyeiVO8K-1d5wU9gNLJnNdoM9PXFIKB98fEMrlecHBg2SzUSkxD8SdjvulaYjh7oW3uYDHUapGBhlWcgFsSAso8VPgLfOUkFrz6JZRvG2O_mB-zPMVqYzRfG8KJgiLrE7pcCEkq0aWohbobd3x0mmSdPZVCyzuTYzhE7IBU5jSoSG7nV360e3J2rriXvOBBD33Cu4fT-q_UlQ40tWPD4n6WSBlHr6Z6vvi7fATXx3KH3bF6snWpGGPmiW_XGS2cC4rxPCoWz3QYrH9MtamHt63963Fa7z6Egvr6mhQuUzDogmWuJjyHlEaNX4Teqh3Vx2DfTnnZQEcW4WkCXdYtV1LbzShn19_lJ3rwqF8Ueea54zAQuzBUKGx2OPrS4jxrm6n9RZSBosWqjclYXy3i4mtKTOYiALlVU0H04nBj7ahAID_OaSzE2zgigYvprAEkEq8XLf-fsGC7u3mYr5OG7h8arn91iKpsFZjvdak2MUwWXamr276sOe_a1K3gsiGzu0uIOQ2C9YpP-crCYnHWrI7mhQQ_cvQAoqE_MNHNrsqgzGmAh6rf0ocooKrM6g6Dz7iVwMJpcX3jsFbqiAb98QJPj1sj_nM8VxqTR-v_5QW_ou21bSH8oHdmZOFQ_ccD5YiX_uXB0J4q1R1TPBzDG5GJ2_nJacOn9N_tcY08gCaALvk7ADKlW42At5dfZk6gZJJ0rnf9RSxe-_KtjM1UO1LC5xf-XC6TZUHKmp0J40S-8_K56SPgs-8seqIPU6L7StBiUh2z8z9sdotXeHOAW_2G-okH2x5aCkI83BUyiLlXEns2ZZ1SGlJ9uvCUnxeCtkU9e3MV8xE4SGGadty6FbwpS2gqJsNojPd_HqOFFG-G9XNitYTBwYRxtlzv_q06Xrzvu_jPsQUZPduA6K0Ll56ozIAjWamME7SwMXk-QNdBDFVcrYd6v2CTRAiOfbveNdXzYDfsuQftyZMFRJzVSR9lOtdlWLWDbM5lOr42Mqscj2Nwcz5N5R9mjilRqeR7OgKy-piAn1jZum_xmjv-IXl9vpBVg8nYmzZVxLu2tgYtxc_AiBL3noRoD24sww_eNsz_rgekD4Na-2XKd1k76QoLqPokRub9saMb1ZEqMyNaAGIMlr2tRDBTZC1_S8Bvz14SPn52S6LZveVJAUC384jdF-YJhihe4pgwQ-cELaSPRDpIqd5mt_siBQwYz0wTqFuE4qk4nmZSTLIRf5aLeAFaaW7K5zGWR7EPtxaIP2cso8h73k7Z1Kfhh077haDIWv65TxrDqhHPAcl45VwXKdnUyfbq8KLtgWq_wJrxcx5O1h3OXPmB5CIW5cwG7S79vx0B0oDrRCOP6CCKpdOzUJeGh_j_bt2kKPSoepd_tw7dHoqv6SCp9Pkxvmd0cVchgL3X22fp9sNMkVzN43JxF7LxooCuD3JKN_Y1MKJlGflcVjvH3b5rc_gprUwZf8XeFs5Vc_H2DE0PNAe3GVfKdYfD--li13DWSuC3ro3vv4OW3m_rXJSE2SUFK7AATuJQ78K5iz3GAIUoLolxsTKThg6C-mW-l51u4Klc0RobGFwdS228EG1eq8Th8Q5U6XFRFWqA4EVvzzIk77_tvqc3ZM5jUxQYwFRrBInvDp6Bcku7biPxXd5liw45bBltIavXq3lFus27QDU9t3ZB2XMsEHauhOMXmKr2hfKJDegHgmas4_U0BXu2JjsllP0qMUg9YC343kL8yOK2mU-lq6SFhoIWATOYenjGZWEI8wCacLPUy0VGHW4WdHOO_5XybMgM3SSwUisfRqkIFMvWkYNyIvrXiwVoKR_TDnNMM1zFWckMcQS24seB_oERG4okV1FAjSI4lTK9tye08tH9W51eDnkiFFZEAIOb9awxy66N4A4J6P4BCv8LgEhUUMoeQsBGyoDCOmVQhrw6OkgwsuOB2P-Joc_zG4TJv5vgjQclN_wMwL0O0lS7xORxmnxo_ntkxgIP8unnf8JQQ7APAuP52bX0Cgjxfoo68nCfgCcvmOwiw&cid=CAQSTwAvHhf_Dxnp1oMbEx8rGDgZ2d1I8f35K7hy--ljz30TXrIZJfu0aX0LH4ApvI_sxMWzov2Wajs5pX-VtxoXmpTlZYa1XzqSmTB7hAuCuj0YAQ&dv3_ver=m202309260101&rfl=http%3A%2F%2Fdownload-tlgm.ru%2F&ds=l&xdt=1&iif=1&cor=4335594759107708400&adk=2988274606&idt=145&cac=0&dtd=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc1d0438b3676b3880bca3ccd317aaf5de6839899d7379547380c3b64e249f8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40057
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
pagead2.googlesyndication.com/bg/ Frame D833 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 13:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
65532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19859
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 13:15:26 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 200A 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
287892
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 23:29:26 GMT
expires
Wed, 22 Jan 2025 23:29:26 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame EA88 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27514
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 23:49:04 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame EA88 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B2fgPERKLvAYrxc2OxmRcvK_nNfoNoj7wWv7d8QWodFnGb19mbtff6nATuGuY2M6wT9sSgBkG1amcxzh-81_7n8N87vXbdNfWq3VMa80z7tMECxXJm_xNlbM53syyEhYHhSJWhtOJP2ePBYOS0cm4YcnP5B2qrWvHUNYgZPnRb2hbkizg&dbm_d=AKAmf-DuzqPftqb5R8gGW4cO43rsi649wNm3hDzOed0QU0eETlM7s1xT3wOUVTbJLQowqBIhUXrq3xffWiSyjdzTjhOvLinb17g7IzQ7RPIW2pgXbs-BS7YgzsFphetZ3I1iPq78CtOBopl08QsL1z5dnzAefWE-Cc_Zw6w6lQX6B4tULxDrPfYA6lvScax0xU0bsJy20KgpFAII3IrYGcyFvAZuygPUTuTeLDYoqgVXeH5fPDaL69W4JfJdkj0HYmZsEdIYQei8W1tURUIAcCfvc6COb4WmXx2bhFhfqjfvX4kUcH5eKv0pfegmgG1zbeMByTQtPlZqvAkDNhmocjRQEP6fBAtEK_tugIImZhyrzuvyVjHmKIZw-_tRdLxFoyu15KEbUNQHniAK9N2W7ZaHmjF_psevD8g173L-Cuaa8TI3vl-jsvHXnKcJaI30V3M7L8PbMvjkjBLjF32NU-cJbP4SBiFFJ5dyPhzGjc6ykhoO-xQLkAiVjr47_-2BKoiL6aio_okOKZ8G-juzWJIPsJTberTzlrM9l71kC4YroYCSiYzGILpk4evU8jrr5iAL5hEsFDAkrWIMTIUd7AZo2F1Ei6_xPbnEZQ08apVWKHEEnYEfHqQ2uPlbplWNapthQ-b3Qe5GS8N2Vw5I_0qLz9Do3b-79AHSgLymY4AfHvUH3OIHYFuCgWXEkj3Wm_qVTZHGBmvDT222p89bG5m3Eayr3izKESkoXpDOlnHpAmO_65Vkf6_tfS8AhY8bEUqg_1lCXUqoBGOpIiGmUvVTJOQD_PWuZ-aapD3BkywoLnm1hhq1kP0AJNdlemWbL-pJGqnV6XxoSxxbA1_R6owi-gtefT6vXyE24YvyZPQjOujn-1l3bPoucU1QST8SVvWxstbTn8OQQiKHpGEpjKxv1jTqucv2YDHpX2AvJsmoNoq0QCF4BHnn5KhDYobHReeSqz0uyTHFQp3fPUKBc_LoPH9rVn_mbllEC-d-1Mr05NaEihdQOnSM2GNFKkW8kM8732bM6DCsGYWxRGrcwMoujIffMRGV0ZPq3OxjA6TuudXflAz1wqRFpFADywhBZ7F_4vmKwX11dCYVPabVzVs3u_ERWcio2mt2nGG_HurFH7MqRHsyIeSiFkVwma8g3R8d70Ts4_jWe_nipxNSONUnjQs27Cl5zzUa0TAjerJAXvfbEwQmxAxoq1j2i13pHYWBVdiMkr5RFfboeEL3PPgJ7DEcJO2ufa21bsj8ehsqGxUiWzQSx79vdhEGvLLxJ0nxDl13-x5KeHJKJ8yQBNuBpPJbY3bCZxBFT9y3jHKqqvRGbDDrrxbHmP5crR2MlGV-SoittCjXYTa60DI7m2rRRdZe_9AwU-eALbOVevoJLIbP1yRzje-BNmeTT-UhL9aq7jlMbdekY6J9PAWG1cHZV3RhTIjP7oh2n0FeoeLCvUEi0TpIg_uYRDxE1uGx78mF5SHHz4SUAByQdIQnnDMLG8hAU14N0T8LZLo3o3FWYmCQWFbKkzE51b__uu-lVG3ebJMgRyMPZYEWNH3TP9kfBLAk7SimAu3u2SwLJJIsK1JX8p_kjNIkuf-wLVgUG6JxPnaVeEmzHlPl6n1frlqxHJT1_ed0S2HSz50reR7QTjWc9PLZbipRsDl727cm527xZEx2aUc1iCENRfiOtotBk13eph3V3dGSNpLaHdmJB5KtFvEu0HRJrm2K1TxnXpRgSEMEYi1VQGYC9ZkDH_vfm1xXldGq84PsjP-KWVCLDoXOCwv9NJKv-xMFoEplG6OP6jjwGmKyFifGpjFgLV2vhOl5Ap1WxkkG2PBFQkaq3gcIpJSNvWdQmHG6NXCig9kJ3crf2ob0QlMtbqqe788hvPhsDCLD6UCYS3XrcCQ2bF2UtzqhyyPrO-2qm8j3tq1LuTk1Ne9I9qhDqo5qxU_tY2WBY0IBAgas5FTOBf7HuYjz_BNnhcZb0nqzlZf-CuMzFtm0V0696W1QThwsvHF5Kiissa9LahIr9O1dU-KEQsdrtG-Zc2PGLCDBy8qhx0Ed_enYfkGAyipEluKqmkebWE2sa-KR5VTZicQA9oZnp6KRbhnWe8GEq_3QQsR9RolD4mO1tGKi46dSqJwZWValF05iJAR7xbA6mzdGW5KtUNi4qT1bRE_-Vx0ogVdVQ9Mrd_Il9_xsBTTZgNGfhT6pul2p2CrJ4I5Ox2dosXcqyuOqGcWyQWAP9Q151tfAxiaoHeT7tbIAx57O_wxTdYEi8NOdCyXMNAleZ1FzhiK19REZqYRR0QuDKSje2GeKG37eIJMrFSQL9XGw9Si9Ly5dU9uI3Gaq8IMd_njo5ONBN0thCjp5iRqfjv9zaWLZu9ENuDdR8Yjsz2Qyu4lpmNBvN5iS52ql4bXsm2ASTeWqBg59DgiTSwBPT_uaFrozmV2yups6n_qWdSyGX-YRFuzpugTAc_PXiew83wITCT_7QvB0Xaew0FHgpntTQCvsCfVU_YzoVsxX0agMcmPg6K5xoA_lFBdE9PUzY5NiHIApUk3fqFIA_x_dtki8FtUt1TjPAlsHbG11TdKZwrmY9tKEifIYLRDVN-cdtE8alFvsnC_CPf5zbZbfOkl2JyTd0R64g-a0KTh8t1PTBOEXnG_HbaTbpDaQ0iGSkp-fLGZnjexaHnMe6tbYdbhNU5o0JkNi04YHRVLLnlx8hzljtf0FCu5rE3FPPQSxRaMpbZQTTXjuqypxyvwOWJyMm5-xptuT83aHI-AtHQ8tjvPv7NG31SebLQmUucke1MHULDHWjcbDKTtt2p8S5QtkSL3u6lEF2puDx_yfaVo47ef_Jjbhdh71rHA_VE5txRYwkTBMkIt38FbcdNu40KjhvYtZ-1AhmmjPeTA_ESKDVCEpUawl5vDYoG-TNNgOjo3W_o4njDybu6NOCYHcfIQwJjmonDoRAmyGSSCH3rKVGJCwAtD0z9AMABvm7FUsSCh9x2T3kFb5ZNKG6cpPNm21iBShXI1qWK2RrzaZuQm3p0WY4135_ENPTJLvnVDMKtfFgs9nvX0xgtuk2rYoGnj2zTpZuSaisz7Wuz6qomJOzN2wnG5SwVgjszW5fin74OSsA7rxpT5l7WV8uqHBZWqRuSLmE7bhHSaW0OIwPTFgF7nyLRFfmBj4M3d_JliUuGvQ8fchAnckG1HucgDCqTaLS6cWW0SuNKui5atgBr9CW8k8WRgatxevvbzlY3Dr8zn1EE740rZ1tSbKco9s4HPyuA1fmbIi8wtsxcj1WAytjWHS2g9fcNlmVdhs-moHt6xLXb6P0QAOb8wrj1aunR24Jk2ovY4RQBT1ug6olU22uO4JE2QOm5OZbCLl6Ef_Od9GRZEgc_uS4xvhATgtgKqDGjD6btKicRd13hkWeH3r0jvtY1Qrps8kco824maax6YXGQ57699gRzl53cGvfW7mItCqsy7v9H45tgKNfqHSWVQa-Vfzh8jjMhUApCje2749sn2FheBpzPyGA-gpUbDHaNVJnjX4wf_0mK5pc2vbO86hWuJJO1WUWcXs_u7eQoy4VLZKUeX17dy5skxu3XxaRf151hM42xaIUdDcYFGt3bgRW4x323jM9fgadWCNDDh5KwcdQON2dbld4NdTkFDLqfPLnxZA2O4TGn6xEAGLP2So4MQld1p__Nr6FNZLmnVhx8Vr68EZI-cXemhs72uqhVtglcgWZVmYOwQ5NEnk96veHBfzFkyNyNfNV-B9VvjZ_n09zB17G4wq72Pwv3EWllE4Gz-Mn1bsC7HmzBhLeLl70VY3-jvoq7WwoFb_nguH9ZX3dNqhEvEPTOanBhcOzoOnctUgRnxFB0r_dcmOdoLiE5zBCAXXYqONGDgi3tcQB4UxP1Ne6uiATcIIytMRhvfOc2Be5R7S-zUtKv6oYn6glUjUCoZbhXoT4hlNtsbodeyKZCTwe3AevzLIQoQ-jmBaBKejSCxejo29&cid=CAQSTwAvHhf_Dxnp1oMbEx8rGDgZ2d1I8f35K7hy--ljz30TXrIZJfu0aX0LH4ApvI_sxMWzov2Wajs5pX-VtxoXmpTlZYa1XzqSmTB7hAuCuj0YAQ&dv3_ver=m202309260101&rfl=http%3A%2F%2Fdownload-tlgm.ru%2F&ds=l&xdt=1&iif=1&cor=15080808816739363000&adk=1877897942&idt=112&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 11:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
72170
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 11:24:48 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame EA88 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B2fgPERKLvAYrxc2OxmRcvK_nNfoNoj7wWv7d8QWodFnGb19mbtff6nATuGuY2M6wT9sSgBkG1amcxzh-81_7n8N87vXbdNfWq3VMa80z7tMECxXJm_xNlbM53syyEhYHhSJWhtOJP2ePBYOS0cm4YcnP5B2qrWvHUNYgZPnRb2hbkizg&dbm_d=AKAmf-DuzqPftqb5R8gGW4cO43rsi649wNm3hDzOed0QU0eETlM7s1xT3wOUVTbJLQowqBIhUXrq3xffWiSyjdzTjhOvLinb17g7IzQ7RPIW2pgXbs-BS7YgzsFphetZ3I1iPq78CtOBopl08QsL1z5dnzAefWE-Cc_Zw6w6lQX6B4tULxDrPfYA6lvScax0xU0bsJy20KgpFAII3IrYGcyFvAZuygPUTuTeLDYoqgVXeH5fPDaL69W4JfJdkj0HYmZsEdIYQei8W1tURUIAcCfvc6COb4WmXx2bhFhfqjfvX4kUcH5eKv0pfegmgG1zbeMByTQtPlZqvAkDNhmocjRQEP6fBAtEK_tugIImZhyrzuvyVjHmKIZw-_tRdLxFoyu15KEbUNQHniAK9N2W7ZaHmjF_psevD8g173L-Cuaa8TI3vl-jsvHXnKcJaI30V3M7L8PbMvjkjBLjF32NU-cJbP4SBiFFJ5dyPhzGjc6ykhoO-xQLkAiVjr47_-2BKoiL6aio_okOKZ8G-juzWJIPsJTberTzlrM9l71kC4YroYCSiYzGILpk4evU8jrr5iAL5hEsFDAkrWIMTIUd7AZo2F1Ei6_xPbnEZQ08apVWKHEEnYEfHqQ2uPlbplWNapthQ-b3Qe5GS8N2Vw5I_0qLz9Do3b-79AHSgLymY4AfHvUH3OIHYFuCgWXEkj3Wm_qVTZHGBmvDT222p89bG5m3Eayr3izKESkoXpDOlnHpAmO_65Vkf6_tfS8AhY8bEUqg_1lCXUqoBGOpIiGmUvVTJOQD_PWuZ-aapD3BkywoLnm1hhq1kP0AJNdlemWbL-pJGqnV6XxoSxxbA1_R6owi-gtefT6vXyE24YvyZPQjOujn-1l3bPoucU1QST8SVvWxstbTn8OQQiKHpGEpjKxv1jTqucv2YDHpX2AvJsmoNoq0QCF4BHnn5KhDYobHReeSqz0uyTHFQp3fPUKBc_LoPH9rVn_mbllEC-d-1Mr05NaEihdQOnSM2GNFKkW8kM8732bM6DCsGYWxRGrcwMoujIffMRGV0ZPq3OxjA6TuudXflAz1wqRFpFADywhBZ7F_4vmKwX11dCYVPabVzVs3u_ERWcio2mt2nGG_HurFH7MqRHsyIeSiFkVwma8g3R8d70Ts4_jWe_nipxNSONUnjQs27Cl5zzUa0TAjerJAXvfbEwQmxAxoq1j2i13pHYWBVdiMkr5RFfboeEL3PPgJ7DEcJO2ufa21bsj8ehsqGxUiWzQSx79vdhEGvLLxJ0nxDl13-x5KeHJKJ8yQBNuBpPJbY3bCZxBFT9y3jHKqqvRGbDDrrxbHmP5crR2MlGV-SoittCjXYTa60DI7m2rRRdZe_9AwU-eALbOVevoJLIbP1yRzje-BNmeTT-UhL9aq7jlMbdekY6J9PAWG1cHZV3RhTIjP7oh2n0FeoeLCvUEi0TpIg_uYRDxE1uGx78mF5SHHz4SUAByQdIQnnDMLG8hAU14N0T8LZLo3o3FWYmCQWFbKkzE51b__uu-lVG3ebJMgRyMPZYEWNH3TP9kfBLAk7SimAu3u2SwLJJIsK1JX8p_kjNIkuf-wLVgUG6JxPnaVeEmzHlPl6n1frlqxHJT1_ed0S2HSz50reR7QTjWc9PLZbipRsDl727cm527xZEx2aUc1iCENRfiOtotBk13eph3V3dGSNpLaHdmJB5KtFvEu0HRJrm2K1TxnXpRgSEMEYi1VQGYC9ZkDH_vfm1xXldGq84PsjP-KWVCLDoXOCwv9NJKv-xMFoEplG6OP6jjwGmKyFifGpjFgLV2vhOl5Ap1WxkkG2PBFQkaq3gcIpJSNvWdQmHG6NXCig9kJ3crf2ob0QlMtbqqe788hvPhsDCLD6UCYS3XrcCQ2bF2UtzqhyyPrO-2qm8j3tq1LuTk1Ne9I9qhDqo5qxU_tY2WBY0IBAgas5FTOBf7HuYjz_BNnhcZb0nqzlZf-CuMzFtm0V0696W1QThwsvHF5Kiissa9LahIr9O1dU-KEQsdrtG-Zc2PGLCDBy8qhx0Ed_enYfkGAyipEluKqmkebWE2sa-KR5VTZicQA9oZnp6KRbhnWe8GEq_3QQsR9RolD4mO1tGKi46dSqJwZWValF05iJAR7xbA6mzdGW5KtUNi4qT1bRE_-Vx0ogVdVQ9Mrd_Il9_xsBTTZgNGfhT6pul2p2CrJ4I5Ox2dosXcqyuOqGcWyQWAP9Q151tfAxiaoHeT7tbIAx57O_wxTdYEi8NOdCyXMNAleZ1FzhiK19REZqYRR0QuDKSje2GeKG37eIJMrFSQL9XGw9Si9Ly5dU9uI3Gaq8IMd_njo5ONBN0thCjp5iRqfjv9zaWLZu9ENuDdR8Yjsz2Qyu4lpmNBvN5iS52ql4bXsm2ASTeWqBg59DgiTSwBPT_uaFrozmV2yups6n_qWdSyGX-YRFuzpugTAc_PXiew83wITCT_7QvB0Xaew0FHgpntTQCvsCfVU_YzoVsxX0agMcmPg6K5xoA_lFBdE9PUzY5NiHIApUk3fqFIA_x_dtki8FtUt1TjPAlsHbG11TdKZwrmY9tKEifIYLRDVN-cdtE8alFvsnC_CPf5zbZbfOkl2JyTd0R64g-a0KTh8t1PTBOEXnG_HbaTbpDaQ0iGSkp-fLGZnjexaHnMe6tbYdbhNU5o0JkNi04YHRVLLnlx8hzljtf0FCu5rE3FPPQSxRaMpbZQTTXjuqypxyvwOWJyMm5-xptuT83aHI-AtHQ8tjvPv7NG31SebLQmUucke1MHULDHWjcbDKTtt2p8S5QtkSL3u6lEF2puDx_yfaVo47ef_Jjbhdh71rHA_VE5txRYwkTBMkIt38FbcdNu40KjhvYtZ-1AhmmjPeTA_ESKDVCEpUawl5vDYoG-TNNgOjo3W_o4njDybu6NOCYHcfIQwJjmonDoRAmyGSSCH3rKVGJCwAtD0z9AMABvm7FUsSCh9x2T3kFb5ZNKG6cpPNm21iBShXI1qWK2RrzaZuQm3p0WY4135_ENPTJLvnVDMKtfFgs9nvX0xgtuk2rYoGnj2zTpZuSaisz7Wuz6qomJOzN2wnG5SwVgjszW5fin74OSsA7rxpT5l7WV8uqHBZWqRuSLmE7bhHSaW0OIwPTFgF7nyLRFfmBj4M3d_JliUuGvQ8fchAnckG1HucgDCqTaLS6cWW0SuNKui5atgBr9CW8k8WRgatxevvbzlY3Dr8zn1EE740rZ1tSbKco9s4HPyuA1fmbIi8wtsxcj1WAytjWHS2g9fcNlmVdhs-moHt6xLXb6P0QAOb8wrj1aunR24Jk2ovY4RQBT1ug6olU22uO4JE2QOm5OZbCLl6Ef_Od9GRZEgc_uS4xvhATgtgKqDGjD6btKicRd13hkWeH3r0jvtY1Qrps8kco824maax6YXGQ57699gRzl53cGvfW7mItCqsy7v9H45tgKNfqHSWVQa-Vfzh8jjMhUApCje2749sn2FheBpzPyGA-gpUbDHaNVJnjX4wf_0mK5pc2vbO86hWuJJO1WUWcXs_u7eQoy4VLZKUeX17dy5skxu3XxaRf151hM42xaIUdDcYFGt3bgRW4x323jM9fgadWCNDDh5KwcdQON2dbld4NdTkFDLqfPLnxZA2O4TGn6xEAGLP2So4MQld1p__Nr6FNZLmnVhx8Vr68EZI-cXemhs72uqhVtglcgWZVmYOwQ5NEnk96veHBfzFkyNyNfNV-B9VvjZ_n09zB17G4wq72Pwv3EWllE4Gz-Mn1bsC7HmzBhLeLl70VY3-jvoq7WwoFb_nguH9ZX3dNqhEvEPTOanBhcOzoOnctUgRnxFB0r_dcmOdoLiE5zBCAXXYqONGDgi3tcQB4UxP1Ne6uiATcIIytMRhvfOc2Be5R7S-zUtKv6oYn6glUjUCoZbhXoT4hlNtsbodeyKZCTwe3AevzLIQoQ-jmBaBKejSCxejo29&cid=CAQSTwAvHhf_Dxnp1oMbEx8rGDgZ2d1I8f35K7hy--ljz30TXrIZJfu0aX0LH4ApvI_sxMWzov2Wajs5pX-VtxoXmpTlZYa1XzqSmTB7hAuCuj0YAQ&dv3_ver=m202309260101&rfl=http%3A%2F%2Fdownload-tlgm.ru%2F&ds=l&xdt=1&iif=1&cor=15080808816739363000&adk=1877897942&idt=112&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 11:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
72170
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11931
x-xss-protection
0
server
cafe
etag
11828260617052087593
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 11:24:48 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame EA88 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 11:54:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
156801
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 11:54:17 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 3599 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
156801
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 11:54:17 GMT
expires
Fri, 24 Jan 2025 11:54:17 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 200A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:07:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
37199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 21:07:39 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 6928 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27514
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 23:49:04 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 6928 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADGHvRsSNe3ucpcKv_jHbRxOivEKuV3F0fwE9yjVOKI65vfv6QKzZN7Vg86lIfyjhAqlBVNhbZ4Ln0XE_ky_0CSM2J68qowqVPhCAwTFQlXTeW1gr0nPjxoyquQPi4RLEcD9vXvGQJTVq6yEFJmlndKHgZ_tHNTRRgNiCSY8Smt2r4yMM&dbm_d=AKAmf-B_XaXGXuafreNEkOKvPrQbHMmLrJRLzbdsl5gp9KVlKCJSL2iDUVKywcrGVPziX6C1IWiJzT4HAiE61pZGt9-rlWmTrFLAeBWV3bA_XWui9KR5kScp17LP0u7cMT-XT8zZPINyXuDmY4tyLSb5Eg-J8Zk_n4QFHOWBjM8XXmgpE1-8id-xDlCu5xnQwIK80k2Bc2OfX52XoAE1hBixkm-qK5VtZ9s4DDZnXWULM3VhcMS-a7LtRPUJVZNe2thqIx01VQMzpV90bvUXC9I9FwItULo63p-iWoAGAFjcwKckcpDQbzr9bA432HoTRHSaDSXlBmeAahQkEMBH0kRKmIsD9TF5dP2Zihb8qyse8DSADb0khMO-tfJg04QB7O37V0Mlp2n4vBrmmiFfPjyj4m_LIu2b2dEf1BFHIJhQV-AlCi_WJwM6qJlw7X2WjhtutyEsLorZ-DauN13NAjw4bC2rFjzaaQCn4iTw-7ouW_oCm8skbMGDQ_8X_t7-P1fREunfhtICKkNsb1XG6aP9v3P2IEeMJnQZJeLHR1wOfZ4YD6PTpoY99-OXOGZZ_IDWlFCfp3L7dNlAEzQbNd74FHBhC9xloks_AQT5cEurJQ3diVIuYLxhBlRytv2YwLKM7Omh-vBg3vMvdUeoboWJtm2BLJ4A1lBCKOfAQsdN-ni2KI04vpxNeOqZ3Dg8jsRK59w7z2r9uWl6T3IW3y3ihqwCr61Ar6d9egejzlYQweKaz1Dmd6BjTOGmr7fnzYi5p0KKQ172QZFK_CHxkn8y61uzzg0tihsqLY6dFK1gE05Lqq0DMVEfMIBYIJbnLJIOq53ivnI2QA3fd8p_4M_a2LB_o2jCd3zTQw_4JpSbvQQyibSq3uJNMRVLrLW1Cy15TQ26alvaM1Mgi0toPJYF1Sd2NI-X7I10ZOcjUU5YfrWD1o5WoXvfS2DNvy9yr_uwr1WnIkYLgZCg694D7uW54rINYL7f-xL_vSMZW8EAjIYFmltTRwafugJVAtUnsYUfbl5PpFenn_jCG6bqugCcl0Yr8R9fTF9UF31lIl8EupsxQZe0A47-M44ZT1PvqNpfiTwMFOa7qLwnE0wovIoFrItc0N5obEHxEABRQzNi6m_ALVM_KsE-qNZVvPVm8i91MV_k-yVeOIjownxJB9ezBw_Ry8V2hZZBHJ8Kjwx7cCMKFpxaRSkAhmzcQ6abED6FzffJYzDTJNal55v3EFame-kMlQh_haglFAxMqVbnuagsTijUTo3pKGXhN_xEcBWatd3Q-oz3qrlncZzLMY9QslhphbcjRgcnOHwVCQQ8ROpV4WASlBKqaspGgZG8n_My_JsEVwE1KmPQU2JEWuXkbb5kgJzT4M0G_AN3-MuqEyO6d7ndHbmklq_Tvs7bxZL8pFUvJBlgjlFThiv1ls8uhazyAqHLKeBcYOdOVS1tFM2qZ4dlxlLwR3kHWfpDPM92bqCFP_aB8NFBVgLMppZQBKFCtJfD7Xe08EirdexllIule0wvmrPMQKitOJA5JFi10cION3Q73LvLgJsbpRZMOkYQfJAT9tfLxda01zH5e1znDN6ADsAmkXzuUafm7LChbUVZ5LPZ7B1BFTV2-Zxljr0op4bdR5QO6nnsE41zhmP0X4AgVSq4Zxhs5aTCvMkGMDeBTsnptg1r-h82mIzowVBxskflGpMS5WiQTQZxZK-x_rtV1PFxcYhdNI4SRk8EFYKialefF-wOZxbh8SBSaRArw_TXV8zefcTzkwXYDUXRlMnJ9EahJWy_ka0gXxRm5-kfTV9YICHbkN8iCMk7mQbxqYN9jjK35KiQp1XWkkGLno_24HVyeiVO8K-1d5wU9gNLJnNdoM9PXFIKB98fEMrlecHBg2SzUSkxD8SdjvulaYjh7oW3uYDHUapGBhlWcgFsSAso8VPgLfOUkFrz6JZRvG2O_mB-zPMVqYzRfG8KJgiLrE7pcCEkq0aWohbobd3x0mmSdPZVCyzuTYzhE7IBU5jSoSG7nV360e3J2rriXvOBBD33Cu4fT-q_UlQ40tWPD4n6WSBlHr6Z6vvi7fATXx3KH3bF6snWpGGPmiW_XGS2cC4rxPCoWz3QYrH9MtamHt63963Fa7z6Egvr6mhQuUzDogmWuJjyHlEaNX4Teqh3Vx2DfTnnZQEcW4WkCXdYtV1LbzShn19_lJ3rwqF8Ueea54zAQuzBUKGx2OPrS4jxrm6n9RZSBosWqjclYXy3i4mtKTOYiALlVU0H04nBj7ahAID_OaSzE2zgigYvprAEkEq8XLf-fsGC7u3mYr5OG7h8arn91iKpsFZjvdak2MUwWXamr276sOe_a1K3gsiGzu0uIOQ2C9YpP-crCYnHWrI7mhQQ_cvQAoqE_MNHNrsqgzGmAh6rf0ocooKrM6g6Dz7iVwMJpcX3jsFbqiAb98QJPj1sj_nM8VxqTR-v_5QW_ou21bSH8oHdmZOFQ_ccD5YiX_uXB0J4q1R1TPBzDG5GJ2_nJacOn9N_tcY08gCaALvk7ADKlW42At5dfZk6gZJJ0rnf9RSxe-_KtjM1UO1LC5xf-XC6TZUHKmp0J40S-8_K56SPgs-8seqIPU6L7StBiUh2z8z9sdotXeHOAW_2G-okH2x5aCkI83BUyiLlXEns2ZZ1SGlJ9uvCUnxeCtkU9e3MV8xE4SGGadty6FbwpS2gqJsNojPd_HqOFFG-G9XNitYTBwYRxtlzv_q06Xrzvu_jPsQUZPduA6K0Ll56ozIAjWamME7SwMXk-QNdBDFVcrYd6v2CTRAiOfbveNdXzYDfsuQftyZMFRJzVSR9lOtdlWLWDbM5lOr42Mqscj2Nwcz5N5R9mjilRqeR7OgKy-piAn1jZum_xmjv-IXl9vpBVg8nYmzZVxLu2tgYtxc_AiBL3noRoD24sww_eNsz_rgekD4Na-2XKd1k76QoLqPokRub9saMb1ZEqMyNaAGIMlr2tRDBTZC1_S8Bvz14SPn52S6LZveVJAUC384jdF-YJhihe4pgwQ-cELaSPRDpIqd5mt_siBQwYz0wTqFuE4qk4nmZSTLIRf5aLeAFaaW7K5zGWR7EPtxaIP2cso8h73k7Z1Kfhh077haDIWv65TxrDqhHPAcl45VwXKdnUyfbq8KLtgWq_wJrxcx5O1h3OXPmB5CIW5cwG7S79vx0B0oDrRCOP6CCKpdOzUJeGh_j_bt2kKPSoepd_tw7dHoqv6SCp9Pkxvmd0cVchgL3X22fp9sNMkVzN43JxF7LxooCuD3JKN_Y1MKJlGflcVjvH3b5rc_gprUwZf8XeFs5Vc_H2DE0PNAe3GVfKdYfD--li13DWSuC3ro3vv4OW3m_rXJSE2SUFK7AATuJQ78K5iz3GAIUoLolxsTKThg6C-mW-l51u4Klc0RobGFwdS228EG1eq8Th8Q5U6XFRFWqA4EVvzzIk77_tvqc3ZM5jUxQYwFRrBInvDp6Bcku7biPxXd5liw45bBltIavXq3lFus27QDU9t3ZB2XMsEHauhOMXmKr2hfKJDegHgmas4_U0BXu2JjsllP0qMUg9YC343kL8yOK2mU-lq6SFhoIWATOYenjGZWEI8wCacLPUy0VGHW4WdHOO_5XybMgM3SSwUisfRqkIFMvWkYNyIvrXiwVoKR_TDnNMM1zFWckMcQS24seB_oERG4okV1FAjSI4lTK9tye08tH9W51eDnkiFFZEAIOb9awxy66N4A4J6P4BCv8LgEhUUMoeQsBGyoDCOmVQhrw6OkgwsuOB2P-Joc_zG4TJv5vgjQclN_wMwL0O0lS7xORxmnxo_ntkxgIP8unnf8JQQ7APAuP52bX0Cgjxfoo68nCfgCcvmOwiw&cid=CAQSTwAvHhf_Dxnp1oMbEx8rGDgZ2d1I8f35K7hy--ljz30TXrIZJfu0aX0LH4ApvI_sxMWzov2Wajs5pX-VtxoXmpTlZYa1XzqSmTB7hAuCuj0YAQ&dv3_ver=m202309260101&rfl=http%3A%2F%2Fdownload-tlgm.ru%2F&ds=l&xdt=1&iif=1&cor=4335594759107708400&adk=2988274606&idt=145&cac=0&dtd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 11:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
72170
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 11:24:48 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 6928 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADGHvRsSNe3ucpcKv_jHbRxOivEKuV3F0fwE9yjVOKI65vfv6QKzZN7Vg86lIfyjhAqlBVNhbZ4Ln0XE_ky_0CSM2J68qowqVPhCAwTFQlXTeW1gr0nPjxoyquQPi4RLEcD9vXvGQJTVq6yEFJmlndKHgZ_tHNTRRgNiCSY8Smt2r4yMM&dbm_d=AKAmf-B_XaXGXuafreNEkOKvPrQbHMmLrJRLzbdsl5gp9KVlKCJSL2iDUVKywcrGVPziX6C1IWiJzT4HAiE61pZGt9-rlWmTrFLAeBWV3bA_XWui9KR5kScp17LP0u7cMT-XT8zZPINyXuDmY4tyLSb5Eg-J8Zk_n4QFHOWBjM8XXmgpE1-8id-xDlCu5xnQwIK80k2Bc2OfX52XoAE1hBixkm-qK5VtZ9s4DDZnXWULM3VhcMS-a7LtRPUJVZNe2thqIx01VQMzpV90bvUXC9I9FwItULo63p-iWoAGAFjcwKckcpDQbzr9bA432HoTRHSaDSXlBmeAahQkEMBH0kRKmIsD9TF5dP2Zihb8qyse8DSADb0khMO-tfJg04QB7O37V0Mlp2n4vBrmmiFfPjyj4m_LIu2b2dEf1BFHIJhQV-AlCi_WJwM6qJlw7X2WjhtutyEsLorZ-DauN13NAjw4bC2rFjzaaQCn4iTw-7ouW_oCm8skbMGDQ_8X_t7-P1fREunfhtICKkNsb1XG6aP9v3P2IEeMJnQZJeLHR1wOfZ4YD6PTpoY99-OXOGZZ_IDWlFCfp3L7dNlAEzQbNd74FHBhC9xloks_AQT5cEurJQ3diVIuYLxhBlRytv2YwLKM7Omh-vBg3vMvdUeoboWJtm2BLJ4A1lBCKOfAQsdN-ni2KI04vpxNeOqZ3Dg8jsRK59w7z2r9uWl6T3IW3y3ihqwCr61Ar6d9egejzlYQweKaz1Dmd6BjTOGmr7fnzYi5p0KKQ172QZFK_CHxkn8y61uzzg0tihsqLY6dFK1gE05Lqq0DMVEfMIBYIJbnLJIOq53ivnI2QA3fd8p_4M_a2LB_o2jCd3zTQw_4JpSbvQQyibSq3uJNMRVLrLW1Cy15TQ26alvaM1Mgi0toPJYF1Sd2NI-X7I10ZOcjUU5YfrWD1o5WoXvfS2DNvy9yr_uwr1WnIkYLgZCg694D7uW54rINYL7f-xL_vSMZW8EAjIYFmltTRwafugJVAtUnsYUfbl5PpFenn_jCG6bqugCcl0Yr8R9fTF9UF31lIl8EupsxQZe0A47-M44ZT1PvqNpfiTwMFOa7qLwnE0wovIoFrItc0N5obEHxEABRQzNi6m_ALVM_KsE-qNZVvPVm8i91MV_k-yVeOIjownxJB9ezBw_Ry8V2hZZBHJ8Kjwx7cCMKFpxaRSkAhmzcQ6abED6FzffJYzDTJNal55v3EFame-kMlQh_haglFAxMqVbnuagsTijUTo3pKGXhN_xEcBWatd3Q-oz3qrlncZzLMY9QslhphbcjRgcnOHwVCQQ8ROpV4WASlBKqaspGgZG8n_My_JsEVwE1KmPQU2JEWuXkbb5kgJzT4M0G_AN3-MuqEyO6d7ndHbmklq_Tvs7bxZL8pFUvJBlgjlFThiv1ls8uhazyAqHLKeBcYOdOVS1tFM2qZ4dlxlLwR3kHWfpDPM92bqCFP_aB8NFBVgLMppZQBKFCtJfD7Xe08EirdexllIule0wvmrPMQKitOJA5JFi10cION3Q73LvLgJsbpRZMOkYQfJAT9tfLxda01zH5e1znDN6ADsAmkXzuUafm7LChbUVZ5LPZ7B1BFTV2-Zxljr0op4bdR5QO6nnsE41zhmP0X4AgVSq4Zxhs5aTCvMkGMDeBTsnptg1r-h82mIzowVBxskflGpMS5WiQTQZxZK-x_rtV1PFxcYhdNI4SRk8EFYKialefF-wOZxbh8SBSaRArw_TXV8zefcTzkwXYDUXRlMnJ9EahJWy_ka0gXxRm5-kfTV9YICHbkN8iCMk7mQbxqYN9jjK35KiQp1XWkkGLno_24HVyeiVO8K-1d5wU9gNLJnNdoM9PXFIKB98fEMrlecHBg2SzUSkxD8SdjvulaYjh7oW3uYDHUapGBhlWcgFsSAso8VPgLfOUkFrz6JZRvG2O_mB-zPMVqYzRfG8KJgiLrE7pcCEkq0aWohbobd3x0mmSdPZVCyzuTYzhE7IBU5jSoSG7nV360e3J2rriXvOBBD33Cu4fT-q_UlQ40tWPD4n6WSBlHr6Z6vvi7fATXx3KH3bF6snWpGGPmiW_XGS2cC4rxPCoWz3QYrH9MtamHt63963Fa7z6Egvr6mhQuUzDogmWuJjyHlEaNX4Teqh3Vx2DfTnnZQEcW4WkCXdYtV1LbzShn19_lJ3rwqF8Ueea54zAQuzBUKGx2OPrS4jxrm6n9RZSBosWqjclYXy3i4mtKTOYiALlVU0H04nBj7ahAID_OaSzE2zgigYvprAEkEq8XLf-fsGC7u3mYr5OG7h8arn91iKpsFZjvdak2MUwWXamr276sOe_a1K3gsiGzu0uIOQ2C9YpP-crCYnHWrI7mhQQ_cvQAoqE_MNHNrsqgzGmAh6rf0ocooKrM6g6Dz7iVwMJpcX3jsFbqiAb98QJPj1sj_nM8VxqTR-v_5QW_ou21bSH8oHdmZOFQ_ccD5YiX_uXB0J4q1R1TPBzDG5GJ2_nJacOn9N_tcY08gCaALvk7ADKlW42At5dfZk6gZJJ0rnf9RSxe-_KtjM1UO1LC5xf-XC6TZUHKmp0J40S-8_K56SPgs-8seqIPU6L7StBiUh2z8z9sdotXeHOAW_2G-okH2x5aCkI83BUyiLlXEns2ZZ1SGlJ9uvCUnxeCtkU9e3MV8xE4SGGadty6FbwpS2gqJsNojPd_HqOFFG-G9XNitYTBwYRxtlzv_q06Xrzvu_jPsQUZPduA6K0Ll56ozIAjWamME7SwMXk-QNdBDFVcrYd6v2CTRAiOfbveNdXzYDfsuQftyZMFRJzVSR9lOtdlWLWDbM5lOr42Mqscj2Nwcz5N5R9mjilRqeR7OgKy-piAn1jZum_xmjv-IXl9vpBVg8nYmzZVxLu2tgYtxc_AiBL3noRoD24sww_eNsz_rgekD4Na-2XKd1k76QoLqPokRub9saMb1ZEqMyNaAGIMlr2tRDBTZC1_S8Bvz14SPn52S6LZveVJAUC384jdF-YJhihe4pgwQ-cELaSPRDpIqd5mt_siBQwYz0wTqFuE4qk4nmZSTLIRf5aLeAFaaW7K5zGWR7EPtxaIP2cso8h73k7Z1Kfhh077haDIWv65TxrDqhHPAcl45VwXKdnUyfbq8KLtgWq_wJrxcx5O1h3OXPmB5CIW5cwG7S79vx0B0oDrRCOP6CCKpdOzUJeGh_j_bt2kKPSoepd_tw7dHoqv6SCp9Pkxvmd0cVchgL3X22fp9sNMkVzN43JxF7LxooCuD3JKN_Y1MKJlGflcVjvH3b5rc_gprUwZf8XeFs5Vc_H2DE0PNAe3GVfKdYfD--li13DWSuC3ro3vv4OW3m_rXJSE2SUFK7AATuJQ78K5iz3GAIUoLolxsTKThg6C-mW-l51u4Klc0RobGFwdS228EG1eq8Th8Q5U6XFRFWqA4EVvzzIk77_tvqc3ZM5jUxQYwFRrBInvDp6Bcku7biPxXd5liw45bBltIavXq3lFus27QDU9t3ZB2XMsEHauhOMXmKr2hfKJDegHgmas4_U0BXu2JjsllP0qMUg9YC343kL8yOK2mU-lq6SFhoIWATOYenjGZWEI8wCacLPUy0VGHW4WdHOO_5XybMgM3SSwUisfRqkIFMvWkYNyIvrXiwVoKR_TDnNMM1zFWckMcQS24seB_oERG4okV1FAjSI4lTK9tye08tH9W51eDnkiFFZEAIOb9awxy66N4A4J6P4BCv8LgEhUUMoeQsBGyoDCOmVQhrw6OkgwsuOB2P-Joc_zG4TJv5vgjQclN_wMwL0O0lS7xORxmnxo_ntkxgIP8unnf8JQQ7APAuP52bX0Cgjxfoo68nCfgCcvmOwiw&cid=CAQSTwAvHhf_Dxnp1oMbEx8rGDgZ2d1I8f35K7hy--ljz30TXrIZJfu0aX0LH4ApvI_sxMWzov2Wajs5pX-VtxoXmpTlZYa1XzqSmTB7hAuCuj0YAQ&dv3_ver=m202309260101&rfl=http%3A%2F%2Fdownload-tlgm.ru%2F&ds=l&xdt=1&iif=1&cor=4335594759107708400&adk=2988274606&idt=145&cac=0&dtd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 11:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
72170
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11931
x-xss-protection
0
server
cafe
etag
11828260617052087593
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 11:24:48 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 6928 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 11:54:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
156801
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 11:54:17 GMT
truncated
/ Frame 6928 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d69ff981d3809f059f35995d2a2dd0ccd7620870ccbecf45c0b5f87d1ef8eb62

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 8C36 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27514
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 23:49:04 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 8C36 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHbdnWzhl04b8WRcwaGTJD9CFCuWIb_g_viEA26lfnFYimWHb1vtlS-SlS46hdjzFpj9PJE4zxO2O-0Abl1nO-r6DfdQtKF5bkaGs0-HlImfUMhjfXVhlezIgoImyGcicoF2yOTdxQYCahtrvidLh_JFx0wu0870dUTg68FmljOrIMuLw&dbm_d=AKAmf-ALvw2Rl9vAcdw2lqxdFt3hUGZ0bZLMzJz4o7nOn938y6KUuE6XU4574pYBNSCxjWrxBZ4bSEVur7qM8a9B-S6wjrwiZflYDurRilBdl8SEpnG59EJf8xNT8VYG6i8FgG1fgad4kNC4VGRPJET3bqUYFKyFd2ufwU_8lQUVfCWR5ch0MsqtJmbhkLfJ_qUHy5D7WsVGavlLs0GLt3g6KC3PYAKJig7UFy290P2pmMwcPFoFBcy9-5KCt1xwvbNrt7rsrmQ5UULeCDVvNhjdx2rlTHm5-h25CLMPwob8XAbM3_qmzsDD3RkI0_tH_s-VTFK9MdzDbbQsb-nAuXcFW46CoJIDhYT4SJQcTbiFgdXqAONHShxm8jT3pGyux66HGh6G8dGLMC5W2I94--5RjukA-Qe_ZHR81zYFh1TTyuoTm4LoD0P41LT0fjy4GjZw2DL2-r5Gsm269W_RYKfi8UkooDJOM9WuZ-pc_JKxcHyjbl3ATNxqeDV26x54hTaHXxRNjMFmH5RTTzbrcdpk32jUaXuuAagp-QQl4vvI32R7UU-TAOXyY-1hj2oVX0Pir4LzZhUUSXpTzXP1howZaJkKreyJg6wu-CL4AALUE7AHmXTBVW_ynmCb1E32-_EDzFEPcQG1TM5mYAdChO6IWgR7uEjvXNDTBTfppoOWpFNmZVnXONKL-Ie8pa5vHD2Y_laWmr0jlN0yHQnYGzCW9iAjc9j9o1f7rLZQGYLEdeVvYbzWS-6ZuzwMVMzJxrE6VtMB1teMwbfFIWHmnWsoVuaQpr65UgU64sfsxJrXahtzbu9lZY7jB3-VEQE0_qbqrszHlbPRBllJ2-M1QmFNgM91Fzz0FGW2SK-MtlX3uAMQjiiZIVCitFHw8wZKr7K-gYhtNAPlh2laH6zKyvpnMgYDNOhUDmzNH3XqGb_x2bHGvIqvK7pIXto0CaZn7_212hfr9qBz33BQQetYzMx5ry6RkAG1FxwBSOfaFmzBcjouabzx4MzDTZGVIcR3eTgYMrjcRGNfYGIx2UWcukpOWS28VqZ9qpkS1EhUdq2f_mu80SVHg0bIh0o5hP3Ciq-qzqJJM9yyFuk4sg_B3PJlrqoZJHWN5b7GiQc_XCR9hURPW0YuL2nJQRGKVYMcLL8XAOPfNJLWykbg0UD8Zot9_SH1OSHpWYvpeyouJ1aUq-pRgCRQMtEXzUJIa_t5ODzQXyi4ZZtgkv9iXKquyBsJyw81XRG3NI0yWa911pGdmdnakolHh36F3Mc5e3IrrajYyY1j01VMciSO5jStBsIuFFIUMPUxYqkSOhYmIb1Sr6kN3NMTAWaEcBCTgZnSB-TCnLqoV-SQcTGmtaDHNgbs-XdNtnqKAOpWhkVw0EgvKzxqEWebJJRoFmRZYtVOgrlkz5ibjRSdA93KP0WKIUVIqrRZPVY1OKpnB1g7J2wWCAHsSpCQt8Lw2npe-SMJhjU4CzJCBbLzn5ZjwYqnL6Zp72Hj09neQKvildvi7kWRuV581DSHqd_dXiabNezUZY5gpfS3xOROxXGGhvzvy7dB7JZYk21oMdILNsRrwpT5mdxua0JVet0cyiPEGNZsY8qac18Akp1hrGkMbrKt6PbygnWHAjvXIIMBXEPZ-7dySz3oyzO_EO0uVQgnsf8V3iQaaaCHFJAjjGHHLhECl2TTJznZVq1LnFSI3feIzpgZBNDCaTzr2XklfmivAhCh-L6sfY1hpQB-nrQnX-qErOvvhoY3icEdpcuT7TSc6YvZzMTFA3vfzc-lZ5vt6pEmPEyXlHgNusCHrRvOovsnB4NnyO3xvlOQif4E3YdTLBe2FumAzHUgpOYajk2PSo1uX1pjyLbI6HdpJL8A4_kLQoMmG6NW5kOtcX451szyoXUWvUy5qAXYiuZ8cz8MRLnQpekGMLvensliynV5ro-y1KhEBaydbM2NROIe4CmUM-odDBxVZ2CT6sLUMhEFZHN_xGy4P2vdUgeMFCLUHO7QsHvaeQQRKOee24TybnQtoesca6Ymg4-SGTkI1w9SKoJIhJBba5O9b4K-VUJxZuYzZ--pbsMBRddutA5c6AYeeTLKu6CF-3bB9zv9SiYNOGREGHmgyhimMie9Tsih4rXPBp3F6ZiISrDYVIZ5olhTEQ7JvKMWnxb8mDu6WHfVtCQfy3vI3-FHPOX42--UfEuA_O0KNgPKUUkgtK2nMI832tpEsmhgHWy3w_zVGBSwIcmfuEmqC-FMKWH0DlJie4iiCPhjJsFNbs2-LaH-Jd7M2mAomZ8-CVuJlBHpRezN47DkT8nyjhtq7ExmCY5LyW4CCzfEHNcEtYDjeGf5V8-u_zYQriUMM41LLMy_brweALSr7pG2cnIH8J_lmbONAHwja34QxBoZh2SiA8gu0Qial7Bm7nqPWI9gaDHxyJjgPJ0CidawGlp1zupyqb3YqDH199wwVM3N160Oge6Qu-lqCocmVhNLxBK3rtZ0lkvO5NJD7W7i5SPNtuKvmo2pfnmHGHaIsaUri9vzuxIq-Lb4p5eQ2VRZBtIIt91ATrm5_UzjHpyQY-hyesG3BQrzW5nSTlCqdlzrnnTA82YZzL7AekQD6z5nU_uzOQpfhaot3Fe1JBvEVSRjHjgsV8B9eSwhZMjpep43QUv8izjvw08pCuDe0DRsNpZnJxHUO0OjZ06hAbBEd3fXv6JkkvVcr5fSMsSTlfJMNi-eTsV1FrKSvoK19PRh8Y0RNcGkHUX6FfnvnIuAnpkBr_cd1UhW8Rsdp0GkaWcKxdzQKCjVdnYx0onTHFnqOcPx0HmB-4Nx7wXzHDYSfLaAThvhXQLQkqFEsXHXmO4BJCqhBcO3edB83MQW3qUuRq2VWN9tap1d64ce3j9ptxZc6nD-oppzhW__nOGjl0Ed8T0sUQe62ij1jSx2rwE2vfh7igZ3-TlnZBvztU6aZSL2ek112A0HKxZbzrmiWMLCNKlhVmz7ymKAknG7qshzmbLt1RUmmWqQicyBPFy5c1xwdXZsGIq1lYoOeRkQHy1z0I5QQGKZltI_Pn4wWOXb7qa29ExzUD6DvSx-MPKM4O0diyXrc6amzDBqcxTCjAcgkct_nUflRsT3OcTc52PqDDXaoJtPl6IELfTxvvlMQYvQeUXmeE-gS8LqmtOshaebTA9hiF1ojp6wwJq-4jyda7-tLpqhD1A5B-eXpSWJ6m46vRp7DsNesJdk6jBPFUI0lOtZbG-cuTtlttwmfo9ZyKbUL8T0h9i5yts83F0FtCPc4A-Kgb-FVIk2w8Za9WKTmiDmuOauEc0yRBFP78VJDrssBeLeJuo-_zTDmMFDweBXdNoNRb8GlCLsBi8Pj9CYTmY_MWh3POX8RBhNfWzYZtU0tw5sRYoXY88DuYOb3PnqyGqUZyCdSzQufwV3vWFXy54RNMoOWxntOC-ATJ93iSmv79mvUTn6-CfqsE_gkCUIukQziJzJiO-1wlApKN0QTT25Tc_m5nd2LOYCRSKYpKtUqy2_Oh3pe3RoUPiedYTq98qI_yJNwKSZDeBUkWEFp2jz0pP-pSCPU4y6juj_SQ09EnNvtuK609Px50HDHIsKtWDJl92f58a23rdHeXRmsbu5MygeBSJoegbYdZROYZq_56HVmT_9ltfwXQQPK4nUk8dAOPwRAICGPDAixHQ8qblUK28_S0WEinH1K3ptwHGswt2OCXDrHvGDmrG7lVR3_xmw-Sj5bNJ0BlyGcnwiCUzLCo0q2i3Aavay3uhx5Trgh9Wzz7hKzHte3aH6Yq40VHc23LJC_dAaVtwbqzFKOus0_hJNkuad3S0GbREsfkSYWKm_dFjT_Ej_BNX7xT1osMntwxfDgcDLFzFyqIl2d5An2YFSKmaNdxTviM_8e72ggfQ475LF8AZAeV98C-SZU9053shIJST33jEnamcPrcZiKuu2j1KUN6fa_UjW5SM3D4f7EntM3uSutBidZIkBQDdD&cid=CAQSTwAvHhf_Dxnp1oMbEx8rGDgZ2d1I8f35K7hy--ljz30TXrIZJfu0aX0LH4ApvI_sxMWzov2Wajs5pX-VtxoXmpTlZYa1XzqSmTB7hAuCuj0YAQ&dv3_ver=m202309260101&rfl=http%3A%2F%2Fdownload-tlgm.ru%2F&ds=l&xdt=1&iif=1&cor=2827461482437855000&adk=929882888&idt=157&cac=0&dtd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 11:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
72170
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 11:24:48 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 8C36 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHbdnWzhl04b8WRcwaGTJD9CFCuWIb_g_viEA26lfnFYimWHb1vtlS-SlS46hdjzFpj9PJE4zxO2O-0Abl1nO-r6DfdQtKF5bkaGs0-HlImfUMhjfXVhlezIgoImyGcicoF2yOTdxQYCahtrvidLh_JFx0wu0870dUTg68FmljOrIMuLw&dbm_d=AKAmf-ALvw2Rl9vAcdw2lqxdFt3hUGZ0bZLMzJz4o7nOn938y6KUuE6XU4574pYBNSCxjWrxBZ4bSEVur7qM8a9B-S6wjrwiZflYDurRilBdl8SEpnG59EJf8xNT8VYG6i8FgG1fgad4kNC4VGRPJET3bqUYFKyFd2ufwU_8lQUVfCWR5ch0MsqtJmbhkLfJ_qUHy5D7WsVGavlLs0GLt3g6KC3PYAKJig7UFy290P2pmMwcPFoFBcy9-5KCt1xwvbNrt7rsrmQ5UULeCDVvNhjdx2rlTHm5-h25CLMPwob8XAbM3_qmzsDD3RkI0_tH_s-VTFK9MdzDbbQsb-nAuXcFW46CoJIDhYT4SJQcTbiFgdXqAONHShxm8jT3pGyux66HGh6G8dGLMC5W2I94--5RjukA-Qe_ZHR81zYFh1TTyuoTm4LoD0P41LT0fjy4GjZw2DL2-r5Gsm269W_RYKfi8UkooDJOM9WuZ-pc_JKxcHyjbl3ATNxqeDV26x54hTaHXxRNjMFmH5RTTzbrcdpk32jUaXuuAagp-QQl4vvI32R7UU-TAOXyY-1hj2oVX0Pir4LzZhUUSXpTzXP1howZaJkKreyJg6wu-CL4AALUE7AHmXTBVW_ynmCb1E32-_EDzFEPcQG1TM5mYAdChO6IWgR7uEjvXNDTBTfppoOWpFNmZVnXONKL-Ie8pa5vHD2Y_laWmr0jlN0yHQnYGzCW9iAjc9j9o1f7rLZQGYLEdeVvYbzWS-6ZuzwMVMzJxrE6VtMB1teMwbfFIWHmnWsoVuaQpr65UgU64sfsxJrXahtzbu9lZY7jB3-VEQE0_qbqrszHlbPRBllJ2-M1QmFNgM91Fzz0FGW2SK-MtlX3uAMQjiiZIVCitFHw8wZKr7K-gYhtNAPlh2laH6zKyvpnMgYDNOhUDmzNH3XqGb_x2bHGvIqvK7pIXto0CaZn7_212hfr9qBz33BQQetYzMx5ry6RkAG1FxwBSOfaFmzBcjouabzx4MzDTZGVIcR3eTgYMrjcRGNfYGIx2UWcukpOWS28VqZ9qpkS1EhUdq2f_mu80SVHg0bIh0o5hP3Ciq-qzqJJM9yyFuk4sg_B3PJlrqoZJHWN5b7GiQc_XCR9hURPW0YuL2nJQRGKVYMcLL8XAOPfNJLWykbg0UD8Zot9_SH1OSHpWYvpeyouJ1aUq-pRgCRQMtEXzUJIa_t5ODzQXyi4ZZtgkv9iXKquyBsJyw81XRG3NI0yWa911pGdmdnakolHh36F3Mc5e3IrrajYyY1j01VMciSO5jStBsIuFFIUMPUxYqkSOhYmIb1Sr6kN3NMTAWaEcBCTgZnSB-TCnLqoV-SQcTGmtaDHNgbs-XdNtnqKAOpWhkVw0EgvKzxqEWebJJRoFmRZYtVOgrlkz5ibjRSdA93KP0WKIUVIqrRZPVY1OKpnB1g7J2wWCAHsSpCQt8Lw2npe-SMJhjU4CzJCBbLzn5ZjwYqnL6Zp72Hj09neQKvildvi7kWRuV581DSHqd_dXiabNezUZY5gpfS3xOROxXGGhvzvy7dB7JZYk21oMdILNsRrwpT5mdxua0JVet0cyiPEGNZsY8qac18Akp1hrGkMbrKt6PbygnWHAjvXIIMBXEPZ-7dySz3oyzO_EO0uVQgnsf8V3iQaaaCHFJAjjGHHLhECl2TTJznZVq1LnFSI3feIzpgZBNDCaTzr2XklfmivAhCh-L6sfY1hpQB-nrQnX-qErOvvhoY3icEdpcuT7TSc6YvZzMTFA3vfzc-lZ5vt6pEmPEyXlHgNusCHrRvOovsnB4NnyO3xvlOQif4E3YdTLBe2FumAzHUgpOYajk2PSo1uX1pjyLbI6HdpJL8A4_kLQoMmG6NW5kOtcX451szyoXUWvUy5qAXYiuZ8cz8MRLnQpekGMLvensliynV5ro-y1KhEBaydbM2NROIe4CmUM-odDBxVZ2CT6sLUMhEFZHN_xGy4P2vdUgeMFCLUHO7QsHvaeQQRKOee24TybnQtoesca6Ymg4-SGTkI1w9SKoJIhJBba5O9b4K-VUJxZuYzZ--pbsMBRddutA5c6AYeeTLKu6CF-3bB9zv9SiYNOGREGHmgyhimMie9Tsih4rXPBp3F6ZiISrDYVIZ5olhTEQ7JvKMWnxb8mDu6WHfVtCQfy3vI3-FHPOX42--UfEuA_O0KNgPKUUkgtK2nMI832tpEsmhgHWy3w_zVGBSwIcmfuEmqC-FMKWH0DlJie4iiCPhjJsFNbs2-LaH-Jd7M2mAomZ8-CVuJlBHpRezN47DkT8nyjhtq7ExmCY5LyW4CCzfEHNcEtYDjeGf5V8-u_zYQriUMM41LLMy_brweALSr7pG2cnIH8J_lmbONAHwja34QxBoZh2SiA8gu0Qial7Bm7nqPWI9gaDHxyJjgPJ0CidawGlp1zupyqb3YqDH199wwVM3N160Oge6Qu-lqCocmVhNLxBK3rtZ0lkvO5NJD7W7i5SPNtuKvmo2pfnmHGHaIsaUri9vzuxIq-Lb4p5eQ2VRZBtIIt91ATrm5_UzjHpyQY-hyesG3BQrzW5nSTlCqdlzrnnTA82YZzL7AekQD6z5nU_uzOQpfhaot3Fe1JBvEVSRjHjgsV8B9eSwhZMjpep43QUv8izjvw08pCuDe0DRsNpZnJxHUO0OjZ06hAbBEd3fXv6JkkvVcr5fSMsSTlfJMNi-eTsV1FrKSvoK19PRh8Y0RNcGkHUX6FfnvnIuAnpkBr_cd1UhW8Rsdp0GkaWcKxdzQKCjVdnYx0onTHFnqOcPx0HmB-4Nx7wXzHDYSfLaAThvhXQLQkqFEsXHXmO4BJCqhBcO3edB83MQW3qUuRq2VWN9tap1d64ce3j9ptxZc6nD-oppzhW__nOGjl0Ed8T0sUQe62ij1jSx2rwE2vfh7igZ3-TlnZBvztU6aZSL2ek112A0HKxZbzrmiWMLCNKlhVmz7ymKAknG7qshzmbLt1RUmmWqQicyBPFy5c1xwdXZsGIq1lYoOeRkQHy1z0I5QQGKZltI_Pn4wWOXb7qa29ExzUD6DvSx-MPKM4O0diyXrc6amzDBqcxTCjAcgkct_nUflRsT3OcTc52PqDDXaoJtPl6IELfTxvvlMQYvQeUXmeE-gS8LqmtOshaebTA9hiF1ojp6wwJq-4jyda7-tLpqhD1A5B-eXpSWJ6m46vRp7DsNesJdk6jBPFUI0lOtZbG-cuTtlttwmfo9ZyKbUL8T0h9i5yts83F0FtCPc4A-Kgb-FVIk2w8Za9WKTmiDmuOauEc0yRBFP78VJDrssBeLeJuo-_zTDmMFDweBXdNoNRb8GlCLsBi8Pj9CYTmY_MWh3POX8RBhNfWzYZtU0tw5sRYoXY88DuYOb3PnqyGqUZyCdSzQufwV3vWFXy54RNMoOWxntOC-ATJ93iSmv79mvUTn6-CfqsE_gkCUIukQziJzJiO-1wlApKN0QTT25Tc_m5nd2LOYCRSKYpKtUqy2_Oh3pe3RoUPiedYTq98qI_yJNwKSZDeBUkWEFp2jz0pP-pSCPU4y6juj_SQ09EnNvtuK609Px50HDHIsKtWDJl92f58a23rdHeXRmsbu5MygeBSJoegbYdZROYZq_56HVmT_9ltfwXQQPK4nUk8dAOPwRAICGPDAixHQ8qblUK28_S0WEinH1K3ptwHGswt2OCXDrHvGDmrG7lVR3_xmw-Sj5bNJ0BlyGcnwiCUzLCo0q2i3Aavay3uhx5Trgh9Wzz7hKzHte3aH6Yq40VHc23LJC_dAaVtwbqzFKOus0_hJNkuad3S0GbREsfkSYWKm_dFjT_Ej_BNX7xT1osMntwxfDgcDLFzFyqIl2d5An2YFSKmaNdxTviM_8e72ggfQ475LF8AZAeV98C-SZU9053shIJST33jEnamcPrcZiKuu2j1KUN6fa_UjW5SM3D4f7EntM3uSutBidZIkBQDdD&cid=CAQSTwAvHhf_Dxnp1oMbEx8rGDgZ2d1I8f35K7hy--ljz30TXrIZJfu0aX0LH4ApvI_sxMWzov2Wajs5pX-VtxoXmpTlZYa1XzqSmTB7hAuCuj0YAQ&dv3_ver=m202309260101&rfl=http%3A%2F%2Fdownload-tlgm.ru%2F&ds=l&xdt=1&iif=1&cor=2827461482437855000&adk=929882888&idt=157&cac=0&dtd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 11:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
72170
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11931
x-xss-protection
0
server
cafe
etag
11828260617052087593
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Feb 2024 11:24:48 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 8C36 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 11:54:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
156801
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 11:54:17 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame C30A 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
156801
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 11:54:17 GMT
expires
Fri, 24 Jan 2025 11:54:17 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 3599 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:07:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
37199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 21:07:39 GMT
index.html
s0.2mdn.net/sadbundle/15963971234539850078/ Frame 6BBF 		673 B
438 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=OXY7gb8vFJ&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd67157c7aeb1d870dbc2ba8b6b353758a813dccfdd253be8854b60513884640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
409
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 07:27:38 GMT
expires
Sun, 26 Jan 2025 07:27:38 GMT
last-modified
Thu, 25 Jan 2024 09:58:23 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame EA88 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsth2UBIIFlb5jZYQX3l_8H5brjb2Elx_GMEq6et4SAa_MYzip5TOP81Ux5wgC6GtKnhQIK3N0ltFR3sK7whyzpxIDLV445Kfd2CHxf2cR8mF8276b863tGeyobiGx1giqh99FwS8adV1MXsGlGuWmN9XkZ1MRBSb63RYRD_Jr9TrVADlqCXL-6vPKziabfT4-sCGe5HwX3FSnz5CIG_1Wxa-SUstvH4Ss0g7zsEednGoawzoA0Ew5kUer3EB6rbW8Ei-6Cx1gPImTxEfw5zGnHHMLSNNtKfAwztHRbmJN1xfNYC2_CvPz8xU4cCJ17HPUNPf3G5d1lsamUai86wATDVv0h9mPeFaiV-mssZr-xtIyFdVezn6kzxvv0N6Qv9JdV0RP1x77vwBAQhVnLyc35ynJn5zun9XaUL8oPkZnCZMFp2DPnWpSPuJ0tJLe6nB_qHX2QtkFGx3-a9Ke024n47daUtNwF8Hy2j7YUjiD3S6ZyQfkX2JQSls4yR_Co1J-yEwl1xNFieZftLY-E5WJhEG9bTX44CMX2UygdVOOrR3BtkoMWRGyCzlwcLyZUxwGl_u_CcAiw2xI7CVJu_Ez_bDazpd_HZZiiLuSflrEdMDm2ZNmTYV0tPku2c2Q-qzJkRU1f5kvcsxYnsyTqs-kDq5N2W3pjKYSfXJGO7Iz195XzZNVZfs7_Fnjs18LgYo98HtHG932t29k4DbqufT-2hmBA8WwvQs-Y-CogbgUuXBJptxVWelfw2t9KtoXxI_ZLeMaZ4Zjyswar6xmsw8fuCMTBQ8xgaQ5eKKhiHsgy6A4H0O1amacp6QzRU8OfFmsHmz8lIeiBZyrfMWGg5-L3CLgNq-PPlnC3y-WUEOezDb3jUEU3EBEgMr4QlMKAfsCy0VrBPCdbHtVSawNRCC04coLPIz1JDLt-yU7xzrPUPp4l91K8H6PaR2QNv9botrg4I0jiFNq3kxUnRvBVFQwRyEamBPAto6QJavczpYwac7ACfJ3Sl19m8C0CnCfL0zS8XCc5NaHjpG_4SNdvaNjVnBflN5nzJPBLGDIObkvCX_m9AcX53-4hfQ6EUjUHuk5H8I8IyGjdYkedIhJt_GjE99StQiA29K8r_Er28J6k5EbGXaHUA6KOomlqJxCXgDyctuPkq2Z9dhjhNBms7v4eCeqzD55xWF9YdHaC86wr7AVPZsVgZFYd94qnii2LaOjIGKkrcTThQf_Qx0zXF17TaOFYCKyDLjpOECYVBCpa3A7VV4GgHr03DotRqv63duIp97dwTV6ILM2DgFOB0N488BRmXFyTASBqHIq1ZjR13qSRvmiunCg&sai=AMfl-YQmr0x4q8U1WG8rT0i9U1QoB-qDuYyY4OmlqtjWEirY5N9r8lKFNftulVu38Rrt6RDF-IMz2KSJhL4Rb8avgACOYWvRf3w_IZPVhgXlf3CAQ8Wqi14sPPCCBfW8UGPg91mDMZwvvrF76tlmUwzH5OB9yzAeY6Ho27hjCI3tCjs-PcC-k52Y8qSOyHK8cf-Wuie5F1JCvWJITfXfj0DSox2SaLsBhiEOECV0GjwvAuK_gHItwCfEV0tit4QvgkRs4zVyFd2egZGwh3FmSjqxy3J2CkUi6z2fF7XR42Wd-w&sig=Cg0ArKJSzKlsmjwZq86lEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=160&cbvp=1&cstd=155&cisv=r20240122.30347&arae=0&ftch=1&adurl=
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 27 Jan 2024 07:27:38 GMT
index.html
s0.2mdn.net/sadbundle/12155554735787715593/ Frame 4D9E 		671 B
438 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12155554735787715593/index.html?e=69&leftOffset=0&topOffset=0&c=PWrV01EcN6&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed6780130a3610bf59c06971d92a5116a59966c3967771bc672fc19779983572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
409
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 07:27:38 GMT
expires
Sun, 26 Jan 2025 07:27:38 GMT
last-modified
Thu, 25 Jan 2024 10:00:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 6928 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsugdhqRoy7LylOKp4gVEHGdE482pkXAp4a4_Csz3P20PIqVN93-UbEzMWgkv8VjqqtuZkk_EvNLHSBgFkFW70RfBmRvvKo0OBx89Jk8rgKubzuTPRzFaIovcyMaymrgHRTLQvE1t8aAVJQdC_1qH8v1lA-OKmbC2TUZZ3aKHB9rPNZkgsfGTBMRfq8uYOxav7mAqwr62dYGB22N3wXoFuPqVVYWWqR0irU7j3mTdPJ3m4b1yWTIGMRUyktnkCk8lSiHRFiC_gVO4evPd1ETgXUh5zwBqb9WmUN1iKeYIg1Yynw9ngfiyLOdOFLITyYGLfIT-4oI3a8b-vA1dOsWGett7aMd0nEfJ7Zv6FaesU5cpNCyjyrZsiHfPusSHTyPws5v86bpwhzkRXG5-_eg2wciBjhrtQbKqMK55dZROJ7wGDYvjIJ70wUQShZs9_CMX5hOxLDkVDf3fXvQKLP110U2w6nnUHuYKNLNDSJzeaTrzv0KrdMfeIr-ll8BgOPj7xr2y3BKxT-RBqNBTYlayqI9QOqTJtBc3XeMCBy-cMAGivUPLhX4WuhgMAjveHJ5J0asH6Nc5jGFGoLpNzKoFpnixc_7Hq5R2YFrW6yl1Qcjx_OChsBlh-2xlLOwBr1S07mykVQTRlG2GJgaUexakB64uxP4K-3b3sW49bdhnp5cqEAdk9fTRc0SNyDe9Qm0lga8Xwnw8to8gET2opCM3iAHvBUBJ-xFnB_c-OttHUYvAWM3LAWizM9Zyf8Tb_hu5Ae7Eu5Njpz1_Q_wgVGVBAvNWz-8ECtw027q8tbYwpXAjLwkgSKBB3U-QIVzHsCFKZ6Ds-Ben98PCSD1K2rWcvscWFCaRaDcPK_sW-11yVaNhEQtZvOcN6fGuzzRjQfI0pPSA9FZn8dX0ghkX-whDOpBNOg_ssMaRTXPAqRmaK4YvaRl3IOdg7DTHKhcHp0Rb03siNGw8J1Tl2npWMbtHJJYsylcsgObU7hbKqT0Vrn4Fg5BkTu_g6qtmMD1WLy3rAxVEEih5TD8cIAIXYtNnZfRRFxmPmqPpEtcXD8m0H7k1cPyyKraVjL0nbaPgyks_XaasXcoCMNZJXm-eQxI80f60mH0VrjsASLutUfvEZ6DIbv0wmT0Ti05BR8bri2anSCnNJrFPfUS8C7XMMB-y5YQlwkQkes2xO-IL750TZK2qj2tOODoZ4tO9z3jhn87dguwuC3CVFdq3flsIXR4Q3R5a7McetkbV_HrUpB7f0VKip3fjA9C0ddX9QDn06Aqb_s9Qs3DIY2_NIG9lWmunU3UJ_qbf0M-tN1A3fOIvDGQ5iWW2pGZhhciAQo&sai=AMfl-YQcsdqMk-bX0KGfMvEIbiHl4f_L9LM22yBzp8OVURwGFoP6Lu-DCCDQ7yGnIko4cGNVaAcZV0LXI1_WzeX5xDx-rOV0WyOh2ay98Pe_f5XtMg9D_CfwnbWJaMHjVzo6nZtG4rIRoR-3SuwVdAyC7l7AZr7lxiMu0NyFCInlgNr5kli4T-jJmY87m05010KNx9oGMW39TPVY6qF_1pTWD5Zieipifuiet6X_BtpPLxIvuEubQUZcn03pW4NI-2watI7z_2HYfnL8h-R7nIl74Vb0PbqvjJk7ptiSzLlYhg&sig=Cg0ArKJSzHqne7f9i5LmEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=102&cbvp=1&cstd=98&cisv=r20240122.79618&arae=0&ftch=1&adurl=
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/15963971234539850078/ Frame BFDE 		673 B
438 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=TnAaXH1kz1&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd67157c7aeb1d870dbc2ba8b6b353758a813dccfdd253be8854b60513884640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
409
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 07:27:38 GMT
expires
Sun, 26 Jan 2025 07:27:38 GMT
last-modified
Thu, 25 Jan 2024 09:58:23 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8C36 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOZHZaSP8HFbO8sNK26Ov4VtiDuCRQVezjVYylmc6sntWYgCYOuwdjmA88DB9khtXGks6mGuXGpb_j04QwkGRCzUvQ5_hjGzd0dn7CxtupwhI0EZtx8e4c8fe3pj9XBXpymbFen2AE2RzUXXrkb5ZDxDxcwHygYdSe3X4ClL7t0Mmsml9YUtsxxOSARrSjLCPducaiywdRqMplj38zlbN28YU38AjKlIxYg6Zio52HFG2s2Qt05kKjdXs6hcBher4f_Tg3IpfNy_b4oAg5i_G2jq-Er4VnSSOx5pH8rb1FmXUPEaqFo7cMmYsa3H4YjVUEB-HcYgEmG0rFKgLBEszrO-gMdo31IBaeHw3B1SRB2OMMfLXtsMYSgja6SP0F5CZa7hE5Vj_AZXFFvV1jFHiTYhAHg4Zarl1qSHYhisjfZyGRfj6cRGLZBWPr5bBzti-e5HeNbaEfV8nbVKye4ph2fSUYfYO9A63BjbRKLYW9TaO4k0-Zy8ZNKTGBK0hUuEyJ0Ugo3rgOc8dpZATzyEw1CpE6BHH4H9VCelgIhMz2fawVQAnqd7TnuABYQY9md4DX9nMTh6DnE8M650U6WT51YUJRD8knkJ_CEn94NLacpKBnCWs-AJ5eVBfMWvcc00M7YjNjBqn7g13JQvv9UMF--HfQjb7KPQdwlVW5mysKN_qD67AnIh7XXkAaxx7aqrWkyXGrubyOgiLje2rvgv8nZI98x9k0QbEl5zy6wTBZ5B05CqUxKP9t3C6yjPAiKlMr1LdEKY_ySVIT2eYtEmIQ6baUNz-YY_eExewNakX6bU6Sjcuw3QQUk5Yc4uAoxj1zPiurIXRIV7w1NeXI4NdLRnm4eSrLNcB_aeBpIp3LYo3rCt2-y4rNDmUDEGqPSjgNfqrbYKa_YgykLHuS7rY_U37Zei-d5oWkptcXY1NTydGy9b4NH4yo6r3rngdpr-0hlfOkco7ATqo5fMxhzJ8bjcJ4AGeQk34o76i84AgVI3Ho1zf6bDB1OeBWq9wlgV5OVCtkAFloBLDGqFPeJNruDX2f7IMHmIWWGGn-cmVowep3MgUvnsO1-rgUPRCuhAHJXjCV0E7l1yOWGWHmbRXSFFIiR6Up9vLvhIYuZ8-PFUgTxuZQfyqtsw2w6ZbdrvI2DzBzGqZVuWVP-IyhcdwWJtU-AewQqBqHKeUSljJzkSVEA_kZKoMYrwXceAxUYriBx0JhRj6jDo8sqpww-n3U_WX6sK7Z5WnaQb6obLNhYhBnqvZIge1TA3-JqubQkKuOWa-Vm-FIocMiiBy4LmVSp8VvFiMZdAp2o03SzsbwIJK9poIykg&sai=AMfl-YT_aAWkOx77iK52Y9isDju7zdgQk3_tSeawcRgO3Exw96cccG4WnYVWazrqzdFRB_AWwAqeaKNRS5C1EvmCvSKHc4c6St5gFf-8-z7cSPb7iAAv4NEyQfYJIV-C7yUDiVDaim5OW7Sbgk3vkxCFCjJOfbuZwWPExHmgnvzxf0Iv8Zt91seEr0xgLupZf4wkPhZXeSb7ACuDXFPLCSrcatihUsCaLH0bYSZVbr1CpH6Buc67xxqFH-M0jgPenj5teh-JrXPAnr8ugyxxTkXoaa7LjIXkrSMsAZk3GFiOgQ&sig=Cg0ArKJSzGUpcMfz9n87EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=70&cbvp=1&cstd=67&cisv=r20240122.96211&arae=0&ftch=1&adurl=
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 49F6 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
156801
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 11:54:17 GMT
expires
Fri, 24 Jan 2025 11:54:17 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame C30A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:07:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
37199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 21:07:39 GMT
/
track.adform.net/videoad/event/ Frame 399B 		35 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/videoad/event/?bn=67886237&event=25&time=0&banner=60577464&imprid=7674214883904101070&rnd=793944&
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
dc_oe=ChMIgpH2xoX9gwMVIE5BAh0QrAvjEAAYACCY6theQhMI5dfMxoX9gwMV64aDBx2iZgBS;dc_eps=AHas8cDKEbL6YbS0uab92yG6sCzoygWe8S6JQTlFioA5DyOfsz9MlRtbW-CSd_3rQXHRLjC1RVYr5dg;met=1;acvw=sv%3D960%26v%3D20240117%...
ade.googlesyndication.com/ddm/activity/ Frame 399B 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgpH2xoX9gwMVIE5BAh0QrAvjEAAYACCY6theQhMI5dfMxoX9gwMV64aDBx2iZgBS;dc_eps=AHas8cDKEbL6YbS0uab92yG6sCzoygWe8S6JQTlFioA5DyOfsz9MlRtbW-CSd_3rQXHRLjC1RVYr5dg;met=1;acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15061%26vmtime%3D14%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D192864442%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1706340458499;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 399B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C1UphabC0ZaX_E-uNjuwPos2BkAW2zbjTcvi_05zKEYr9oITDARABII6g0GVglbKVgqQHoAH59-vHKMgBBakCZ9RZb1k1sj6oAwHIA5sEqgT2AU_Qx8eHIttnPwxpG4J-DALr7DXA0J8DCHPC-27zoE9CKVCCw0fZBJTxfjLOE0ZCWWYgG7JLg2rx3ZNjp2NL04HBznGtaAiIjT1_S8NI9PcOookIzKRc9b8N607f2wPwC-oYyJTWrNscuMdvUlcX3wSu20NOe9o7l9xsVjjvbiy2ZQlYK0Qor1v0nG21IAgtQz_VTHro9TCuIi7kr9hFY1l1qG3KR_YvgUDZQFuANDvW3X7Itt9MhiasUZ7FpJFBpWeg1dZc8iCEsgr5gmreJQi6f1pNWQhMrSzb2hl7imHmNsvWwElGf5hpp2zdgxe_ROSlBaHxc8AEuMbhn7sE4AQDiAWEmLitTJAGAaAGeYAH-a-8pwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljWuszGhf2DA4AKAcgLAeALAYAMAaoNAkRFsBOS1OgV0BMA2BMKiBQB2BQB0BUB-BYBgBcB6BcBshgFGHkiAQA&sigh=aWWeXwY6HD8&label=part2viewed&ad_mt=15&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15061%26vmtime%3D14%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D192864442%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1706340458499
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4622439471653545&output=html&h=280&slotname=3547231412&adk=3563481279&adf=3642323547&pi=t.ma~as.3547231412&w=1040&fwrn=4&fwrnh=100&lmt=1706340457&rafmt=1&format=1040x280&url=http%3A%2F%2Fdownload-tlgm.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1706340456996&bpp=3&bdt=517&idt=298&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&correlator=2048886132120&frm=20&pv=2&ga_vid=969955348.1706340457&ga_sid=1706340457&ga_hid=886679608&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080589%2C95321627%2C95322165%2C95323006&oid=2&pvsid=199225707555881&tmod=2064311856&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=305
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/videoad/impr/ Frame 399B
Redirect Chain
  • https://track.adform.net/videoad/impr/?bn=67886237;rotseqno=1;smid=0;1x1inv=1;srctype=3;unloadid=7674214883904101070;ord=793944
  • https://track.adform.net/videoad/impr/?CC=1&bn=67886237;rotseqno=1;smid=0;1x1inv=1;srctype=3;unloadid=7674214883904101070;ord=793944
35 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/videoad/impr/?CC=1&bn=67886237;rotseqno=1;smid=0;1x1inv=1;srctype=3;unloadid=7674214883904101070;ord=793944
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://track.adform.net/videoad/impr/?CC=1&bn=67886237;rotseqno=1;smid=0;1x1inv=1;srctype=3;unloadid=7674214883904101070;ord=793944
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
view
googleads4.g.doubleclick.net/pcs/ Frame 399B 		0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssz4lyq2EGTXC-U31swJa07EgKzaz1Rg8moJvoN04KwNKxQ-8IpVyY3hdQLslSwjl81463UPVj32aiF3Zoys_QAv4KsEJnxebazvzbJo8t4YI-PWkxpA1U9F_xfgUhjgnfXFT1bL3Nd7KyJMdppGfdcJSar1z5avK01AH5TEqMkGTAMdwDpTtv0mZd7qe1jmIIR_E7_gzwIqZ6cbd_Y9vAh61k-BPV-PHrzORxdvq1QajQXF2pPbwcgo9ruv2dSjrkRDURlZWoQjAHvHeOZGZ4CwWfCcCVd0fa-Jjl4fJw2jUEfe0NbKX7fPcHGHMbZK_LtqsOYYhH1ndD_Zmo_ArHuzLFC4dAJQr7DFNwEK-s-DcGRMBFDkkbkRaz07f_cUoKXFvbr_34THdb1VvgriHDO3_-uu9SvXoVOufKEGTwM5KPh3l178HG-qXMa5qlXeUH_bg1X2AGT7UT45Prbll7H8dqZklUe2qvMf7-kABS25wKm-enqTgDc_Jra0rYfqqpl0ok_Vxvnj9EcEj52ZG3dikm3y8mjaF2-oFVz-xnvhNTFk_ymGHaZOC73QNqXXvjzAmpoTc4lJLNvfNkwLAYkZ3foEtfuqvQnK_cjakfoyZBxHwa916RqSS-B_50iD4Zz7XRg72kIKmIOM_qgn0v684KLJCB7ZpVmJmTHMlOSCfd9wV63A20wQBENeQKICXHa8EETpyOYA6SYkXuUgnctVmMl4N3g9G-1r9p8fXSL3EUQyUl_mPknwPgmRyafxsVIvnZ4HAxtGCRt4mR2mRKdjDJ3M_7FiN1YeucuBM7fsa-qGyX63WEuxhLBlm5qnKi8Oe_lhbO8FFXcH5nqt-KV7xgMQ-KLHYvPQKu7tEZwgmvsS8nJynrsslYVMCmG6WMjkQrpcY8F51QAjhhqyscg7loTdAVEYmtIgMYe6juqF8lUekj6Mfzn_StIKxtTnksLJhkzkTWd0DJg0DyKfoJthOOTbtrniNLZTrOMpjMDzl6MFXZgj9OXvWXBtzsazNTYON1a50kICD9owlCRJER-KAot2uIAnhzAxTRgEj6YaIggpvx9pBoi6f5FILWB5guiYi3WhLblm2fiZBUUDNQIRbq_WVnm6Fq55prgPTbDtpsiJMmgr72IbeCrE5xVH0tPAmS0wrrbkliUvEqM5nTGzEGyEQQ-e4ZTqy3d7tRDqR1mnjWqLOTTvSVcmdq9BlVVDqGpOJSuoRthqGFTPbn4NIhssNrBKg&sai=AMfl-YStjC2CvSuNoJzWSzwOBuRQnYLdUy8Uxoo1jhrgV7fsn6l_djxv-wbtBtXLlsByec7eNzld_UG2RPBgCykFnyQwDLIN7bcNcNwsWxPjbEWKRML_7IPMQRWQSIqra25YZ8kxlnHcSfFsT840SzYIYIfAOLmspbn5O8FjjguOnKtq-dBrFkgBnffpngHwJETlwHNOuswLE6UQQ9_cUa82n5n0j9X1BJcwQZVUesTNiRAaKPqDkkF3qieVC8EwdtODoco-TmZJHkH0k7f_0S_m__4-6ozeYslZMcyMz0zxzg&sig=Cg0ArKJSzKUkQRbQX01KEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame 399B
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CKKLg6UDEN7rwqoDGLfWqPYBIAEwAQ&v=APEucNUNbFnyLWONj1kDtchtV24AdnuqQtGyzWaCzSK4nW7FnDJRge3vFOE0sR44DTPRRE0FIte6HkUi5JNwMpsHah4cKl9lCw
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 399B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 399B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqQEeO-D1Wx44yWFKSO6n_JHfN7wc1pg5ZgbAGdkNJ9HCekC9SVhXXtdjEXkXLxtxOBhNDg6TNvbc4MP1qY9WWMjqaleK-I3W5KMPccpouwx0SeZS5zwUC7EPrdx5SSFFMSA3-cSEWnSzeBUYZ9L5-f6mL&sai=AMfl-YSVls1P6Vy7eb3ZhQeofIKOJW3lTDjl3DQEVuJAOthpCSEiZ8i2490-3QmJWNkqQw1oPRIpgankbbj8gH3NnCuy5GvJxGcpWdl42Uag8s5d-9k8wulXMDMagZT-fv4DZ4fu6K8UrWHP0zoKUY-Blg&sig=Cg0ArKJSzGXabpxa94wBEAE&cid=CAQSTwAvHhf_55tBSbMUZ5F08YKCIVD08OooenRcsvWMmAs3IMBIUYhJEmWzWPQumQTkw8Y3ZypUw7GqOATW_NFt1VHJqV1InZgcWBGgbic6AwsYAQ&id=lidarv&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15061%26vmtime%3D14%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D192864442%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1706340458499&avm=1
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/videoad/event/ Frame 399B 		35 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/videoad/event/?bn=67886237&event=40&time=0&banner=60577464&imprid=7674214883904101070&rnd=793944&
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 399B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C1UphabC0ZaX_E-uNjuwPos2BkAW2zbjTcvi_05zKEYr9oITDARABII6g0GVglbKVgqQHoAH59-vHKMgBBakCZ9RZb1k1sj6oAwHIA5sEqgT2AU_Qx8eHIttnPwxpG4J-DALr7DXA0J8DCHPC-27zoE9CKVCCw0fZBJTxfjLOE0ZCWWYgG7JLg2rx3ZNjp2NL04HBznGtaAiIjT1_S8NI9PcOookIzKRc9b8N607f2wPwC-oYyJTWrNscuMdvUlcX3wSu20NOe9o7l9xsVjjvbiy2ZQlYK0Qor1v0nG21IAgtQz_VTHro9TCuIi7kr9hFY1l1qG3KR_YvgUDZQFuANDvW3X7Itt9MhiasUZ7FpJFBpWeg1dZc8iCEsgr5gmreJQi6f1pNWQhMrSzb2hl7imHmNsvWwElGf5hpp2zdgxe_ROSlBaHxc8AEuMbhn7sE4AQDiAWEmLitTJAGAaAGeYAH-a-8pwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljWuszGhf2DA4AKAcgLAeALAYAMAaoNAkRFsBOS1OgV0BMA2BMKiBQB2BQB0BUB-BYBgBcB6BcBshgFGHkiAQA&sigh=aWWeXwY6HD8&label=vast_creativeview&ad_mt=15&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15061%26vmtime%3D14%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D192864442%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1706340458499
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4622439471653545&output=html&h=280&slotname=3547231412&adk=3563481279&adf=3642323547&pi=t.ma~as.3547231412&w=1040&fwrn=4&fwrnh=100&lmt=1706340457&rafmt=1&format=1040x280&url=http%3A%2F%2Fdownload-tlgm.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1706340456996&bpp=3&bdt=517&idt=298&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&correlator=2048886132120&frm=20&pv=2&ga_vid=969955348.1706340457&ga_sid=1706340457&ga_hid=886679608&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080589%2C95321627%2C95322165%2C95323006&oid=2&pvsid=199225707555881&tmod=2064311856&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=305
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 399B 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&puid=7~lrvr1vxx&c=6006080755292&slotId=3003040377646&qqid=COXXzMaF_YMDFeuGgwcdomYAUg&fb=outstream-lima&gpm_i=4&gpm_c=4&gpm_a=4&smb=Infinity&br=625&mt=video%2Fmp4&vs=468x832&dm=15000&event_name=first_play&asset_bytes=173804&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=7&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.x9~ff.xg~videopreviewstarted.xg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:809::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 49F6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:07:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
37199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 21:07:39 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 4D9E 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12155554735787715593/index.html?e=69&leftOffset=0&topOffset=0&c=PWrV01EcN6&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12155554735787715593/index.html?e=69&leftOffset=0&topOffset=0&c=PWrV01EcN6&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 11:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72614
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 11:17:24 GMT
template-db7349e4.js
s0.2mdn.net/sadbundle/12155554735787715593/ Frame 4D9E 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12155554735787715593/template-db7349e4.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12155554735787715593/index.html?e=69&leftOffset=0&topOffset=0&c=PWrV01EcN6&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55ee9510e78623f5fd1309067dc6e7a15f70d48e23e5658a0aa81be100ad232b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12155554735787715593/index.html?e=69&leftOffset=0&topOffset=0&c=PWrV01EcN6&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 24 Jan 2025 10:00:50 GMT
date
Thu, 25 Jan 2024 10:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163608
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13540
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 10:00:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
index-66cbe3b0.css
s0.2mdn.net/sadbundle/12155554735787715593/ Frame 4D9E 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12155554735787715593/index-66cbe3b0.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12155554735787715593/index.html?e=69&leftOffset=0&topOffset=0&c=PWrV01EcN6&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66cbe3b02faabbe4f4b649a9928e98d0828e817ef3d2b060cf4a9b9918166c41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12155554735787715593/index.html?e=69&leftOffset=0&topOffset=0&c=PWrV01EcN6&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 24 Jan 2025 10:00:50 GMT
date
Thu, 25 Jan 2024 10:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163608
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1452
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 10:00:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
Enabler_01_250.js
s0.2mdn.net/879366/ Frame BFDE 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=TnAaXH1kz1&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=TnAaXH1kz1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 11:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72614
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 11:17:24 GMT
template-db7349e4.js
s0.2mdn.net/sadbundle/15963971234539850078/ Frame BFDE 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15963971234539850078/template-db7349e4.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=TnAaXH1kz1&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55ee9510e78623f5fd1309067dc6e7a15f70d48e23e5658a0aa81be100ad232b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=TnAaXH1kz1&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 24 Jan 2025 09:58:53 GMT
date
Thu, 25 Jan 2024 09:58:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163725
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13540
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 09:58:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
index-66cbe3b0.css
s0.2mdn.net/sadbundle/15963971234539850078/ Frame BFDE 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15963971234539850078/index-66cbe3b0.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=TnAaXH1kz1&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66cbe3b02faabbe4f4b649a9928e98d0828e817ef3d2b060cf4a9b9918166c41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=TnAaXH1kz1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 24 Jan 2025 09:58:53 GMT
date
Thu, 25 Jan 2024 09:58:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163725
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1452
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 09:58:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 6BBF 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=OXY7gb8vFJ&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=OXY7gb8vFJ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 11:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72614
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 11:17:24 GMT
template-db7349e4.js
s0.2mdn.net/sadbundle/15963971234539850078/ Frame 6BBF 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15963971234539850078/template-db7349e4.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=OXY7gb8vFJ&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55ee9510e78623f5fd1309067dc6e7a15f70d48e23e5658a0aa81be100ad232b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=OXY7gb8vFJ&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 24 Jan 2025 09:58:53 GMT
date
Thu, 25 Jan 2024 09:58:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163725
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13540
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 09:58:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
index-66cbe3b0.css
s0.2mdn.net/sadbundle/15963971234539850078/ Frame 6BBF 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15963971234539850078/index-66cbe3b0.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=OXY7gb8vFJ&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66cbe3b02faabbe4f4b649a9928e98d0828e817ef3d2b060cf4a9b9918166c41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=OXY7gb8vFJ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 24 Jan 2025 09:58:53 GMT
date
Thu, 25 Jan 2024 09:58:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163725
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1452
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 09:58:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame 200A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BEqCyarC0ZYI0oJyFwg-Q2K6YDgAAAAA4AeAEAg&bg=!goGlgc7NAAa8BdJLnAU7ADQBe5WfODaWRo-pf30zHx90rT815KNEbBL5uyPtzGCEeYSCi3YKZJHGFVQDa1QgjHnH7JuFAgAAAJZSAAAAAWgBBwoAY2ZglKEJUOumOwaKFWjJ9BLgdVI-j1JlNwMAqYem-l4M-q3I2lNt30SVPYD3QH7lvp8vdgsJB6mwSyc9m3GLBYAVcNeCrlkyBjLTamXu9YvV-M7tXY7YCy4dJM-3ZZXFpjZpSpkC93G7vH_S92gr6dxV189O8DiveEA-1vsCLBwLZJrwsBCerIbbDkoUMPAtxkiUcp0jDKcOCxny9WspKDeN6DWp-GS4v4r1L2e7cjGasAUsr3HWbHHikTMcCpRWqEssKRbq_cWlHnoIqMIv3PbWKI8MhVNpGQsNfp0LYN5fA_yeptzGhv2ETqb56dqTonKE4DcFYDi2hwgzMxNaPNMATOT0e4l4XvJghk-jPRuNo2naGFFYZARWFxuGJxTZqGq-0gcuvlQp0223X06f6-Lih9bMUy0DrhMeMh3BGEUN_1CR-_At9bkmfBaFoTz0WHHvd8WvNbX1ARPrDHUv6FdxpvfRpRGZ_f11ItKvScpLSJyKNg3uxEXJ1UglXAML4Dy-xOpzoXwQwiBZonRkYtT1AGwkZzo367fSzEMK9O4l3fIbp_4O2Wy6xazPLInlZaYk5KRVbtx-bvs6fELO37HwDwOQt7CMMWGVFKn4ytfFhXpeMb0lXsYG2S19NURr21F9xIQ1rg1j6xhksAJkaPzJJPMNPuYKqMFHIGUblAmkOZGp4Xd4YfgEN_nBKldTkHWQv7dokorqr445Xkz5JWTCxDNt7HT236ix6bHuzyeWanTsUpJs8YBFmeDtA8Ff2sXE21lTap1MmHcrWxWFNx9Oa87P8zd45JEBVBHI3JKCEOEkngJYYSo22-eAr0d1FWpzr6KetLqWDemPBmcgb8wBDSBEWgKXXHnAz8qeZ5NmqVUv7ahV2rbVqfNrlCpZL0v5lxqmR5mZ-MT1iUe0SDqcyUbxc96sMreIGKvSI9imM9JV89aJ9kslUWaI3vZ3utgvCDxntCOi1PzeMdJJ5kLyPYiDG6-OpFDiGT_CY0_xoMnaAJQDdvVisnaU-QzZFd2uTsFSqkS6yLig86xcODStHcXgI8juN80CdDMs7G37G0YmRxbydGnl5cucecQiqSEwJu0VBTgSL6uET_RQNPsH6rJ5QN8wBr2Q0xnfnYw-J3HhVesu5G-FarSPrA
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6928 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsugdhqRoy7LylOKp4gVEHGdE482pkXAp4a4_Csz3P20PIqVN93-UbEzMWgkv8VjqqtuZkk_EvNLHSBgFkFW70RfBmRvvKo0OBx89Jk8rgKubzuTPRzFaIovcyMaymrgHRTLQvE1t8aAVJQdC_1qH8v1lA-OKmbC2TUZZ3aKHB9rPNZkgsfGTBMRfq8uYOxav7mAqwr62dYGB22N3wXoFuPqVVYWWqR0irU7j3mTdPJ3m4b1yWTIGMRUyktnkCk8lSiHRFiC_gVO4evPd1ETgXUh5zwBqb9WmUN1iKeYIg1Yynw9ngfiyLOdOFLITyYGLfIT-4oI3a8b-vA1dOsWGett7aMd0nEfJ7Zv6FaesU5cpNCyjyrZsiHfPusSHTyPws5v86bpwhzkRXG5-_eg2wciBjhrtQbKqMK55dZROJ7wGDYvjIJ70wUQShZs9_CMX5hOxLDkVDf3fXvQKLP110U2w6nnUHuYKNLNDSJzeaTrzv0KrdMfeIr-ll8BgOPj7xr2y3BKxT-RBqNBTYlayqI9QOqTJtBc3XeMCBy-cMAGivUPLhX4WuhgMAjveHJ5J0asH6Nc5jGFGoLpNzKoFpnixc_7Hq5R2YFrW6yl1Qcjx_OChsBlh-2xlLOwBr1S07mykVQTRlG2GJgaUexakB64uxP4K-3b3sW49bdhnp5cqEAdk9fTRc0SNyDe9Qm0lga8Xwnw8to8gET2opCM3iAHvBUBJ-xFnB_c-OttHUYvAWM3LAWizM9Zyf8Tb_hu5Ae7Eu5Njpz1_Q_wgVGVBAvNWz-8ECtw027q8tbYwpXAjLwkgSKBB3U-QIVzHsCFKZ6Ds-Ben98PCSD1K2rWcvscWFCaRaDcPK_sW-11yVaNhEQtZvOcN6fGuzzRjQfI0pPSA9FZn8dX0ghkX-whDOpBNOg_ssMaRTXPAqRmaK4YvaRl3IOdg7DTHKhcHp0Rb03siNGw8J1Tl2npWMbtHJJYsylcsgObU7hbKqT0Vrn4Fg5BkTu_g6qtmMD1WLy3rAxVEEih5TD8cIAIXYtNnZfRRFxmPmqPpEtcXD8m0H7k1cPyyKraVjL0nbaPgyks_XaasXcoCMNZJXm-eQxI80f60mH0VrjsASLutUfvEZ6DIbv0wmT0Ti05BR8bri2anSCnNJrFPfUS8C7XMMB-y5YQlwkQkes2xO-IL750TZK2qj2tOODoZ4tO9z3jhn87dguwuC3CVFdq3flsIXR4Q3R5a7McetkbV_HrUpB7f0VKip3fjA9C0ddX9QDn06Aqb_s9Qs3DIY2_NIG9lWmunU3UJ_qbf0M-tN1A3fOIvDGQ5iWW2pGZhhciAQo&sai=AMfl-YQcsdqMk-bX0KGfMvEIbiHl4f_L9LM22yBzp8OVURwGFoP6Lu-DCCDQ7yGnIko4cGNVaAcZV0LXI1_WzeX5xDx-rOV0WyOh2ay98Pe_f5XtMg9D_CfwnbWJaMHjVzo6nZtG4rIRoR-3SuwVdAyC7l7AZr7lxiMu0NyFCInlgNr5kli4T-jJmY87m05010KNx9oGMW39TPVY6qF_1pTWD5Zieipifuiet6X_BtpPLxIvuEubQUZcn03pW4NI-2watI7z_2HYfnL8h-R7nIl74Vb0PbqvjJk7ptiSzLlYhg&sig=Cg0ArKJSzHqne7f9i5LmEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=277&vt=11&dtpt=175&dett=3&cstd=98&cisv=r20240122.79618&arae=0&ftch=1&adurl=
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8C36 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOZHZaSP8HFbO8sNK26Ov4VtiDuCRQVezjVYylmc6sntWYgCYOuwdjmA88DB9khtXGks6mGuXGpb_j04QwkGRCzUvQ5_hjGzd0dn7CxtupwhI0EZtx8e4c8fe3pj9XBXpymbFen2AE2RzUXXrkb5ZDxDxcwHygYdSe3X4ClL7t0Mmsml9YUtsxxOSARrSjLCPducaiywdRqMplj38zlbN28YU38AjKlIxYg6Zio52HFG2s2Qt05kKjdXs6hcBher4f_Tg3IpfNy_b4oAg5i_G2jq-Er4VnSSOx5pH8rb1FmXUPEaqFo7cMmYsa3H4YjVUEB-HcYgEmG0rFKgLBEszrO-gMdo31IBaeHw3B1SRB2OMMfLXtsMYSgja6SP0F5CZa7hE5Vj_AZXFFvV1jFHiTYhAHg4Zarl1qSHYhisjfZyGRfj6cRGLZBWPr5bBzti-e5HeNbaEfV8nbVKye4ph2fSUYfYO9A63BjbRKLYW9TaO4k0-Zy8ZNKTGBK0hUuEyJ0Ugo3rgOc8dpZATzyEw1CpE6BHH4H9VCelgIhMz2fawVQAnqd7TnuABYQY9md4DX9nMTh6DnE8M650U6WT51YUJRD8knkJ_CEn94NLacpKBnCWs-AJ5eVBfMWvcc00M7YjNjBqn7g13JQvv9UMF--HfQjb7KPQdwlVW5mysKN_qD67AnIh7XXkAaxx7aqrWkyXGrubyOgiLje2rvgv8nZI98x9k0QbEl5zy6wTBZ5B05CqUxKP9t3C6yjPAiKlMr1LdEKY_ySVIT2eYtEmIQ6baUNz-YY_eExewNakX6bU6Sjcuw3QQUk5Yc4uAoxj1zPiurIXRIV7w1NeXI4NdLRnm4eSrLNcB_aeBpIp3LYo3rCt2-y4rNDmUDEGqPSjgNfqrbYKa_YgykLHuS7rY_U37Zei-d5oWkptcXY1NTydGy9b4NH4yo6r3rngdpr-0hlfOkco7ATqo5fMxhzJ8bjcJ4AGeQk34o76i84AgVI3Ho1zf6bDB1OeBWq9wlgV5OVCtkAFloBLDGqFPeJNruDX2f7IMHmIWWGGn-cmVowep3MgUvnsO1-rgUPRCuhAHJXjCV0E7l1yOWGWHmbRXSFFIiR6Up9vLvhIYuZ8-PFUgTxuZQfyqtsw2w6ZbdrvI2DzBzGqZVuWVP-IyhcdwWJtU-AewQqBqHKeUSljJzkSVEA_kZKoMYrwXceAxUYriBx0JhRj6jDo8sqpww-n3U_WX6sK7Z5WnaQb6obLNhYhBnqvZIge1TA3-JqubQkKuOWa-Vm-FIocMiiBy4LmVSp8VvFiMZdAp2o03SzsbwIJK9poIykg&sai=AMfl-YT_aAWkOx77iK52Y9isDju7zdgQk3_tSeawcRgO3Exw96cccG4WnYVWazrqzdFRB_AWwAqeaKNRS5C1EvmCvSKHc4c6St5gFf-8-z7cSPb7iAAv4NEyQfYJIV-C7yUDiVDaim5OW7Sbgk3vkxCFCjJOfbuZwWPExHmgnvzxf0Iv8Zt91seEr0xgLupZf4wkPhZXeSb7ACuDXFPLCSrcatihUsCaLH0bYSZVbr1CpH6Buc67xxqFH-M0jgPenj5teh-JrXPAnr8ugyxxTkXoaa7LjIXkrSMsAZk3GFiOgQ&sig=Cg0ArKJSzGUpcMfz9n87EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=252&vt=11&dtpt=182&dett=3&cstd=67&cisv=r20240122.96211&arae=0&ftch=1&adurl=
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 27 Jan 2024 07:27:38 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EA88 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsth2UBIIFlb5jZYQX3l_8H5brjb2Elx_GMEq6et4SAa_MYzip5TOP81Ux5wgC6GtKnhQIK3N0ltFR3sK7whyzpxIDLV445Kfd2CHxf2cR8mF8276b863tGeyobiGx1giqh99FwS8adV1MXsGlGuWmN9XkZ1MRBSb63RYRD_Jr9TrVADlqCXL-6vPKziabfT4-sCGe5HwX3FSnz5CIG_1Wxa-SUstvH4Ss0g7zsEednGoawzoA0Ew5kUer3EB6rbW8Ei-6Cx1gPImTxEfw5zGnHHMLSNNtKfAwztHRbmJN1xfNYC2_CvPz8xU4cCJ17HPUNPf3G5d1lsamUai86wATDVv0h9mPeFaiV-mssZr-xtIyFdVezn6kzxvv0N6Qv9JdV0RP1x77vwBAQhVnLyc35ynJn5zun9XaUL8oPkZnCZMFp2DPnWpSPuJ0tJLe6nB_qHX2QtkFGx3-a9Ke024n47daUtNwF8Hy2j7YUjiD3S6ZyQfkX2JQSls4yR_Co1J-yEwl1xNFieZftLY-E5WJhEG9bTX44CMX2UygdVOOrR3BtkoMWRGyCzlwcLyZUxwGl_u_CcAiw2xI7CVJu_Ez_bDazpd_HZZiiLuSflrEdMDm2ZNmTYV0tPku2c2Q-qzJkRU1f5kvcsxYnsyTqs-kDq5N2W3pjKYSfXJGO7Iz195XzZNVZfs7_Fnjs18LgYo98HtHG932t29k4DbqufT-2hmBA8WwvQs-Y-CogbgUuXBJptxVWelfw2t9KtoXxI_ZLeMaZ4Zjyswar6xmsw8fuCMTBQ8xgaQ5eKKhiHsgy6A4H0O1amacp6QzRU8OfFmsHmz8lIeiBZyrfMWGg5-L3CLgNq-PPlnC3y-WUEOezDb3jUEU3EBEgMr4QlMKAfsCy0VrBPCdbHtVSawNRCC04coLPIz1JDLt-yU7xzrPUPp4l91K8H6PaR2QNv9botrg4I0jiFNq3kxUnRvBVFQwRyEamBPAto6QJavczpYwac7ACfJ3Sl19m8C0CnCfL0zS8XCc5NaHjpG_4SNdvaNjVnBflN5nzJPBLGDIObkvCX_m9AcX53-4hfQ6EUjUHuk5H8I8IyGjdYkedIhJt_GjE99StQiA29K8r_Er28J6k5EbGXaHUA6KOomlqJxCXgDyctuPkq2Z9dhjhNBms7v4eCeqzD55xWF9YdHaC86wr7AVPZsVgZFYd94qnii2LaOjIGKkrcTThQf_Qx0zXF17TaOFYCKyDLjpOECYVBCpa3A7VV4GgHr03DotRqv63duIp97dwTV6ILM2DgFOB0N488BRmXFyTASBqHIq1ZjR13qSRvmiunCg&sai=AMfl-YQmr0x4q8U1WG8rT0i9U1QoB-qDuYyY4OmlqtjWEirY5N9r8lKFNftulVu38Rrt6RDF-IMz2KSJhL4Rb8avgACOYWvRf3w_IZPVhgXlf3CAQ8Wqi14sPPCCBfW8UGPg91mDMZwvvrF76tlmUwzH5OB9yzAeY6Ho27hjCI3tCjs-PcC-k52Y8qSOyHK8cf-Wuie5F1JCvWJITfXfj0DSox2SaLsBhiEOECV0GjwvAuK_gHItwCfEV0tit4QvgkRs4zVyFd2egZGwh3FmSjqxy3J2CkUi6z2fF7XR42Wd-w&sig=Cg0ArKJSzKlsmjwZq86lEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=365&vt=11&dtpt=205&dett=3&cstd=155&cisv=r20240122.30347&arae=0&ftch=1&adurl=
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 27 Jan 2024 07:27:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3599 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BBh1xarC0ZZzXC8npx_APlba88A0AAAAAOAHgBAI&bg=!dXaldjnNAAa8BdJLnAU7ADQBe5WfON2OWc4muz9BW89H66KKN_bFJesbRoKByxL-gYaImOqAzUOGV_-TFidB6r_Ce29wAgAAAJdSAAAAAWgBBwoAO2Q4QTnZEN3BOIlWbXfE1vDbei60BzUr8iaLTzKbaML9VgqGbw_lcVH4clJCrUbfeS193OOsZi-LL8gImQMFZ7kQaQEqFyDv__8w1qNttQXpwM5mHCtiHMAp_36Gnp3OPDnLNkeBqlbg0voImwH2Y5IOmlK54czW93c2_RZC3YMUaNr94_ondOG96h-SS0fk0-fXDSC7cggCn_DCdX6FpRPBgpl1QKE604XTGYK-KqIkN3hkQ0Eh5nBhOQn-ex-jRZWsXg1YVrstQ73MALM801H-Bj3qotlrN4qFxE2OqVsKhQosNAzuRT8ZqE0cLDdUGD3DlCTC0A6rmP9vdSUFk-5v14aG-uXOt1QwjHKMjmnf1SblAh1KQYHxlkDw98uQgmCdijsYQNnqGBOvTd3uhDu3Hi9NMoeTghE2Qkl6d6p6l_HMataxZyOPaQGW1Yow2oITkR5LWr6NAcNnHwJE_MY5XP9k4fv3yWhBPF5FtJBzpHJ_DC8TQJTiOf9X7hwpROof9-bpGWvNg8SmbNFc63RVdxGc-js2Dl5ebBTBGLCzO_3heU2PsEt6YfCckeK3C3PFS1Bn3M2k3zWLojItDNLuA1hEi1IVCWpBXCmZO1nj4paV3J-USG--qHgVe3-2OTJi5sbpnKvkeVoPPrDs6QN-M2BLbf-5Pq182ESs-me9ODTSObSTTs4vU5PX455xGDbe880OZQFXJT2Qc7s23nSHsx0hIhvZpilJrhd67kZT6yDhnASQmy79VROqRzCfVhG2SeoX1S_ZLGrtcMgL4Bd3d3PM48zFRCcEOEYR57XEQqGfMqV8FsMyjbnSMG3Nky38uBrRSj04MeDWqpEQQCicwezr7SNnrTpfbvT_YE9WbLRsLAgTU1vTMPEevn4bscr4OK0taW8c23Y_fEN1zBQmenxlj_3z6J1t-GdrU85OgJk0ltwnxzqhtKzkapg8RaQ65oi7Gj-7caxEdJnPbRdgwGllZLgeFEb0txlsx95WvGmy0CkHH6yjFSxjr1lHx5BaTPQhXR9mChXtJruZk5HfMKeragLkB0O2c1xi9pdo-ny3vW4CYlKaFLeuNhM4sXlalBeG8mYh5eyUjM8T236xg1k
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame EA88 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ec16ff31bfd0f69911ceb8c8de06dc20fbd0f4e1b84033f5a7095fb54e9ee69

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8C36 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a696aaf91907e56fda01d21c931712f3be651ef7b0c3a2dc4ef079aa84b47dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6BBF 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
62ffdffc7de873c32366a7c0beba39a41bc77914f132d1bab5e70ebc1ab5f76a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5837
x-xss-protection
0
logo-v2.svg
s0.2mdn.net/4528404/1687769488937/ Frame 6BBF 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687769488937/logo-v2.svg
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59196f295fdadd3391cfbb187fef654f77ae385d6f8555c588963b521b1a98a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=OXY7gb8vFJ&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 09:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77457
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1838
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 08:51:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 09:56:41 GMT
apple_iphone15_blau.png
s0.2mdn.net/4528404/ Frame 6BBF 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/apple_iphone15_blau.png
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2c8d4c4f851bc762ff462329786060fc683b9ac19e857cc9426e95771b648a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=OXY7gb8vFJ&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:11:41 GMT
x-content-type-options
nosniff
age
36957
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3833315
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 09:30:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 21:11:41 GMT
cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame 6BBF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=OXY7gb8vFJ&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 15:56:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55882
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1134
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 07:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 15:56:16 GMT
stoerer-120sparen-links.svg
s0.2mdn.net/4528404/1702634402667/ Frame 6BBF 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1702634402667/stoerer-120sparen-links.svg
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a746b54d9607284603c4b6d8ffdb8ee004ce3d3cd7d431801c42436ee9d3572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=OXY7gb8vFJ&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:32:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35681
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1945
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 10:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 21:32:57 GMT
logo-d0d80991.svg
s0.2mdn.net/sadbundle/15963971234539850078/ Frame 6BBF 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15963971234539850078/logo-d0d80991.svg
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=OXY7gb8vFJ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 24 Jan 2025 09:58:55 GMT
date
Thu, 25 Jan 2024 09:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163723
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 09:58:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame 4D9E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12155554735787715593/template-db7349e4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12155554735787715593/index.html?e=69&leftOffset=0&topOffset=0&c=PWrV01EcN6&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 15:56:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55882
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1134
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 07:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 15:56:16 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4D9E 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cef98e3ea8e0eb0dee9e1a4c01e28d2ddc40de6905056163c2e5e7e2f94d6a0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5977
x-xss-protection
0
01222024-083008822-aleksandras-home-station.png
s0.2mdn.net/4528404/ Frame 4D9E 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/01222024-083008822-aleksandras-home-station.png
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d6b27c6e65181f440d74ffee8b938cafc7d782abcaa6b0e1a11732607371e73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12155554735787715593/index.html?e=69&leftOffset=0&topOffset=0&c=PWrV01EcN6&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:00:03 GMT
x-content-type-options
nosniff
age
30455
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1645769
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 16:30:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 23:00:03 GMT
logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame 4D9E 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687521602712/logo.svg
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12155554735787715593/index.html?e=69&leftOffset=0&topOffset=0&c=PWrV01EcN6&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 17:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51547
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 17:08:31 GMT
stoerer-jetzt-50gb-extra-01.svg
s0.2mdn.net/4528404/1690196402258/ Frame 4D9E 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1690196402258/stoerer-jetzt-50gb-extra-01.svg
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7adc1cb2ea46ec43a0e65d5b1aee67a103094f1c8faea45c5d1d246d34019126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12155554735787715593/index.html?e=69&leftOffset=0&topOffset=0&c=PWrV01EcN6&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 18:06:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48075
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1423
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 11:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 18:06:23 GMT
logo-d0d80991.svg
s0.2mdn.net/sadbundle/12155554735787715593/ Frame 4D9E 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12155554735787715593/logo-d0d80991.svg
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12155554735787715593/index.html?e=69&leftOffset=0&topOffset=0&c=PWrV01EcN6&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 24 Jan 2025 10:00:51 GMT
date
Thu, 25 Jan 2024 10:00:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163607
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 10:00:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
logo-v2.svg
s0.2mdn.net/4528404/1687769488937/ Frame BFDE 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687769488937/logo-v2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15963971234539850078/template-db7349e4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59196f295fdadd3391cfbb187fef654f77ae385d6f8555c588963b521b1a98a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=TnAaXH1kz1&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 09:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77457
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1838
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 08:51:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 09:56:41 GMT
apple_iphone15_blau.png
s0.2mdn.net/4528404/ Frame BFDE 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/apple_iphone15_blau.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15963971234539850078/template-db7349e4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2c8d4c4f851bc762ff462329786060fc683b9ac19e857cc9426e95771b648a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=TnAaXH1kz1&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:11:41 GMT
x-content-type-options
nosniff
age
36957
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3833315
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 09:30:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 21:11:41 GMT
cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame BFDE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15963971234539850078/template-db7349e4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=TnAaXH1kz1&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 15:56:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55882
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1134
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 07:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 15:56:16 GMT
stoerer-120sparen-links.svg
s0.2mdn.net/4528404/1702634402667/ Frame BFDE 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1702634402667/stoerer-120sparen-links.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15963971234539850078/template-db7349e4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a746b54d9607284603c4b6d8ffdb8ee004ce3d3cd7d431801c42436ee9d3572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=TnAaXH1kz1&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:32:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35681
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1945
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 10:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 21:32:57 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame BFDE 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d214ef7d8f77c9febbda7ca16f299d5f4de91dcf743c052067029a4a4e965e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5906
x-xss-protection
0
logo-d0d80991.svg
s0.2mdn.net/sadbundle/15963971234539850078/ Frame BFDE 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15963971234539850078/logo-d0d80991.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15963971234539850078/template-db7349e4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=TnAaXH1kz1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 24 Jan 2025 09:58:55 GMT
date
Thu, 25 Jan 2024 09:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163723
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 09:58:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame C30A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BcVQvarC0Zd_iD_qk1PIPypys4AQAAAAAOAHgBAI&bg=!kZKlkt3NAAa8BdJLnAU7ADQBe5WfOMqaFDYEVqGh_vrFglB8w0UYVRQvvKAaAzHgt_rgCQWU3oouPtgBL9_dTzHyPElfAgAAAF5SAAAAAWgBBwoAURFqOSm47i_yBT95uY9qilrQQ2ouit57LUZxGKEnPvRCuW_JFhu38h1gNq3U6yNtgpD72EIcawSX9La3QFH2tD-Qz1LYJf7u7gW5VgB1_OTcuJkDFaPmz-Su8EabtnORnnSffBOmxcRxvQCUzfAvKhEI7yB1xKREamHTOpvmsJkZLSbp_HjXcx7JmBwqbgiP76BKDc5d_mskgQsMUWFTUYYvgVomEqjHF2_QxHIpPo7esywdywAiOPoXmWnJWaIuyFaeA4TMT1LYSS7A9LQmibFE0oWf4PPssguXnyDY1mGQ40TlCIshE2HLrfw25GcBK8w0OL6OgZRPVwimbKvGJtSU-nL4OfThEuqPHC-kV2xDyRNLSs8Y7rz3IL0zsrhnXWbviXCWQqu-_8W-w_aCp6Bso0Ew_0NJTC5B9aYZC7x7UklnlgTgd4Hn04Xb60vW4HUnO_D0bDjxUksm26rhaUHjcmGjOitRkhS7oEN3HF7HZLBbwzemrw2GVvQyJFixOTTVa2LN6qD8ohhjUF4nFWEyZeswtr4_CygXfxfAdDGBJS4LUB0Ufc4GbEOt_7RDoGGXg3wWM1P6pbMZCmP4c6NZp4epPn701LiY7i5NJ4NL075zHZ2Ucw8zDbqv1_dR6h7lPA_rgPmUYrRFqoACz-igX2hZtuTv6ORtrJ3hVrJayLK7rSk7m97QTzuQO_K-_59p8QIzydIpWMdK5LZDd8KWwFRYK6ok8gFU0s1yvwRDHG-CuVpjJ5kmaLM3gdks4_URcKc8zdb0Rw-vj9fjoWusrTn1yrDNQoS1o5oVk_o0mnwWxFVhcNvJaj3sk7egIW2aBnoDXPsUUq2VFeYLzszb6xxorYtBofdTC8x0q3sMsrC8PApWcs4HuDbvgh5hqz5KgObcpDV7g1fRsew2t_gGPeNPKmEawMVrc7f3UQQPzACvAMrzP69iu2UtCsbVLfHAmb45yfeJnkcJezviLgPSW5aBGukkIc6cu2HiX3mB1-k_EbTELItLbjbE6hTWxLqgXJGdmBDVQo9lInkLlfTreVVcqG0xMI4LlVGK633PsOmRr0IztvJHNKfrQdb3u20yZwDu-g1iM8XkKsQvvQoeqqmOXdjF_32RUghHayBWoQHV-VgEuw08wV8novy2zsly7bZcCiWhQQ
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 49F6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BVB_parC0ZfXZD7Hfx_APvbK8gAQAAAAAOAHgBAI&bg=!ra6lruHNAAa8BdJLnAU7ADQBe5WfOFQv53wlpza-vCg02C14HCqC_2UTr4ibET8fLXyMZr4TJwpshmt3qcgs4JaEhif5AgAAAFxSAAAAAWgBB5kDDxkZyqOmUNh8wUDsE2SzRl4eYztxVtW-74Kt8YoEShsTxLJdYKy3oPh_IgvVkwWGK7c57c2DRJJqIPuFVZ9bjhSBr2IfmXrFZkd2HFf0I3UAvsWpnCh9WTTPBz5j-9J8tMIorPtm-_mDSUTeu_ISJgldVvo1KeUYtFnU6b_jQ1lOfOW7ohLcomYLI_nyrtO3MNqxDgOGqvJu7pQ3CoDgHGcxN2CUlXUojdZkT9oM2D3buvNyscJxc60RTxeTcKbfGljwX7HIxUQWkv_aaFWXcFSsODHu1BoN0ZcHLl8DWmIyzM3om2Q29r1KN_dnKm3Kr6DqCIQ9QOR8Jv22PA_Z5TgdyYj95JbTP766mqteBoSfe_k9kp-B9lYeFJmxmNCgdmiZZCFaIwqFsZ_OkqjeCgPGGr4XpzUsQAZfrNTHIiLZqNnwucs0UOOoRWxCBP0clETRfdVNHRnraNIPT9H8R7TilX-IMmpszmr0-Keh1HxsKqPak-e2bk3AhZUFNiR9Fcs9xh4vY1exdzsKh1Y1s_4PsD9caxoD4_gVA70-uINJWg1mDjIaa9VLkAUu_TPnop6PFlStAGKZ_6DKgasfdWIDnKMZZMG4inVPWba5QkhkwfEx-hQYph-9qn-5b8a0ovxhClzGr1PadBhvbdGPKoB3-b43uoTMJYDb1CPw-AxxuNtJ6WPyfvec1yLCCWCfPYwOQnl9JDeeN1DJa22j-X91JzA-DaD8DULU0zbjjdksjVYDxZw1FMcSQWAhFar9KWCYI7q4JKX0RtGniHHE4YDk-nJL5vAYDBxq_mqfMoLtwE8Mh5WMkk0wVDW9tOKDY40beUJYNlZfUKCRADoTY-ovCldm_UaXU6JlsQFCMcqxBzXqjayFaS_lSw3yPYkvHC9J8fL4zwyJkentmpE2IPU64CVECboG1HF4Dk17aa_5j6wilz-fQtgYb_TlpA-zWwgN29aQ0Y2SAjciQI_cSmCMczMb1jCfECKPvRnuEGAkKuvlspkp5yxfh_zrwyOeLSQyTi3_6eyVvWAmpieULQ
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6BBF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Jan 2024 07:27:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4D9E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Jan 2024 07:27:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BFDE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Jan 2024 07:27:38 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 11F6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:07:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
37199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 21:07:39 GMT
InterstateRegular-Bold.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 4D9E 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateRegular-Bold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12155554735787715593/index-66cbe3b0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d52c7c5050b088109075328a9e830e4bfdf6446c763b9e69c637d5c0e11d599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12155554735787715593/index-66cbe3b0.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:23:47 GMT
x-content-type-options
nosniff
age
231
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29232
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 07:38:47 GMT
InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 4D9E 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12155554735787715593/index-66cbe3b0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12155554735787715593/index-66cbe3b0.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:26:27 GMT
x-content-type-options
nosniff
age
71
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14644
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 07:41:27 GMT
InterstateCondensed.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 4D9E 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensed.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12155554735787715593/index-66cbe3b0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12155554735787715593/index-66cbe3b0.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:22:12 GMT
x-content-type-options
nosniff
age
326
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28596
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 07:37:12 GMT
01222024-083008822-aleksandras-home-station.png
s0.2mdn.net/4528404/ Frame 4D9E 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/01222024-083008822-aleksandras-home-station.png
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d6b27c6e65181f440d74ffee8b938cafc7d782abcaa6b0e1a11732607371e73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12155554735787715593/index.html?e=69&leftOffset=0&topOffset=0&c=PWrV01EcN6&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:00:03 GMT
x-content-type-options
nosniff
age
30455
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1645769
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 16:30:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 23:00:03 GMT
InterstateCondensed.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame BFDE 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensed.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15963971234539850078/index-66cbe3b0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index-66cbe3b0.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:22:12 GMT
x-content-type-options
nosniff
age
326
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28596
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 07:37:12 GMT
InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame BFDE 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15963971234539850078/index-66cbe3b0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index-66cbe3b0.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:26:27 GMT
x-content-type-options
nosniff
age
71
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14644
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 07:41:27 GMT
InterstateRegular.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame BFDE 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateRegular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15963971234539850078/index-66cbe3b0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
619fdeaed027f4e2b96cb82baa60c9c6615e7b24172f08eed907e617537171e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index-66cbe3b0.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:22:37 GMT
x-content-type-options
nosniff
age
301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29508
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 07:37:37 GMT
logo-v2.svg
s0.2mdn.net/4528404/1687769488937/ Frame BFDE 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687769488937/logo-v2.svg
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59196f295fdadd3391cfbb187fef654f77ae385d6f8555c588963b521b1a98a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=TnAaXH1kz1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 09:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77457
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1838
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 08:51:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 09:56:41 GMT
apple_iphone15_blau.png
s0.2mdn.net/4528404/ Frame BFDE 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/apple_iphone15_blau.png
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2c8d4c4f851bc762ff462329786060fc683b9ac19e857cc9426e95771b648a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=TnAaXH1kz1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:11:41 GMT
x-content-type-options
nosniff
age
36957
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3833315
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 09:30:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 21:11:41 GMT
cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame BFDE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=TnAaXH1kz1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 15:56:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55882
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1134
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 07:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 15:56:16 GMT
stoerer-120sparen-links.svg
s0.2mdn.net/4528404/1702634402667/ Frame BFDE 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1702634402667/stoerer-120sparen-links.svg
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a746b54d9607284603c4b6d8ffdb8ee004ce3d3cd7d431801c42436ee9d3572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=TnAaXH1kz1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:32:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35681
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1945
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 10:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 21:32:57 GMT
logo-v2.svg
s0.2mdn.net/4528404/1687769488937/ Frame 6BBF 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687769488937/logo-v2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15963971234539850078/template-db7349e4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59196f295fdadd3391cfbb187fef654f77ae385d6f8555c588963b521b1a98a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=OXY7gb8vFJ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 09:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77457
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1838
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 08:51:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 09:56:41 GMT
apple_iphone15_blau.png
s0.2mdn.net/4528404/ Frame 6BBF 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/apple_iphone15_blau.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15963971234539850078/template-db7349e4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2c8d4c4f851bc762ff462329786060fc683b9ac19e857cc9426e95771b648a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=OXY7gb8vFJ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:11:41 GMT
x-content-type-options
nosniff
age
36957
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3833315
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 09:30:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 21:11:41 GMT
cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame 6BBF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15963971234539850078/template-db7349e4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=OXY7gb8vFJ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 15:56:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55882
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1134
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 07:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 15:56:16 GMT
InterstateCondensed.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 6BBF 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensed.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15963971234539850078/index-66cbe3b0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index-66cbe3b0.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:22:12 GMT
x-content-type-options
nosniff
age
326
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28596
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 07:37:12 GMT
InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 6BBF 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15963971234539850078/index-66cbe3b0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index-66cbe3b0.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:26:27 GMT
x-content-type-options
nosniff
age
71
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14644
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 07:41:27 GMT
InterstateRegular.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 6BBF 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateRegular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15963971234539850078/index-66cbe3b0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
619fdeaed027f4e2b96cb82baa60c9c6615e7b24172f08eed907e617537171e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index-66cbe3b0.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:22:37 GMT
x-content-type-options
nosniff
age
301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29508
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 07:37:37 GMT
stoerer-120sparen-links.svg
s0.2mdn.net/4528404/1702634402667/ Frame 6BBF 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1702634402667/stoerer-120sparen-links.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15963971234539850078/template-db7349e4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a746b54d9607284603c4b6d8ffdb8ee004ce3d3cd7d431801c42436ee9d3572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15963971234539850078/index.html?e=69&leftOffset=0&topOffset=0&c=OXY7gb8vFJ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:32:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35681
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1945
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 10:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 21:32:57 GMT
dc_oe=ChMI37-Fx4X9gwMVehJVCB1KDgtMEAAYACCq2oNdQhMIyITTxoX9gwMVtdDnAx3vhg51;dc_eps=AHas8cBWpVG8cgZtixl6D3LwcxktxWIMC4A1AGrdv_6OoqgXpTwrVH6sHKEZ6FHIZZ3Y91pRoVy3JbI;stragg=1;&timestamp=1706340458969;s...
ade.googlesyndication.com/ddm/activity/ Frame 6928 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI37-Fx4X9gwMVehJVCB1KDgtMEAAYACCq2oNdQhMIyITTxoX9gwMVtdDnAx3vhg51;dc_eps=AHas8cBWpVG8cgZtixl6D3LwcxktxWIMC4A1AGrdv_6OoqgXpTwrVH6sHKEZ6FHIZZ3Y91pRoVy3JbI;stragg=1;&timestamp=1706340458969;str=nextSlide;strtype=1
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame F492 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:07:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
37199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 21:07:39 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 791D 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:07:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
37199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 21:07:39 GMT
dc_oe=ChMI9baFx4X9gwMVse8RCB09GQ9AEAAYACCe44NdQhMIx4TTxoX9gwMVtdDnAx3vhg51;dc_eps=AHas8cBUaipf-uriZhl3VuGdTQCjCF6RnugLiFZBokGrU79RPovXmDY9T5cewMuedxIO4COZK8FsFK4;stragg=1;&timestamp=1706340458978;s...
ade.googlesyndication.com/ddm/activity/ Frame 8C36 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9baFx4X9gwMVse8RCB09GQ9AEAAYACCe44NdQhMIx4TTxoX9gwMVtdDnAx3vhg51;dc_eps=AHas8cBUaipf-uriZhl3VuGdTQCjCF6RnugLiFZBokGrU79RPovXmDY9T5cewMuedxIO4COZK8FsFK4;stragg=1;&timestamp=1706340458978;str=nextSlide;strtype=1
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI9baFx4X9gwMVse8RCB09GQ9AEAAYACCe44NdQhMIx4TTxoX9gwMVtdDnAx3vhg51;dc_eps=AHas8cBUaipf-uriZhl3VuGdTQCjCF6RnugLiFZBokGrU79RPovXmDY9T5cewMuedxIO4COZK8FsFK4;stragg=1;&timestamp=1706340458980;s...
ade.googlesyndication.com/ddm/activity/ Frame 8C36 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9baFx4X9gwMVse8RCB09GQ9AEAAYACCe44NdQhMIx4TTxoX9gwMVtdDnAx3vhg51;dc_eps=AHas8cBUaipf-uriZhl3VuGdTQCjCF6RnugLiFZBokGrU79RPovXmDY9T5cewMuedxIO4COZK8FsFK4;stragg=1;&timestamp=1706340458980;str=nextSlide;strtype=1
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMInLSBx4X9gwMVyfQRCB0VGw_eEAAYACCe44NdQhMIxoTTxoX9gwMVtdDnAx3vhg51;dc_eps=AHas8cASmF7I5EhnDVVHMdp_skFRCExE2v_Oqz30nyktf0SM77aQq-T3uzQdbfKxHk8Lq1ZRIFN3o1U;stragg=1;&timestamp=1706340458985;s...
ade.googlesyndication.com/ddm/activity/ Frame EA88 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMInLSBx4X9gwMVyfQRCB0VGw_eEAAYACCe44NdQhMIxoTTxoX9gwMVtdDnAx3vhg51;dc_eps=AHas8cASmF7I5EhnDVVHMdp_skFRCExE2v_Oqz30nyktf0SM77aQq-T3uzQdbfKxHk8Lq1ZRIFN3o1U;stragg=1;&timestamp=1706340458985;str=nextSlide;strtype=1
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6928 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8P2TW_sUVAVsTRx6UjF71x_hiGdN23bO6lMpZPmlp3VcS2tVNRglla8bPTGRsHXyTS7RPEqlcPNpQj7N8gkEWfNLYuKgz5l-8Y41_MTcisnwukh8MWWmYG3rZngbTYDUpsndvmBzagHNnrWuIn3vJYRiJ&sai=AMfl-YSlCk589n3XvOWaJO3arlI7bhqsQ2Pbb2r8qJUEvoOVKTyhGIC5_H901_rXYleIoFCuBPJ0vmY8CiDJTk6FcK1emj2EfIlceXpt6ZScTBJUWnnKPwXJeK88PUvVca0ac5zZAsgF9dhdz0dRUj5UCA&sig=Cg0ArKJSzHmkQ-4I8pi1EAE&cid=CAQSTwAvHhf_Dxnp1oMbEx8rGDgZ2d1I8f35K7hy--ljz30TXrIZJfu0aX0LH4ApvI_sxMWzov2Wajs5pX-VtxoXmpTlZYa1XzqSmTB7hAuCuj0YAQ&id=lidar2&mcvt=1029&p=0,0,90,728&mtos=367,848,1029,1029,1029&tos=367,481,181,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&co=170634045800&rst=1706340458061&rpt=282&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6928 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4298254739641&version=m202309260101&ct=76&x=1&cor=4335594759107708400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C36 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9256416999215&version=m202309260101&ct=76&x=1&cor=2827461482437855000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA88 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9613667889828&version=m202309260101&ct=76&x=1&cor=15080808816739363000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8C36 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2-Y5hjS4T2z8SCPMB5KMVQnfAOImwGJqGIAO-4pKs8kD-lwTKvIgtfuwu3QGbAjs8O0TOyljcI-JmESlJ28DZiNemDtiERNHiyuGGb1KQRcU9W6QobPiJOmwTmTtZV2ycERTBE5yyNBER-SR_1cBK8p1E&sai=AMfl-YTg9Bx2Rjbv1Ab8-AaBEezovHLFnlC4Y9kB52AaKhXujQgVDQL1MwpJK1t_QHfZWW0g5CuMdntJJ2mFzeK6SmYLKxb7uBGgGDMImTwXy8Coox8Aqyb8SDBS8RYE5F-0NMfr1GzycN7eJakd1J1p3A&sig=Cg0ArKJSzFpwRMwAXhE0EAE&cid=CAQSTwAvHhf_Dxnp1oMbEx8rGDgZ2d1I8f35K7hy--ljz30TXrIZJfu0aX0LH4ApvI_sxMWzov2Wajs5pX-VtxoXmpTlZYa1XzqSmTB7hAuCuj0YAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&co=170634045800&rst=1706340458053&rpt=316&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EA88 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2gqZFZnkLLKAN6z5CjhqLQMmEFHJG0qSv9Z2iFfqnND-57uk9mzZiObRc_Tv_tpeQRxtoE7pJ0S6O1q673Z-nctEedwAn2qgueumYgZgm4iGlMcE-IZMtRwL3l4CtISTfK4knLkviLj-wc_ei-ync2gpF&sai=AMfl-YQSj3mIEOd8kLjRwbCHyCW6ED0Qooj542HtejQPXO03oqI4-Crgl0ljvVDdQfzq5IfYyS1wJiUxPFXOWd13k1DMTSWV63jxH-GbleKPq95SEEeZGxxzBTca2gKz8EgVl_Rp24Shajg-meCTzklreg&sig=Cg0ArKJSzEfxyaMiCug_EAE&cid=CAQSTwAvHhf_Dxnp1oMbEx8rGDgZ2d1I8f35K7hy--ljz30TXrIZJfu0aX0LH4ApvI_sxMWzov2Wajs5pX-VtxoXmpTlZYa1XzqSmTB7hAuCuj0YAQ&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&co=170634045800&rst=1706340458043&rpt=370&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bundle.js
yastatic.net/q/set/s/rsya-tag-users/ Frame 0BB6 		102 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
6faf9b3930c127b8bf7d97f22a50832b6cf0ac678e16ba6fa412e0a5ec06dc2b
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 06:54:17 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
last-modified
Tue, 18 Jul 2023 19:47:42 GMT
etag
W/"fad15dadf56fc1d71be6b240cc30b915"
vary
Accept-Encoding
x-nginx-request-id
74bf82193ff972fd
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin
*
content-type
application/x-javascript
cache-control
public, max-age=31556952
timing-allow-origin
*
expires
Mon, 29 Jan 2024 19:27:40 GMT
watch.js
mc.yandex.ru/metrika/ Frame 0BB6 		157 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
03a76474d3688f27218b2162729d23eb82b7bf7d1e52abfedc7247030a2a170b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 12:09:51 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65b3a10f-ddf6"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
56822
expires
Sat, 27 Jan 2024 08:27:39 GMT
data
yandex.ru/set/s/rsya-tag-users/ Frame 0BB6 		362 B
739 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/set/s/rsya-tag-users/data?referrer=http%3A%2F%2Fdownload-tlgm.ru%2F
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
1b21be50822c8f1e162a563f05543e3d8b2f97a91e6ebcb8064ebbe13c6037e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1706340459811776-828355690758670964-balancer-l7leveler-kubr-yp-vla-136-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
public,max-age=300
access-control-allow-credentials
true
x-xss-protection
1; mode=block
WQWejI_zOoVX2La_0TKC01EML1v4emTH1i7aTxpUS8VhTx8wZbvdzpbPEaSlOG0TfuhKA0CSnmWoSXWyAQeQpE1Wbns-47JmkZ02UBDTtkasZJ5Qcx9TG-yf4WaaQmqaQz9F4X3rHWQRlvstGguG8cHwsGPiurKgbKhb31eDcnqskWLzCKk5HVjpv60cW8DumWQkX...
yandex.ru/an/count/ 		0
112 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/an/count/WQWejI_zOoVX2La_0TKC01EML1v4emTH1i7aTxpUS8VhTx8wZbvdzpbPEaSlOG0TfuhKA0CSnmWoSXWyAQeQpE1Wbns-47JmkZ02UBDTtkasZJ5Qcx9TG-yf4WaaQmqaQz9F4X3rHWQRlvstGguG8cHwsGPiurKgbKhb31eDcnqskWLzCKk5HVjpv60cW8DumWQkXZ4Qzr6hOM-YSH-r6hQ-XbobqNgQR8R65NTWfY81X4iuWGFWqW5eVG1PBm7eaHZC7Se8zqEr7tA26BJqM0_1G4IdCF05BW578WMxl7FPAanOx0oPhg0tPHgLpGlb3FwgnaeV07Z4cmOr1fcofansXa9sIK7tRHFCCju9ZRIkwzWOiOSnqp3Y2bfTX_7IB5GqiHO900pJ9K1AqI_l0bDezx_HHAEkwpgMDdyZUqROwCOI3BLCi6E4BKGQRabdQU_rNEIsrZQla0db3q6MPa7BbJX35lmQcppvDYO_S1k1Xx_xIeO36QB3TgZEF2Cha5ed_pmtl0QXKKCGR5JcvxJzyFiehPs_pd2b9RxvYs52BXyh0LvKXnQK~2=WQqejI_zOoVX2LaR0VqC00EON3PMbwq1tnaGO1h4juChWI2yj90UJK1mGJ3v9kH6F3afJw2mxJGAi5EcdNR8Itrdx0rtlihcXN86VrLZfGy0FE9DWng3ZgE99rfQMbfQMjChNWLefrU05A2TNkagG3kzmbM0TieahW3jb0bS0Tefasy1sliSplcQA3-nm88VHLhaT6E4rNq1X23Fo2piVBvXOcxusbXTjbfMQDn7hOQzYSPzr6hOqbCrPL_rZKDI8mP1rslqwHKW0MmnV35X23kWV7fjpMpfgmfbkeBEmKsdO5vIq7tR1BECTqAZt25W3BcPjS06ywLPg6XYBH806AQxB6joQHX_VF6pxlp3Fay9Zm-Mm4ZR_q83iNmlBQH7aw_rJ7gu_Im8E6RPdvbVUkcj4Du-LLbcPGhHfXINUWoN8rnwztM4MbRUVFLbdvR7DVPadvRt9TAFGtIhea3wB-szLZGkQe9eNDG4lTQ3lRqbuV9PB_KsneICYvCGFxf34hYf4W8D_AZZ6CSg-9xhk9N5Wn9MgxqdRuSDOy4O0YvONlruoME2kleLCOLOJWi0~2?pcode-active-testids=938404%2C0%2C71&media-test-tag=2251799813691395&confirmTime=2104000&confirmRatio=1000000
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/952831/c9f2e4d9b16ebb3004df.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1706340459904578-10289887031705115188-balancer-l7leveler-kubr-yp-vla-136-BAL
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 27 Jan 2024 07:27:39 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin
http://download-tlgm.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 27 Jan 2024 07:27:39 GMT
1Sgyrjpx0Mi200000000U9nJp6JXFtRnLRUYuG71nfohRZvCbfaRjgGo084dJ2Jqy-GBGh5dtianf382nJCF21vC1OcNCWDvjLU1H2jZ0f3i1Ca20HF3J4Rsen3EGiOQ4GXh9QDF6aH-BsFW3dQ6es3-MKQGx5KmUPUHGOQ1uI-OFPU92KWkPRe1fDOoHG7PPvd-0...
yandex.ru/an/rtbcount/ 		43 B
698 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/an/rtbcount/1Sgyrjpx0Mi200000000U9nJp6JXFtRnLRUYuG71nfohRZvCbfaRjgGo084dJ2Jqy-GBGh5dtianf382nJCF21vC1OcNCWDvjLU1H2jZ0f3i1Ca20HF3J4Rsen3EGiOQ4GXh9QDF6aH-BsFW3dQ6es3-MKQGx5KmUPUHGOQ1uI-OFPU92KWkPRe1fDOoHG7PPvd-0y4h9W7To6rw1mGP6MxqNufumS_6y9U91UG4PbOWsSki22IdCeDSDfSPPCHAPYP71R2r6vabVujBRr1DAZh93FFrLMQmnM3oANFj_HTSFvaTdFWXJcTf2mPBC6nW-Gy3Z3kGs0UGs3TP89xxOF-GPN6F-b76TTVjtxA0lBY0bVCaQ_PQNh3q1TQ6XeIRh1a7NeOvrUQgV6K5QVx5ocbeOMnWR6nkPDh0zdVVul0EjWQM2MmlE_Pic7Fhrr756MnN3WSlO6l-rhDwv_BV_pOnhcI3sN60pUC46_CZDjx855UhC8lqYYgJY7ppbsmmr_o4ioQodyulD6kQ-TP-5ZkRfQcHXR7X1dQc7UoC9zZ57x2_dpLZxTypDxvP_63dMS3HtiM-WkFF2fOD76VECExWOBp5WH7iJpaO61hiUpb1NfpA2VBz0iu6vXMSBKmRE4LFS39Uu6HvmSduWPFn1oVZ0YwWWG2Bqz00?media-test-tag=2251799813691395&confirmTime=2104000&confirmRatio=1000000&test-tag=280925220896770&rnd=3420595539365&pcode-active-testids=938404%2C0%2C71
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/952831/c9f2e4d9b16ebb3004df.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1706340459904874-14507439493421687434-balancer-l7leveler-kubr-yp-vla-136-BAL
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 27 Jan 2024 07:27:39 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
image/gif
access-control-allow-origin
http://download-tlgm.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 27 Jan 2024 07:27:39 GMT
3
mc.yandex.com/watch/ Frame 0BB6 		276 B
400 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fdownload-tlgm.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A6xy7yz3pqvro10cvu5q72wt7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A1%3Adp%3A0%3Als%3A1442974877140%3Ahid%3A351635932%3Az%3A60%3Ai%3A20240127082739%3Aet%3A1706340460%3Ac%3A1%3Arn%3A686838699%3Arqn%3A1%3Au%3A1706340460243119743%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C123%2C62%2C1%2C0%2C0%2C%2C13%2C0%2C200%2C200%2C0%2C200%3Aco%3A0%3Acpf%3A1%3Ans%3A1706340457667%3Ast%3A1706340460&t=clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
066b737b89c44440fe5bebb65fad5ab701438177389b9c0cee9bb9f2d7b22bb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 27-Jan-2024 07:27:40 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
276
x-xss-protection
1; mode=block
expires
Sat, 27-Jan-2024 07:27:40 GMT
advert.gif
mc.yandex.com/metrika/ Frame 0BB6 		43 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: download-tlgm.ru
URL: http://download-tlgm.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:40 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 12:09:51 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65b3a10f-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 27 Jan 2024 08:27:40 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame EA47 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
9df4ea0c8c25b6c96ccb4ef96780a7b074ee266972670f2572d38a961f1b481f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://yastatic.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
869
content-type
text/html
date
Sat, 27 Jan 2024 07:27:40 GMT
etag
"65b3a10f-365"
expires
Sat, 27 Jan 2024 08:27:40 GMT
last-modified
Fri, 26 Jan 2024 12:09:51 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
37412095
mc.yandex.com/watch/ Frame 0BB6 		459 B
495 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fdownload-tlgm.ru%2F&charset=utf-8&site-info=%7B%22b%22%3A%22%22%2C%22browser%22%3A%22chrome%22%2C%22extensions%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22fromCancel%22%3A%22false%22%2C%22fromGoogle%22%3A%22false%22%2C%22infected%22%3A%22%22%2C%22loyal%22%3A%220%22%2C%22old%22%3A%22actual%22%2C%22os%22%3A%22windows%22%2C%22p%22%3A%22%22%2C%22sbscrb%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22winxp%22%3A%22false%22%7D&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6xy7yz3pqvro10cvu5q72wt7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A2%3Adp%3A0%3Als%3A800293025090%3Ahid%3A351635932%3Aphid%3A183843390%3Az%3A60%3Ai%3A20240127082740%3Aet%3A1706340460%3Ac%3A1%3Arn%3A964395429%3Arqn%3A1%3Au%3A1706340460243119743%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C123%2C62%2C1%2C0%2C0%2C%2C13%2C0%2C200%2C200%2C0%2C200%3Aco%3A0%3Acpf%3A1%3Ans%3A1706340457667%3Arqnl%3A1%3Ast%3A1706340460%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
9e439db51ac4d523ef29c8b6d7d2bf29756547e7dfbd2d8e12ced60e5c30445b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 27-Jan-2024 07:27:40 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
459
x-xss-protection
1; mode=block
expires
Sat, 27-Jan-2024 07:27:40 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4622439471653545&plah=download-tlgm.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c00438696f666bdd19875d1ecc4093d25ba056129a3a7ee7d1564dc8e4ce0742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12118
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4622439471653545&plah=download-tlgm.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Jan 2024 07:27:40 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 777D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://download-tlgm.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
37157
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 21:08:23 GMT
expires
Sat, 25 Jan 2025 21:08:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A99E 		829 B
1000 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7ce0d3985ccb33786809d35c05d1e8166a38e9b2a447d888da9d0559ba398bce
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9OGO_MZGCwz0J1P-yDKp8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://download-tlgm.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-9OGO_MZGCwz0J1P-yDKp8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 07:27:40 GMT
expires
Sat, 27 Jan 2024 07:27:40 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 777D 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:07:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
37201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 21:07:39 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A99E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=199225707555881&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 777D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6tGF-Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 399B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqQEeO-D1Wx44yWFKSO6n_JHfN7wc1pg5ZgbAGdkNJ9HCekC9SVhXXtdjEXkXLxtxOBhNDg6TNvbc4MP1qY9WWMjqaleK-I3W5KMPccpouwx0SeZS5zwUC7EPrdx5SSFFMSA3-cSEWnSzeBUYZ9L5-f6mL&sai=AMfl-YSVls1P6Vy7eb3ZhQeofIKOJW3lTDjl3DQEVuJAOthpCSEiZ8i2490-3QmJWNkqQw1oPRIpgankbbj8gH3NnCuy5GvJxGcpWdl42Uag8s5d-9k8wulXMDMagZT-fv4DZ4fu6K8UrWHP0zoKUY-Blg&sig=Cg0ArKJSzGXabpxa94wBEAE&cid=CAQSTwAvHhf_55tBSbMUZ5F08YKCIVD08OooenRcsvWMmAs3IMBIUYhJEmWzWPQumQTkw8Y3ZypUw7GqOATW_NFt1VHJqV1InZgcWBGgbic6AwsYAQ&id=lidarv&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,445,273,595%26tos%3D2100,0,0,0,0%26mtos%3D2100,2100,2100,2100,2100%26amtos%3D0,0,0,0,0%26mcvt%3D2100%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2267%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D36%26pst%3D201%26dur%3D15061%26vmtime%3D2283%26dtos%3D2100%26dtoss%3D1%26dvs%3D2100%26dfvs%3D2100%26dvpt%3D2267%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D192864442%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2100&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1706340458499
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=199225707555881&bg=!dHeldzjNAAa8BdJLnAU7ADQBe5WfOKKG2UIVZajZ_MgrWZXtlC-FD7oioiLz7lsFtHHUuOScpeE-xCkhbmlmUhQCOX-YAgAAAC5SAAAAAWgBB5kCwAt0aOwpkHnmINhnFGdWzkCqQ_Zh6uEaDAyS7-9NOJvr92Y5vYsP9l-nzJrrqJLSlyuQUH9h6bgotsmsJjjbjXds2hoII1Cwnk4YhF1kGQ59VFtJvmCc0MGGj-9mUcfynBEoBuwp5N--w2pw_1OdXZ4Ef2JghiTrbpHmHhGGtrY0S_LWjIbtyipFpbDAWEvn5b8o4Nay-Ohu_A6GNIixQlzFTdqhICAikp74YAEwQnLoCTgwFtS412WT7YbiNkcGrkEyP_6Qqy9uwap9UwOnkPdxwF5SjBiWMpIbaGLyVlEKXAYQbXb2KLUkKQK-yb5doGqE0VhWGJ4fAd_BDY3uZaHwi3tSnqF8N82ffOrvmx0M4oaM8CS8MQUF9co4_DFeWRNVbiJIhhjIcBj-MTcbiaAnue1rXQ166RSDjv8U8-8pmaaQq4yFOxW3DF742IKzleBJN-rrCZOujcTOuz8TkiIuU4Ph25jNhepcD3Lti26tT8d_RvSh0cLYP0UFwlAx3vaWY-Sob2rCDi6ywS4AZ-UbCwgqIkrVZkKiXQUAUtkGn2BPeRmQ5dNL76hQiF5tYN-5-FjTmvltaoPyTopkR2HAZphQh1byL6qV27sa4zRVmq04xhOCDTexvI2iEk36Yg6LNmobDvvimN6uD27CgnGQn_WxR8nTqabt6HjO73ykVbGLhkuvkrf3pTIZvoC1sS1XhTucBIoa92E3UBgwBWEI73kmDmyFDYLME2PMvgFSp50DMk3UfGfuBasqf7AQwOCoBl09mmNKwOZjYIMQE_o70I4JLzv8QWimC4FZGKiM_kzkC_FMaU4O0OrgLTGbnNQoRF5iLOdEwqlBtQ_U4stsinVap5P5_MgsIxMZ6CZI8yo0NCapZmRdr2jqcGuskPUFD3OQuRmtdCDwbI_t9MGgzIiA78kiS5M2UGXbtZD6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
/
track.adform.net/videoad/event/ Frame 399B 		35 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/videoad/event/?bn=67886237&event=26&time=0&banner=60577464&imprid=7674214883904101070&rnd=793944&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
dc_oe=ChMIgpH2xoX9gwMVIE5BAh0QrAvjEAAYACCY6theQhMI5dfMxoX9gwMV64aDBx2iZgBS;dc_eps=AHas8cDKEbL6YbS0uab92yG6sCzoygWe8S6JQTlFioA5DyOfsz9MlRtbW-CSd_3rQXHRLjC1RVYr5dg;met=1;acvw=sv%3D960%26v%3D20240117%...
ade.googlesyndication.com/ddm/activity/ Frame 399B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgpH2xoX9gwMVIE5BAh0QrAvjEAAYACCY6theQhMI5dfMxoX9gwMV64aDBx2iZgBS;dc_eps=AHas8cDKEbL6YbS0uab92yG6sCzoygWe8S6JQTlFioA5DyOfsz9MlRtbW-CSd_3rQXHRLjC1RVYr5dg;met=1;acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,445,273,595%26tos%3D3752,0,0,0,0%26mtos%3D3752,3752,3752,3752,3752%26amtos%3D0,0,0,0,0%26mcvt%3D3752%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3919%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D38%26pst%3D201%26dur%3D15061%26vmtime%3D3937%26dtos%3D1652%26dtoss%3D2%26dvs%3D1652%26dfvs%3D1652%26dvpt%3D1652%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3752,3752,3752,3752,3752%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D192864442%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3752;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1706340458499;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 399B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C1UphabC0ZaX_E-uNjuwPos2BkAW2zbjTcvi_05zKEYr9oITDARABII6g0GVglbKVgqQHoAH59-vHKMgBBakCZ9RZb1k1sj6oAwHIA5sEqgT2AU_Qx8eHIttnPwxpG4J-DALr7DXA0J8DCHPC-27zoE9CKVCCw0fZBJTxfjLOE0ZCWWYgG7JLg2rx3ZNjp2NL04HBznGtaAiIjT1_S8NI9PcOookIzKRc9b8N607f2wPwC-oYyJTWrNscuMdvUlcX3wSu20NOe9o7l9xsVjjvbiy2ZQlYK0Qor1v0nG21IAgtQz_VTHro9TCuIi7kr9hFY1l1qG3KR_YvgUDZQFuANDvW3X7Itt9MhiasUZ7FpJFBpWeg1dZc8iCEsgr5gmreJQi6f1pNWQhMrSzb2hl7imHmNsvWwElGf5hpp2zdgxe_ROSlBaHxc8AEuMbhn7sE4AQDiAWEmLitTJAGAaAGeYAH-a-8pwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljWuszGhf2DA4AKAcgLAeALAYAMAaoNAkRFsBOS1OgV0BMA2BMKiBQB2BQB0BUB-BYBgBcB6BcBshgFGHkiAQA&sigh=aWWeXwY6HD8&label=videoplaytime25&ad_mt=3938&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,445,273,595%26tos%3D3752,0,0,0,0%26mtos%3D3752,3752,3752,3752,3752%26amtos%3D0,0,0,0,0%26mcvt%3D3752%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3919%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D38%26pst%3D201%26dur%3D15061%26vmtime%3D3937%26dtos%3D1652%26dtoss%3D2%26dvs%3D1652%26dfvs%3D1652%26dvpt%3D1652%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3752,3752,3752,3752,3752%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D192864442%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3752&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1706340458499
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4622439471653545&output=html&h=280&slotname=3547231412&adk=3563481279&adf=3642323547&pi=t.ma~as.3547231412&w=1040&fwrn=4&fwrnh=100&lmt=1706340457&rafmt=1&format=1040x280&url=http%3A%2F%2Fdownload-tlgm.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1706340456996&bpp=3&bdt=517&idt=298&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&correlator=2048886132120&frm=20&pv=2&ga_vid=969955348.1706340457&ga_sid=1706340457&ga_hid=886679608&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080589%2C95321627%2C95322165%2C95323006&oid=2&pvsid=199225707555881&tmod=2064311856&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=305
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 07:27:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
WZ4ejI_zOoVX2LcG0HqH0CDVUZw4M2P4s8Dez23A89Xy4t8ZdfoK9r3OTXe5s2dJJZlafRupDl54IqjBIqjBPySa0U9c3jc-yoTqslpm5oEixik7CFt1Qq0IoIyVTW-2aHx6dithoLSI9eQ5KZo8InX0nwaYDSe0np62Z1m6Jugg1ZCusENDrqOFafoh2bk4Z2h2m...
yandex.ru/an/tracking/ 		0
200 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/an/tracking/WZ4ejI_zOoVX2LcG0HqH0CDVUZw4M2P4s8Dez23A89Xy4t8ZdfoK9r3OTXe5s2dJJZlafRupDl54IqjBIqjBPySa0U9c3jc-yoTqslpm5oEixik7CFt1Qq0IoIyVTW-2aHx6dithoLSI9eQ5KZo8InX0nwaYDSe0np62Z1m6Jugg1ZCusENDrqOFafoh2bk4Z2h2mKm01p6F_hXXl8GIRn3RM5ss7Se8zqEr7tA26iQ-Xjn4WolyKZFsLTyu93LYPasOXjWZMAy1qq9wDAdXWg3hDVhq2f00jXY-c324RHnGwXCwODWo88da5mmwFTP3C13HAGnyWMj0OQ65dO0ZaO9TthbibHXTrvcOiDWPSbEcKTcyKCxWhsgiz060HxnfK6EGAMlAP4sKdrXWmOyYBIWKMLBGVTi4iuntGYFCX79Jr--Oz6nSZFX2-OilHkjZT0zZji06ywLPg6XYBH806APBW9IYNzu5fb1Jhu5FVjQTVzZdAU7nmH8OQVjVQ22MxuK6OlbS1zoU_auBwT7aQpsJ7cu_wvdqS6EQGS0nooOQTLtNiRGvXiiHBhtxj3okiIVxjBmlaNuSebiL1T9_QU-red5H4qJZeYRejHxixIq9byzwgRSn9cHSd8JuUPqv8sOE1Cz5RfihbKgbjSqhPDDQvG-X09MPKgbK1X3y2vJXa5C_sBluuKh8uu1VtTcYWWAefe8wKSwwNRoZLzT8mtGkQbyu5lXb2wIoOA1fr3Sm70W0~2?action-id=25&viewability-undetermined=0
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/952831/c9f2e4d9b16ebb3004df.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://download-tlgm.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:27:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1706340462799767-18362812324422400730-balancer-l7leveler-kubr-yp-vla-136-BAL
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 27 Jan 2024 07:27:42 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin
http://download-tlgm.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 27 Jan 2024 07:27:42 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
download-tlgm.ru
URL
https://download-tlgm.ru/wp-content/themes/tlgm/assets/fonts/Norwester-Regular.woff
Domain
download-tlgm.ru
URL
https://download-tlgm.ru/?wc-ajax=get_refreshed_fragments
Domain
download-tlgm.ru
URL
https://download-tlgm.ru/wp-content/themes/tlgm/assets/fonts/Norwester-Regular.ttf
Domain
mitdmp.whiteboxdigital.ru
URL
https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D
Domain
ysa-static.passport.yandex.ru
URL
https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 undefined| $ function| jQuery string| _wp_rp_static_base_url string| _wp_rp_wp_ajax_url string| _wp_rp_plugin_version string| _wp_rp_post_id string| _wp_rp_num_rel_posts boolean| _wp_rp_thumbnails string| _wp_rp_post_title object| _wp_rp_post_tags boolean| _wp_rp_promoted_content object| yaContextCb object| adsbygoogle object| pseudo_links object| kk_star_ratings object| tocplus function| Cookies object| woocommerce_params object| wc_cart_fragments_params function| EvEmitter function| imagesLoaded object| Boston function| _abort function| _error function| _start function| _process_inline function| _show function| _format_title function| _process_title function| _swipe function| _set_navigation function| _finish function| _preload_next function| _preload_prev function| _preload_image function| _get_zoom_to function| _get_orig_pos function| _closed function| _cleanup undefined| fb_timeout object| fb_opts function| easy_fancybox_handler function| easy_fancybox_auto function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery function| b64e function| b64d object| ai_front number| ai_jquery_waiting_counter function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| MobileDetect boolean| ai_js_code object| wpnConfig function| goNextPage object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter object| hash object| qs object| pathname object| hostname function| ai_process_lists function| ai_process_ip_addresses function| qmvt94025 boolean| PzRbzoGy1xGbo4zE function| cnc object| pcode_952831_default_nJfCI6Wabs object| Ya object| __activeTestIds object| __vasActiveTestIds object| __pcodeAllActiveTestIds number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive boolean| yandex_context_perf_logging object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya object| yaads object| layoutConfig function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| yaCounter48291797 object| $sf object| yaSafeFrameAsyncCallbacks object| yaCounter2027212 object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

92 Cookies

Domain/Path Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: pcssspb
Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: afpix
Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: pcs3
Value: 1
shopnetic.com/api/rtb/dmp Name: test_cookie
Value: 1
kimberlite.io/rtb/sync Name: f
Value: https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FZbSwantLFg0
kimberlite.io/rtb/sync Name: as
Value: hPJ_CGW0sGo4WsfhZbSwag
kimberlite.io/rtb/sync Name: n
Value: 2
.yandex.ru/ Name: yashr
Value: 7142526651706340456
muloyorom.com/ Name: userid
Value: 3692eefa-f201-4cd9-be90-68cdf7dc3175
.download-tlgm.ru/ Name: pmvid
Value: 3692eefa-f201-4cd9-be90-68cdf7dc3175
.download-tlgm.ru/ Name: _ym_uid
Value: 1706340457493392520
.download-tlgm.ru/ Name: _ym_d
Value: 1706340457
.muloyorom.com/ Name: uuid
Value: 3692eefa-f201-4cd9-be90-68cdf7dc3175
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 4273696750fake
.uuidksinc.net/ Name: jcsuuid
Value: 9JrbPI0EQbl1xl64QLvU
.muloyorom.com/ Name: oid
Value: 9JrbPI0EQbl1xl64QLvU
.download-tlgm.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 867760525fake
.yandex.com/ Name: i
Value: GgXj6hqLedUtw443Hc24tTz61Y2txnuzqGhaYrvXNEnmTsXaQxaMsD/VDvsCNaEFIr5KdK1Uc2mK8rZ+UEM4Vlp/eRU=
.yandex.com/ Name: yandexuid
Value: 6756411861706340457
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 5976415971706340457
.yandex.ru/ Name: yuidss
Value: 5976415971706340457
.yandex.ru/ Name: i
Value: q8838wpAB8tuLwiEwjHFqctajuwe7cKh7jECb5BFirT58g5tNZUbrNptLKylfHdL03dbPn8L2oDdhnA9HZtc4YZVYDo=
.yandex.ru/ Name: yp
Value: 1706426857.yu.2417283811706340457
.yandex.ru/ Name: ymex
Value: 1708932457.oyu.2417283811706340457
.yandex.com/ Name: yuidss
Value: 6756411861706340457
.yandex.com/ Name: ymex
Value: 1737876457.yrts.1706340457
mc.yandex.com/ Name: yabs-sid
Value: 860120241706340457
.download-tlgm.ru/ Name: _ym_visorc
Value: w
.download-tlgm.ru/ Name: __gads
Value: ID=d062b0a5eeac60ff:T=1706340457:RT=1706340457:S=ALNI_Mb3-4krsJvgNUWh4-MaEB_HfJO4pg
.download-tlgm.ru/ Name: __gpi
Value: UID=00000d4a949c953d:T=1706340457:RT=1706340457:S=ALNI_MYv1kJVLooJ74EsPbaIuFSOrZPE2g
.acint.net/ Name: test_cookie
Value: CheckForPermission
.acint.net/ Name: aid
Value: fwAACmW0sGmjFQDvOtNlAo21gWjaJoEz93x7yMuNTQw6hAs0
.weborama.fr/ Name: AFFICHE_W
Value: O6GxemWgedQ753
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: ss
Value: 1
.acint.net/ Name: cSyncDp14v4
Value: 1706340457
px.arcspire.io/ Name: arcid
Value: cfab8b45dcb263bb9649aa
.betweendigital.com/ Name: tuuid
Value: 22b7bc4c-db45-521b-bd6c-cae4d8d87a8d
.betweendigital.com/ Name: ut
Value: ZbSwaQAPKtBATs5HIkbcxeKzfV6C8IZ7jcfGkg==
.doubleclick.net/ Name: IDE
Value: AHWqTUmSAmeWwEjXp_qaUeVL-geQp8aCWJw2MrSdyRb-KQ6gl_bj3z4xcRPb54dOxdM
.doubleclick.net/ Name: APC
Value: AfxxVi4nt_jYxj75Og-5t0gWUb3cf0M3gVkQP_uy42VFf9DB92VHRg
.gnezdo.ru/ Name: uid
Value: XV9maWW0sGqctaWjIHNQAg==
.dsp.mpartner.digital/ Name: dmp
Value: HsmPvZizfhblgTuBvAMFTpaywbkXdjSP
.tns-counter.ru/ Name: guid
Value: 51AF7A1665B4B06AX1706340458
sync.adspend.space/ Name: as-user
Value: e4c713ec-90bc-436b-88bf-0d0097e74882
dmpprof.com/ Name: nmatch
Value: 14_9JrbPI0EQbl1xl64QLvU
dmpprof.com/ Name: uid
Value: 02746671-97e7-401e-98f9-de65e36b525a
.dmg.digitaltarget.ru/ Name: viuserid
Value: vY4.0mOCd47Tc857Js2U
.demdex.net/ Name: demdex
Value: 40228632180002839993079446056737842216
.download-tlgm.ru/ Name: __eoi
Value: ID=aadeb3f98a3a00e8:T=1706340457:RT=1706340457:S=AA-Afja01ZOl6ult92W-oxLwj6bZ
.dpm.demdex.net/ Name: dpm
Value: 40228632180002839993079446056737842216
.targetads.io/ Name: _TADUID
Value: 1673779647470262086
kimberlite.io/ Name: u
Value: ZbSwantLFg0~I-GPNGpmXxqfQrYBIBt0-DTuCmA
.ssp-rtb.sape.ru/ Name: sspuid
Value: CkIDHWW0sGoVqgLtlIL6AltsY/yX3xCs4ktza/rdy6CzmOON
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: JP9bW2UPMQuVYFsIpIOLANkxZdtyeG1eh8EV7Oy_FaoIvm4Qtl5lYxUMJrFh27WQkapprFxJXtHcbNnig2eL-_13-l_am-0u5Lo-BTS63XM.
.adnxs.com/ Name: uuid2
Value: 584258732676743277
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?bn9uDF!]tbPl1M>e)ZlrFUfJ+tGXxoH<9(UkKLhW5J2_:1F5o<lb>Zw#[8/KAUj(L93If)y3KL9D3I?+PnB2=o
.casalemedia.com/ Name: CMPS
Value: 2238
.casalemedia.com/ Name: CMID
Value: ZbSwasdTc1cRAu45FzilOwAA
.casalemedia.com/ Name: CMPRO
Value: 2238
.adhigh.net/ Name: gi_u
Value: PQ6xLLYnGGn.AikABlGNSdEfIA
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
sync.dsp.solta.io/ Name: chk
Value: 1
.sonar.semantiqo.com/ Name: semantiqo_a
Value: 2526f8e4e7234761b62174925dd5b117
.sonar.semantiqo.com/ Name: check
Value: ea4e49cdf47442ddb840ce59be42ad4a
.adhigh.net/ Name: yandexssp_sync
Value: L7Cf
.mts.ru/ Name: dspid
Value: ab6ac913-f8eb-4f06-a556-7a2c38c96ba1
.mts.ru/ Name: reset_cookie
Value: 1
.bumlam.com/ Name: suuid3
Value: IiQ4YzVmMmE2Ni1iY2U1LTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
prodmp.ru/ Name: rai
Value: 022432a26cde8473fe73a5a5b614f1ba
.dsp.solta.io/ Name: pid
Value: NjYxN2Q4YjM5OGU0ZWU0NA
shopnetic.com/ Name: shuniq
Value: gvke44GfBz9GGDdjHvWabo8re98
.upravel.com/ Name: session_tptc
Value: 1706340458526
.adform.net/ Name: C
Value: 1
.adform.net/ Name: receive-cookie-deprecation
Value: 1
.adform.net/ Name: uid
Value: 6660861859474414295
sync.gonet-ads.com/ Name: chk
Value: 1
.upravel.com/ Name: user_id
Value: 6af38137-bd50-492a-8ec2-97e81d22f434
.aidata.io/ Name: __upin
Value: 9zhSFbZCariCe2SR2l9xYg
.aidata.io/ Name: __upints
Value: 1706340458
.gonet-ads.com/ Name: pid
Value: NTdmYWZiZWJkMjk3MTI0Mw
x01.aidata.io/ Name: yaya
Value: 1
.mts.ru/ Name: mts_id_last_sync
Value: 1706340458
.mts.ru/ Name: mts_id
Value: afcf3802-f832-4b6c-89d7-81d5987de6ff
.rutarget.ru/ Name: userId
Value: mEyDtUoP5s__
.yandex.ru/ Name: is_gdpr
Value: 1
.yandex.ru/ Name: is_gdpr_b
Value: CJKEDhDS5wEYAQ==
.mail.ru/ Name: VID
Value: 3EbnZB2MNJIM00001F2UbCoM:::0-0-0-acf092c-0:CAASEPbhHlNuxpu1P3cGCU39OhYaYLjICe5E_yNbBHyF522JZDeL9d29EfnOrGHbY0OnTpkhwVxJwD7zYGGaPTHPtx36rGDYBtUxlj-FuHcbbK4Bf0YYyjRLuI_HPker4Fx8q4OegUiBiH4g-JJiZ8ql67tz_Q

8 Console Messages

Source Level URL
Text
javascript error URL: http://download-tlgm.ru/
Message:
Access to font at 'https://download-tlgm.ru/wp-content/themes/tlgm/assets/fonts/Norwester-Regular.woff' from origin 'http://download-tlgm.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://download-tlgm.ru/wp-content/themes/tlgm/assets/fonts/Norwester-Regular.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://download-tlgm.ru/
Message:
Access to XMLHttpRequest at 'https://download-tlgm.ru/?wc-ajax=get_refreshed_fragments' (redirected from 'http://download-tlgm.ru/?wc-ajax=get_refreshed_fragments') from origin 'http://download-tlgm.ru' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://download-tlgm.ru/?wc-ajax=get_refreshed_fragments
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://download-tlgm.ru/
Message:
Access to font at 'https://download-tlgm.ru/wp-content/themes/tlgm/assets/fonts/Norwester-Regular.ttf' from origin 'http://download-tlgm.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://download-tlgm.ru/wp-content/themes/tlgm/assets/fonts/Norwester-Regular.ttf
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://an.yandex.ru/setud/mts_banner/q2rJE_jrTwalVnosOMlroQ?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=2853111327
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1010--1501445047--e4c713ec-90bc-436b-88bf-0d0097e74882.stbid.ru
acint.net
ade.googlesyndication.com
ads.betweendigital.com
an.yandex.ru
avatars.mds.yandex.net
bid.g.doubleclick.net
cm.g.doubleclick.net
cm.tns-counter.ru
counter.yadro.ru
cr.frontend.weborama.fr
csi.gstatic.com
d.uuidksinc.net
dm-eu.hybrid.ai
dm.hybrid.ai
dmg.digitaltarget.ru
dmpprof.com
download-tlgm.ru
dpm.demdex.net
dsp.mpartner.digital
dsum-sec.casalemedia.com
euw-ice.360yield.com
exchange.buzzoola.com
eye.targetads.io
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hunterers.com
ib.adnxs.com
im.bluevoox.com
imasdk.googleapis.com
installpack.net
kimberlite.io
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
mpraven.org
msetup-partners.com
muloyorom.com
nr.bidderstack.com
pagead2.googlesyndication.com
prodmp.ru
profile.ssp.rambler.ru
px.adhigh.net
px.arcspire.io
rtb-eu-warsaw.intent.ai
s.uuidksinc.net
s0.2mdn.net
s1.adform.net
shopnetic.com
sm.rtb.mts.ru
sonar.semantiqo.com
ssp-rtb.sape.ru
ssp.adriver.ru
sync.adkernel.com
sync.adspend.space
sync.bumlam.com
sync.dmp.otm-r.com
sync.dsp.solta.io
sync.gonet-ads.com
sync.teads.tv
sync.upravel.com
tech.rtb.mts.ru
top-fwz1.mail.ru
tpc.googlesyndication.com
track.adform.net
ups.analytics.yahoo.com
us-u.openx.net
uuidksinc.net
vma.mts.ru
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.digital-services.solutions
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
z.cdn.adtarget.me
download-tlgm.ru
mitdmp.whiteboxdigital.ru
ysa-static.passport.yandex.ru
104.18.36.155
136.243.48.253
138.201.65.68
142.132.138.214
142.250.185.98
142.250.186.130
144.126.246.116
167.235.186.113
172.217.18.2
176.99.5.252
185.15.175.130
185.246.66.33
185.40.31.213
188.120.241.50
188.42.105.236
188.42.34.64
188.68.217.18
188.72.109.103
193.106.93.124
193.232.148.145
193.3.184.217
2.19.217.101
2001:6d0:4001::226
213.87.44.187
217.199.220.43
217.65.2.150
217.66.147.40
2404:6800:4005:809::2003
2606:4700:20::681a:f45
2a00:1450:4001:801::2002
2a00:1450:4001:801::200a
2a00:1450:4001:802::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2006
2a00:1450:4001:831::2003
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::90
2a02:6b8:a::a
3.71.149.231
31.172.81.160
31.220.27.134
31.220.27.135
34.111.129.221
34.98.64.218
35.177.4.157
35.214.149.91
37.157.2.228
37.157.6.236
37.230.131.21
37.252.171.85
46.4.53.119
5.189.234.229
51.250.81.61
52.45.175.185
63.33.78.63
63.35.143.96
74.125.133.156
77.244.216.90
77.245.57.72
81.171.9.38
81.222.128.215
85.192.12.174
87.242.93.185
88.208.13.82
88.208.46.156
88.208.46.53
88.208.5.115
88.212.202.52
89.108.120.76
91.192.150.14
93.95.102.105
95.163.52.67
95.217.109.66
0097ea340c2f2b250ce4525f7ebdf92ad3df2f1b88840795d1df188bfd669971
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
03a76474d3688f27218b2162729d23eb82b7bf7d1e52abfedc7247030a2a170b
03cd27383624fe9c5fd5c20ae3cf56553e254b1b796327d452550908cd7ba21d
0439b6189a66a1ee37ad12e825c93134b62c5840c592dc85665ca4cc1fb089b1
066b737b89c44440fe5bebb65fad5ab701438177389b9c0cee9bb9f2d7b22bb6
072d90252a1bd43b95aea887900a41fb51c60fbb0b31a2c1ca306521c09f5757
07a805cb92ab58c5f6f0dda27540d18e050b01d9c3f456b3a3fcf4311c1de004
08455a24bb70bcd7185baefe33eaf607c5e727e24e435e336c47c8c80db7eb86
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d
120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72
13cbe8a4547521fb80fe4f1618efa1c9e4142069481bb547384400702a794abb
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
1b21be50822c8f1e162a563f05543e3d8b2f97a91e6ebcb8064ebbe13c6037e4
1cd6396792d7bfdd898dcb9f2ee195387179b30fb4cc2cdc0c57575fab655230
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f4de2d3d0961e5448ad9c43a6254129c6019f94ea10bc0f845c1144f2102854
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
24390adf7efd53ea9a2f59b9b093892831a470a4b7546122025f8945e5bef69e
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2821cdf09add615de93a777f1ede38757c8816b266d090fd9bc2c3c0f89e22bc
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b4fc84ee04adaaab536bfd9e79fd2d30cf6c16eb85e4ac25c692b3a4a2b91e5
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e24f5f8ba510d2dc2601bfd92046d74ce0899910682ce2853bb391f89d5c353
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
2e4de7a854eb37a5e5c4e94cb292f89fc0bbc97e18572ad25f20bec306e8a68a
30c8402fae92f6c56db2e0a6b1fc4941a759bb3ddabcaa93ad477d71356e1dd6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
34a954f019ad9bcd42bb486c0353b3fa1d1bf85e247d8f6c665aa743256f8d4c
376fd1eb7ae817a27cacf8d720f71050c406824a87f606c775beba4ef04795da
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4627acba7d2699a6e0ed65aa44db5581ae3f0df45d5fd38d5f7bfc2e385cdf8e
480afb8dc8aa0e73b93c72a29634afa8a6fc4327f1c8bcc1f5fb51062724e1b5
4a696aaf91907e56fda01d21c931712f3be651ef7b0c3a2dc4ef079aa84b47dd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bce18de486fea257a1a5c9d5477070cec0ca1dff3438e5784161e8a8756da44
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d88e46e23144adc20f210e3a49fda9153387747f36119942c3443d3e93ee5fe
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec16ff31bfd0f69911ceb8c8de06dc20fbd0f4e1b84033f5a7095fb54e9ee69
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
4fdc98567a41735b10075525d5fc74388bad90415af679f8cae7e96cfdebd122
50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea
511786f8ddf9e4bbd4d1ab3cf1a2b06ca2fe3453847286d1afeddf4d778f8dc1
5363abf907918a9ec9fb946a2c462e8407886498ff5542b1c2cd80decd622856
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54bc30a4cd8464bb75013d18866ffa4f74e08d1ffe3238e0100770ada8947969
5510ee61a6bea61b5e4b08fc1d98de864b1773a783c60a6dd7075141aa0885cf
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ee9510e78623f5fd1309067dc6e7a15f70d48e23e5658a0aa81be100ad232b
59196f295fdadd3391cfbb187fef654f77ae385d6f8555c588963b521b1a98a8
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd
619fdeaed027f4e2b96cb82baa60c9c6615e7b24172f08eed907e617537171e1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ffdffc7de873c32366a7c0beba39a41bc77914f132d1bab5e70ebc1ab5f76a
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
66cbe3b02faabbe4f4b649a9928e98d0828e817ef3d2b060cf4a9b9918166c41
67344660d1169a1acdb10d280e286e4b62856f00990b41ece1fdf6c52d88ccea
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b1adc37a16294b5127dc6e84c9fc36e1f50bac718dcfe35f60f466fdf692bbf
6faf9b3930c127b8bf7d97f22a50832b6cf0ac678e16ba6fa412e0a5ec06dc2b
70c8485b8ba17ce2a2a8ec1fca791acf0cc8197298d2b0ee7221735188069976
7184722e8650c6701e1ab08da523b355147037f9cf772912cb4832341067a7d2
71ad78c9d608c1331deb09bdd53f68a524aff1b39271f04c7343dfbd43f47d4e
73908a6a38a55f430d713c9b048c9e3dd4090d0557f5656a3979b1a0a1369fb6
75db663f63c3505c2d1d2c41b82da41465bcd39b390516728f7fd323f95f644e
7849bcf6c426021d4666fa0fd5d3346178478b492663b7ffa4bd86dddad56c58
7adc1cb2ea46ec43a0e65d5b1aee67a103094f1c8faea45c5d1d246d34019126
7c6b9f1256f3b23a1cd4dcc3368753a6bf0fec3cbc08a072f2e1c8bcdfe0901f
7ce0d3985ccb33786809d35c05d1e8166a38e9b2a447d888da9d0559ba398bce
7d214ef7d8f77c9febbda7ca16f299d5f4de91dcf743c052067029a4a4e965e8
7f0467bb5f25e2ce48c22f14854b2770250c6cd6b6dfd504f9378fdf9e0feaac
802b42fe0250c8201f41f330430e122adbce1d41a187144c3ff6520f005ee824
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8497df469ba36be9d811c4e746bfcae4e89a018c634eaa5c339af36dfb6bd68f
85153241a5572ac0eb4bd34e29219b0512ef3f5aea409ced5597d09b169d1216
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87ec2574487b8de0da002d4e8f9d0c09fc31f32164a8de2b661e04a7de428cf1
889c485a7b4333e76a42c57ce4eb843d0e274350683300e82844654dc20a8463
8a746b54d9607284603c4b6d8ffdb8ee004ce3d3cd7d431801c42436ee9d3572
8b050dbee3ec23d25a5ebba65c8bb2fc1b2f7cfac1a5fada6de45aabc4aae5d8
8d74b7089a68f822f535c265ed9b4faf167417defaeed5985d00f7d1f8d83007
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
95848d06ddc0e58d0d130e3d3c1d757c849f8c98cc681d435682f3bd38d7b23f
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9d52c7c5050b088109075328a9e830e4bfdf6446c763b9e69c637d5c0e11d599
9d5f00eac5750cb4dd9bb6dd8e91e45607a47b06281748c3af3216af86acad1f
9d6b27c6e65181f440d74ffee8b938cafc7d782abcaa6b0e1a11732607371e73
9df4ea0c8c25b6c96ccb4ef96780a7b074ee266972670f2572d38a961f1b481f
9e439db51ac4d523ef29c8b6d7d2bf29756547e7dfbd2d8e12ced60e5c30445b
9e582699ee606fb76de4200464effb6ce20832ab3838f7c65f0ee58e2914805d
9fdedb91076ba01329d0eabf7e740e6ac805dccc2edf7301a40c0af95adec8bc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a017d699da0ba967c45c18ff362d858d0671f22da470b6f4a12a7496534fff53
a2c8d4c4f851bc762ff462329786060fc683b9ac19e857cc9426e95771b648a6
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a764a286e66b169e6f5f1af884eb5d41bee03c2d7af643dc89e797df03c1a885
a90a6ffc2d2d6ecce646faf795b30baf7341ecbd2669414f563f1e603541e824
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acdebf935ded5cb063dcca7c46be5bbc503af5e76e295f6d0b7093c4514ed256
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b46f0c580b3e0c5e10ef63e66e41e0e2e33aed5fb55a82bb7004fb4d8a0059a8
b6f695f87cfca13dd4addfcef61be73b3b72dca643436e673a58c9af723154df
bb5dcd13a3de5c8e7514e331964ead4cbc4b60280f75e36238982df12ba06bac
bc15f689a37625b49993e28b2029500fc3d9e17525517f8f238add19df3f733d
c00438696f666bdd19875d1ecc4093d25ba056129a3a7ee7d1564dc8e4ce0742
c01deeb82a9541c4c056db918b63c8ae4a4038c23aa201d43026d7a0a5334ac8
c18f5c0855f4b76c30dd796f7164f9d1bb23c2c85b070cfad938787a214a2639
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
c6361a648d15fdf9cad312750da2568bd07a34a58e2ee1e1cf6b50d878e11a08
cc1d0438b3676b3880bca3ccd317aaf5de6839899d7379547380c3b64e249f8c
cc77ebc24842520a8f8af0dae5a55b8e5129ae49b2b30688040ee13d1e09c58d
cc78df42c084391a326bd060c3d6a3b60797b3c4610c19c58008d3f16e9e6b53
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
ccbcccd2fef05029e565bdf38eb68bca95714212faa4f5aa2760ef98ebd9890d
cef98e3ea8e0eb0dee9e1a4c01e28d2ddc40de6905056163c2e5e7e2f94d6a0a
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d69ff981d3809f059f35995d2a2dd0ccd7620870ccbecf45c0b5f87d1ef8eb62
e0a709b63261993d42234f053ee43b75d43af3d7b0f147eced60c97c3e6c8f95
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
e15e05a4cdae4e357e01c8fe83dccfd08f980d6347eb409b6f851ea5256141c6
e2682c84853e522c3dc71819357af7e7941e8ab4457d4b64c987918e301d9e25
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d3e85702ddd516a62c6737e342ffc047a5dbdfc128b7177a762c731d697632
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e7554b3ed3202232f01139ac31ec578f24bb49f5487b366cc574600f6cceafdd
e9bdf3db7d32981e6d6d0c8652e88ebdf942fb4da096d5cb3a12f9c890ace4cc
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed6780130a3610bf59c06971d92a5116a59966c3967771bc672fc19779983572
ee3398bdd77ecef0ed98349221612af04335c2c0a4c372bd84682fabc0d23068
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4d4117ea73e72211fbea31631154195fdbe5ede6b97df2cbb3e465a9f81315
f57f53d3cd03a82122103a8ec0daec7b0dcb848f158f943e5756201af9b4b5fb
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fd67157c7aeb1d870dbc2ba8b6b353758a813dccfdd253be8854b60513884640
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ffd260c5b40dcd03f608c1139d46c331b51060b5add207fd79c89143c3d8b448