tlgrm.ru Open in urlscan Pro
2606:4700:3034::6815:2eea Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tlgrm.ru/faq#q-how-do-self-destructing-messages-work
Effective URL:
https://tlgrm.ru/faq
Submission: On April 11 via api (April 11th 2023, 4:00:30 am UTC) from CH — Scanned from DE

Summary HTTP 115 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 17 domains to perform 115 HTTP transactions. The main IP is 2606:4700:3034::6815:2eea, located in United States and belongs to CLOUDFLARENET, US. The main domain is tlgrm.ru. The Cisco Umbrella rank of the primary domain is 902878.
TLS certificate: Issued by E1 on February 23rd 2023. Valid for: 3 months.

This is the only time tlgrm.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3034::6815:2eea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a11:27c0::93 2a11:27c0::93	210756 (EDGECENTE...) (EDGECENTERLLC)
13	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
3 6	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
11	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 2	154.47.36.105 154.47.36.105	174 (COGENT-174) (COGENT-174)
18	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
9	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::f 2a02:2638:3::f	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
115	25

4 2606:4700:3034::6815:2eea (United States)

ASN13335 (CLOUDFLARENET, US)

tlgrm.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a11:27c0::93 (Russian Federation)

ASN210756 (EDGECENTERLLC, RU)

cdn.tlgrm.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.47.36.105 (United States) 1 redirects

ASN174 (COGENT-174, US)

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::f (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	367 KB
17	tlgrm.app cdn.tlgrm.app	244 KB
14	gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn1.gstatic.com	162 KB
13	criteo.net static.criteo.net — Cisco Umbrella Rank: 670 pix.eu.criteo.net — Cisco Umbrella Rank: 9255 csm.eu.criteo.net — Cisco Umbrella Rank: 7853	64 KB
11	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	114 KB
6	yandex.ru 3 redirects mc.yandex.ru — Cisco Umbrella Rank: 3359	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	195 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	3 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	tlgrm.ru tlgrm.ru — Cisco Umbrella Rank: 902878	52 KB
3	criteo.com rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 26061 ads.eu.criteo.com — Cisco Umbrella Rank: 7796 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 31702	43 KB
2	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 25016	861 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 7832	696 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	5 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 980	600 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	86 KB
115	17

	Domain	Requested by
18	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
17	cdn.tlgrm.app	tlgrm.ru cdn.tlgrm.app
13	pagead2.googlesyndication.com	tlgrm.ru pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com tlgrm.ru googleads.g.doubleclick.net
9	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
7	encrypted-tbn0.gstatic.com
6	mc.yandex.ru	3 redirects tlgrm.ru
5	www.gstatic.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	tlgrm.ru	tlgrm.ru
2	csm.eu.criteo.net	ads.eu.criteo.com
2	pix.eu.criteo.net	ads.eu.criteo.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	mc.webvisor.org	1 redirects tlgrm.ru
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	tlgrm.ru www.google-analytics.com
1	encrypted-tbn1.gstatic.com
1	encrypted-tbn3.gstatic.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr3.eu.criteo.com	tlgrm.ru
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.jsdelivr.net	tlgrm.ru
115	26

This site contains links to these domains. Also see Links.

Domain
games.tlgrm.ru
page.apps
telegra.ph
core.telegram.org
ru.wikipedia.org
t.me
telegram.org
translations.telegram.org
support.apple.com
www.google.com
twitter.com
dl.tlgrm.click
forms.tlgrm.ru
vk.com

Subject Issuer	Validity	Valid
*.tlgrm.ru E1	`2023-02-23` - `2023-05-24`	3 months	crt.sh
a127fb2c-de1c-4ae0-af0d-3808559ec217.selcdn.net R3	`2023-04-03` - `2023-07-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2023-06-25`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-06-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-26` - `2023-06-29`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://tlgrm.ru/faq
Frame ID: 459401B49B90ED14F35AE7E9D69E2414
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/zrt_lookup.html
Frame ID: A41D1104CE7BF3D9CC9D353E6F17478F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8517037333597275&output=html&adk=1812271804&adf=3025194257&lmt=1681185626&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x1080_l%7C356x1080_r&format=0x0&url=https%3A%2F%2Ftlgrm.ru%2Ffaq%23q-how-do-self-destructing-messages-work&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681185625981&bpp=3&bdt=727&idt=191&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=865970096342&frm=20&pv=2&ga_vid=1392181173.1681185626&ga_sid=1681185626&ga_hid=1385773746&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44788086%2C31073709&oid=2&pvsid=167167486770119&tmod=767343214&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=217
Frame ID: B249986CEE23AC57987111EE568403E8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Frame ID: 962F480DF01353B12F489B67DB327A22
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2C180789D9585EA0338C30B5E4A39FAE
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Frame ID: 985AF88CDD4CB4CF3538AB946E661966
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Frame ID: EBF8FE7ADEA7178E402A9CF1158B7B5B
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZDTbWgADW3kIEfQyAA0QlgyuIWftEXAYLyepPw&u=%7CZPJT%2FoLG9mpIMyeq2oRCLyXcsnrg49cI0wmpeRHMeYk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA96avdF0ae7T29xH-962oDDoAaWu19c-YHzrTyBa6O46ypXMDlQj6qSRcqZqS8V77DheZM30v_ijINOLsRa6RJy0kFJyLSYdbYUfYwg3VNyKh5mok8hZJde4sRd_mLA08gax6BTXRQWCoT2fIjEWHdleotvtOxjtnUWIHMrrkXA8OGjrRUw1Ya24ZT9VVxBA38Cg8hXFJVSC8HaPFf3KWfAkccl7n7foG4XICQh1rhyHhLNHJ4VUQsheDbXg4T47NmAlsDKgJFpIenvDiiYOND2tehLtT_0SlOahjjpW5oKHHK-LBChJG0_7f5HVo4Ltp5RXyz84r3ZbxmJ4VNcxku4hdFElp9_OVcMK73tVZEJt0d9BZALQZ0dfdl74HqPb-sy88_N2gw-s4y5ip2skvEFqxsRdaMdDziPerp4yyLZtI48RymokGnoct8RBANLzv7Kip6y2TL2xBQSAXi-LhJ1Nn3sdhDwfQRT-XnWf9vIbk2ky78GfhmLyyUP3e4XKzqO6MjSqeheLGFCInrRPxqtj-wFxuyce6LaaoI2lj-3mNCKWDcaEBzAw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVVHoWts0ZPm2DbLox_APlqG0yAHJntKxXL3plfdwwI23ARABIABglaqfgrAHggEXY2EtcHViLTg1MTcwMzczMzM1OTcyNzXIAQmpAkTheteqOrI-qAMBqgTRAU_QqPAv_QUBhEYJxw8W3nCLzsE3gXPP2JCt70WrpVKV5n3mAdfTL4BSfX4AhQrYQte1ZtUDEpUc4BwwxKpANM-vD31VA5ThjAGnocLrWseG9eehL98ugM4Woeq7mLfDxdvDhJgG73FeIOVA87B2tNGC02x_Mh5e_-12Kzz_FJfqm9-q48k_KLBSEMj6KSOkqVy8-oOaaOHzW94AVo37aGYdMXuViPS1n3WUXr24GcjT65cMootgAJS7_7I90a1-m6H20xs1o4QUnbDTS83u9nNLgAaFlIqR2NTwyzugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1FDiz7yR8K_9kG36Ou4m-T2qml3Q%26client%3Dca-pub-8517037333597275%26adurl%3D
Frame ID: D635437730469E834075318690A72FC5
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0DA2918169FBCC16E1A67480CD75E417
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 05364C447ADA5AD5066833AD1669FD60
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 00F5BB7CF160829DF4EA7D591B6DB0B3
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C1039CC988D3C04196FFB6BD84684FA2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js
Frame ID: 46209A04F3C78E7867454B09FBF4A8B8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js
Frame ID: B98393BC7537BEF43891507DD16EF6F7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js
Frame ID: D6B247C065F9DCE5D2D34512FE87B32F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telegram — часто задаваемые вопросы

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

115
Requests

97 %
HTTPS

92 %
IPv6

17
Domains

26
Subdomains

25
IPs

4
Countries

1360 kB
Transfer

3518 kB
Size

21
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://games.tlgrm.ru/
Title: Игры

Search URL Search Domain Scan URL

URL: https://page.apps/
Title: Приложения

Search URL Search Domain Scan URL

URL: https://telegra.ph/Vozmozhnosti-Telegram-03-30
Title: этой статье

Search URL Search Domain Scan URL

URL: https://core.telegram.org/api
Title: открытой платформы

Search URL Search Domain Scan URL

URL: https://ru.wikipedia.org/wiki/%D0%94%D1%83%D1%80%D0%BE%D0%B2,_%D0%9F%D0%B0%D0%B2%D0%B5%D0%BB_%D0%92%D0%B0%D0%BB%D0%B5%D1%80%D1%8C%D0%B5%D0%B2%D0%B8%D1%87
Title: Павлом

Search URL Search Domain Scan URL

URL: https://ru.wikipedia.org/wiki/%D0%9C%D0%B5%D0%B6%D0%B4%D1%83%D0%BD%D0%B0%D1%80%D0%BE%D0%B4%D0%BD%D0%B0%D1%8F_%D1%81%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%87%D0%B5%D1%81%D0%BA%D0%B0%D1%8F_%D0%BE%D0%BB%D0%B8%D0%BC%D0%BF%D0%B8%D0%B0%D0%B4%D0%B0_%D0%BF%D0%BE_%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D1%8E#%D0%9F%D0%BE%D0%B1%D0%B5%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8
Title: талантливых инженеров и разработчиков

Search URL Search Domain Scan URL

URL: https://t.me/durov_russia/29
Title: этом посте

Search URL Search Domain Scan URL

URL: https://telegram.org/dl
Title: https://telegram.org/dl

Search URL Search Domain Scan URL

URL: https://translations.telegram.org/ru/emoji
Title: платформы переводов

Search URL Search Domain Scan URL

URL: https://telegram.org/deactivate
Title: специальную страницу

Search URL Search Domain Scan URL

URL: https://support.apple.com/kb/PH2701
Title: iOS

Search URL Search Domain Scan URL

URL: https://www.google.com/android/devicemanager
Title: Android

Search URL Search Domain Scan URL

URL: https://twitter.com/smstelegram
Title: @smstelegram

Search URL Search Domain Scan URL

URL: https://telegram.org/support?setln=ru
Title: специальную форму

Search URL Search Domain Scan URL

URL: https://t.me/Username_bot
Title: @Username_bot

Search URL Search Domain Scan URL

URL: https://ru.wikipedia.org/wiki/%D0%9A%D0%B8%D0%B1%D0%B5%D1%80%D1%81%D0%BA%D0%B2%D0%BE%D1%82%D1%82%D0%B8%D0%BD%D0%B3
Title: киберсквоттеров

Search URL Search Domain Scan URL

URL: https://t.me/NoToScam
Title: @NoToScam

Search URL Search Domain Scan URL

URL: https://core.telegram.org/mtproto
Title: описание

Search URL Search Domain Scan URL

URL: https://telegram.org/crypto_contest
Title: выиграть $300,000

Search URL Search Domain Scan URL

URL: https://core.telegram.org/contestfaq
Title: FAQ по конкурсам

Search URL Search Domain Scan URL

URL: https://ru.wikipedia.org/wiki/Jailbreak
Title: джейлбрейка

Search URL Search Domain Scan URL

URL: https://ru.wikipedia.org/wiki/Root
Title: root-прав

Search URL Search Domain Scan URL

URL: https://ru.wikipedia.org/wiki/%D0%9F%D1%80%D0%BE%D1%82%D0%BE%D0%BA%D0%BE%D0%BB_%D0%94%D0%B8%D1%84%D1%84%D0%B8_%E2%80%94_%D0%A5%D0%B5%D0%BB%D0%BB%D0%BC%D0%B0%D0%BD%D0%B0
Title: протоколу Диффи — Хеллмана

Search URL Search Domain Scan URL

URL: https://t.me/durov/146
Title: этом посте

Search URL Search Domain Scan URL

URL: https://telegram.org/privacy
Title: Да

Search URL Search Domain Scan URL

URL: https://dl.tlgrm.click/macos
Title: Первое

Search URL Search Domain Scan URL

URL: https://dl.tlgrm.click/desktop/mac
Title: второе

Search URL Search Domain Scan URL

URL: https://telegram.org/
Title: официального сайта

Search URL Search Domain Scan URL

URL: https://forms.tlgrm.ru/support?lang=ru&force-full=1
Title: Задать вопрос

Search URL Search Domain Scan URL

URL: https://vk.com/telegramm
Title: Группа ВКонтакте

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Ftlgrm.ru%2Ffaq%23q-how-do-self-destructing-messages-work&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus5bcduk3a3j%3Afp%3A652%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1001%3Acn%3A2%3Adp%3A0%3Als%3A642404037423%3Ahid%3A138021913%3Az%3A0%3Ai%3A20230411040025%3Aet%3A1681185626%3Ac%3A1%3Arn%3A449881909%3Arqn%3A1%3Au%3A1681185626923725006%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C21%2C65%2C19%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1681185625158%3Ast%3A1681185626&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Ftlgrm.ru%2Ffaq%23q-how-do-self-destructing-messages-work&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus5bcduk3a3j%3Afp%3A652%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1001%3Acn%3A2%3Adp%3A0%3Als%3A642404037423%3Ahid%3A138021913%3Az%3A0%3Ai%3A20230411040025%3Aet%3A1681185626%3Ac%3A1%3Arn%3A449881909%3Arqn%3A1%3Au%3A1681185626923725006%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C21%2C65%2C19%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1681185625158%3Ast%3A1681185626&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 31

https://mc.yandex.ru/watch/23984608?wmode=7&page-url=https%3A%2F%2Ftlgrm.ru%2Ffaq%23q-how-do-self-destructing-messages-work&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus5bcduk3a3j%3Afp%3A652%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1001%3Acn%3A1%3Adp%3A0%3Als%3A526796468268%3Ahid%3A138021913%3Az%3A0%3Ai%3A20230411040025%3Aet%3A1681185626%3Ac%3A1%3Arn%3A325851039%3Arqn%3A1%3Au%3A1681185626923725006%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C21%2C65%2C19%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1681185625158%3Arqnl%3A1%3Ast%3A1681185626%3At%3ATelegram%20%E2%80%94%20%D1%87%D0%B0%D1%81%D1%82%D0%BE%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%B2%D0%B0%D0%B5%D0%BC%D1%8B%D0%B5%20%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%D1%8B&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/23984608/1?wmode=7&page-url=https%3A%2F%2Ftlgrm.ru%2Ffaq%23q-how-do-self-destructing-messages-work&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus5bcduk3a3j%3Afp%3A652%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1001%3Acn%3A1%3Adp%3A0%3Als%3A526796468268%3Ahid%3A138021913%3Az%3A0%3Ai%3A20230411040025%3Aet%3A1681185626%3Ac%3A1%3Arn%3A325851039%3Arqn%3A1%3Au%3A1681185626923725006%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C21%2C65%2C19%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1681185625158%3Arqnl%3A1%3Ast%3A1681185626%3At%3ATelegram%20%E2%80%94%20%D1%87%D0%B0%D1%81%D1%82%D0%BE%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%B2%D0%B0%D0%B5%D0%BC%D1%8B%D0%B5%20%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 39

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9969.BcKOYn1um8PGD6oghvnjWSVvOvk7qRHmO_MxKd-TSSCL_cXgiTcwcbmqvKZFrmdg.7VRW5Q5MTCCk53RsXfO74MeA9nk%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=9969.cS_7RmGvDF_Xq6NqYhhb_Kz_PHUlBAPMJ4IxNdkXCeXgkfsjUV3QuMLjGHOuM0OnXQP-xTlzCgMqz6KB2CRSZaYrhecAmD3sk9N8nJuzlzcj3ut9veaPfjfOHvouVwl4hYDuqyf1dpfmzh8zTBZQ1WmrJyZ_-YzlGU2TH_GLFOoU_1w84KKqp_P7RUnCRoIkVZ9e_Vkq-OsfCwwpxBqe5YfgoFPRkrF_a4-MDDYklYc%2C.kuGTzS2so2rMCti9el6pGLnSkcI%2C

Request Chain 113

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

115 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request faq Show response
tlgrm.ru/ 135 KB
33 KB 94ms
65ms Document
text/html 2606:4700:3034::6815:2eea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgrm.ru/faq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2eea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

618c6763687e1638e02a48fbc074788a9a91ba13daafdea1f80430920b534946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7b60528d6d69bbb6-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 11 Apr 2023 04:00:25 GMT
link: <https://cdn.tlgrm.app/css/app.2179f3af.css>; rel=preload; as=style
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2Bm5gY6dJOqoMlg5siWuOzrUZq1D7W4ed60%2FXi3bPmcSBpC%2FFIn7hYpRqnWyV%2B%2BbQE5OM6gYJ6zgwZlr%2BzP0It7edzD%2BfpQCoIh7FSNOasDCqXyyuac10tuEYKPMU%2F7OmGyCdNakow%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 app.2179f3af.css
cdn.tlgrm.app/css/ 115 KB
21 KB 466ms
44ms Stylesheet
text/css 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tlgrm.app/css/app.2179f3af.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: fd0f6299441ed4c03ab1857cb7cb5f13480405b2e6f96c37b2ef56a0a3e2ab20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-id: m9-up-gc47
date: Tue, 11 Apr 2023 04:00:25 GMT
content-encoding: gzip
last-modified: Tue, 26 Apr 2022 15:45:00 GMT
server: nginx
etag: "6268137c-5185"
x-cached-since: 2023-04-10T15:32:02+00:00
content-type: text/css
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-length: 20869
expires: Wed, 12 Apr 2023 04:00:25 GMT

GET
H2 200 rubik-latin-400.woff2
cdn.tlgrm.app/fonts/rubik/v14/ 17 KB
17 KB 470ms
49ms Font
font/woff2 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tlgrm.app/fonts/rubik/v14/rubik-latin-400.woff2
Requested by: Host: tlgrm.ru
URL: https://tlgrm.ru/faq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7bc7fee8ec77f177caa06256240e5f3897ce8258481d3cd42fb32c43cfafa436

Request headers

Referer: https://tlgrm.ru/
Origin: https://tlgrm.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-id: m9-up-gc91
date: Tue, 11 Apr 2023 04:00:25 GMT
last-modified: Sat, 05 Mar 2022 15:18:46 GMT
server: nginx
etag: "62237f56-42f8"
x-cached-since: 2023-04-10T15:31:50+00:00
content-type: font/woff2
access-control-allow-origin: https://tlgrm.ru
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-length: 17144
expires: Wed, 12 Apr 2023 04:00:25 GMT

GET
H2 200 rubik-latin-500.woff2
cdn.tlgrm.app/fonts/rubik/v14/ 17 KB
17 KB 464ms
44ms Font
font/woff2 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tlgrm.app/fonts/rubik/v14/rubik-latin-500.woff2
Requested by: Host: tlgrm.ru
URL: https://tlgrm.ru/faq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6c4e821117841b205d81cb500023bb9eacaa6c7327d81bf2d2a06341f7dc30b4

Request headers

Referer: https://tlgrm.ru/
Origin: https://tlgrm.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-id: m9-up-gc86
date: Tue, 11 Apr 2023 04:00:25 GMT
last-modified: Sat, 05 Mar 2022 15:18:46 GMT
server: nginx
etag: "62237f56-4384"
x-cached-since: 2023-04-10T15:32:56+00:00
content-type: font/woff2
access-control-allow-origin: https://tlgrm.ru
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-length: 17284
expires: Wed, 12 Apr 2023 04:00:25 GMT

GET
H2 200 rubik-cyrillic-400.woff2
cdn.tlgrm.app/fonts/rubik/v14/ 7 KB
7 KB 465ms
45ms Font
font/woff2 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tlgrm.app/fonts/rubik/v14/rubik-cyrillic-400.woff2
Requested by: Host: tlgrm.ru
URL: https://tlgrm.ru/faq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: dcb7008341883535d4158c6b97f5eda110a06578237eccc29f9d849708f87476

Request headers

Referer: https://tlgrm.ru/
Origin: https://tlgrm.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-id: m9-up-gc45
date: Tue, 11 Apr 2023 04:00:25 GMT
last-modified: Sat, 05 Mar 2022 15:18:46 GMT
server: nginx
etag: "62237f56-1a94"
x-cached-since: 2023-04-10T15:31:34+00:00
content-type: font/woff2
access-control-allow-origin: https://tlgrm.ru
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-length: 6804
expires: Wed, 12 Apr 2023 04:00:25 GMT

GET
H2 200 rubik-cyrillic-500.woff2
cdn.tlgrm.app/fonts/rubik/v14/ 7 KB
7 KB 472ms
52ms Font
font/woff2 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tlgrm.app/fonts/rubik/v14/rubik-cyrillic-500.woff2
Requested by: Host: tlgrm.ru
URL: https://tlgrm.ru/faq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 1fe307f8df8fec6db89add6d9f502a2380280bdf83532c1d9efc85c645d7671d

Request headers

Referer: https://tlgrm.ru/
Origin: https://tlgrm.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-id: m9-up-gc88
date: Tue, 11 Apr 2023 04:00:25 GMT
last-modified: Sat, 05 Mar 2022 15:18:46 GMT
server: nginx
etag: "62237f56-1afc"
x-cached-since: 2023-04-10T15:32:03+00:00
content-type: font/woff2
access-control-allow-origin: https://tlgrm.ru
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-length: 6908
expires: Wed, 12 Apr 2023 04:00:25 GMT

GET
H2 200 top-logo-icon.f53b2ea1.svg
cdn.tlgrm.app/img/ 296 B
337 B 44ms
40ms Image
image/svg+xml 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tlgrm.app/img/top-logo-icon.f53b2ea1.svg
Requested by: Host: tlgrm.ru
URL: https://tlgrm.ru/faq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 73b7edabd4687d99646f2e7afa69cac49a58f7f64823a846c131a90fd2b63079

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-id: m9-up-gc45
date: Tue, 11 Apr 2023 04:00:25 GMT
content-encoding: gzip
last-modified: Sun, 04 Sep 2022 14:12:51 GMT
server: nginx
etag: "6314b263-d7"
x-cached-since: 2023-04-10T15:32:40+00:00
content-type: image/svg+xml
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-length: 215
expires: Wed, 12 Apr 2023 04:00:25 GMT

GET
H2 200 runtime.35cb8b68.js Show response
cdn.tlgrm.app/js/ 1 KB
1016 B 461ms
41ms Script
application/javascript 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tlgrm.app/js/runtime.35cb8b68.js
Requested by: Host: tlgrm.ru
URL: https://tlgrm.ru/faq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4ece5ec33c9fbea4b68348a50af4e579f1ef63b6d3d902cd4b1781e7bb0c5d39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-id: m9-up-gc86
date: Tue, 11 Apr 2023 04:00:25 GMT
content-encoding: gzip
last-modified: Sat, 05 Mar 2022 15:18:46 GMT
server: nginx
etag: "62237f56-30d"
x-cached-since: 2023-04-10T15:32:47+00:00
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-length: 781
expires: Wed, 12 Apr 2023 04:00:25 GMT

GET
H2 200 959.e4da6ba8.js Show response
cdn.tlgrm.app/js/ 95 KB
31 KB 500ms
80ms Script
application/javascript 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tlgrm.app/js/959.e4da6ba8.js
Requested by: Host: tlgrm.ru
URL: https://tlgrm.ru/faq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4a71add93ddee462bbf4594e34e621687e0af41b1891352c2cea4aa2c003c254

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-id: m9-up-gc98
date: Tue, 11 Apr 2023 04:00:25 GMT
content-encoding: gzip
last-modified: Tue, 26 Apr 2022 15:45:00 GMT
server: nginx
etag: "6268137c-7b1f"
x-cached-since: 2023-04-10T15:31:50+00:00
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-length: 31519
expires: Wed, 12 Apr 2023 04:00:25 GMT

GET
H2 200 834.fe6945b1.js Show response
cdn.tlgrm.app/js/ 36 KB
11 KB 470ms
50ms Script
application/javascript 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tlgrm.app/js/834.fe6945b1.js
Requested by: Host: tlgrm.ru
URL: https://tlgrm.ru/faq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 694a66577478e440ee4c37e69dd2fcb17161a0a37df35d924fdc8617203383bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-id: m9-up-gc89
date: Tue, 11 Apr 2023 04:00:25 GMT
content-encoding: gzip
last-modified: Tue, 26 Apr 2022 15:45:00 GMT
server: nginx
etag: "6268137c-2b7e"
x-cached-since: 2023-04-10T15:36:47+00:00
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-length: 11134
expires: Wed, 12 Apr 2023 04:00:25 GMT

GET
H2 200 662.9df44830.js Show response
cdn.tlgrm.app/js/ 33 KB
10 KB 468ms
48ms Script
application/javascript 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tlgrm.app/js/662.9df44830.js
Requested by: Host: tlgrm.ru
URL: https://tlgrm.ru/faq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 154e28bad039c96fd8dcf8d05bcc075ffd6df95bb6bb328f73a13420e88189fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-id: m9-up-gc98
date: Tue, 11 Apr 2023 04:00:25 GMT
content-encoding: gzip
last-modified: Tue, 26 Apr 2022 15:45:00 GMT
server: nginx
etag: "6268137c-2872"
x-cached-since: 2023-04-10T15:31:50+00:00
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-length: 10354
expires: Wed, 12 Apr 2023 04:00:25 GMT

GET
H2 200 index.3db715c3.js Show response
cdn.tlgrm.app/js/faq/ 5 KB
2 KB 471ms
51ms Script
application/javascript 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tlgrm.app/js/faq/index.3db715c3.js
Requested by: Host: tlgrm.ru
URL: https://tlgrm.ru/faq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 59033a96303bd0d0d8369431081518683a51fddf634bdfcdf14985d51a11104a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-id: m9-up-gc89
date: Tue, 11 Apr 2023 04:00:25 GMT
content-encoding: gzip
last-modified: Tue, 26 Apr 2022 15:45:00 GMT
server: nginx
etag: "6268137c-886"
x-cached-since: 2023-04-10T16:23:52+00:00
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-length: 2182
expires: Wed, 12 Apr 2023 04:00:25 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
48 KB 137ms
105ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: tlgrm.ru
URL: https://tlgrm.ru/faq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1ffa8436eaef567b4c7e49aae1a2dc200c168500ad967c08eb55cd6d43e8e06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48254
x-xss-protection: 0
server: cafe
etag: 16822031107447882301
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 04:00:25 GMT

GET
H2 200 email-decode.min.js Show response
tlgrm.ru/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
9ms Script
application/javascript 2606:4700:3034::6815:2eea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgrm.ru/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: tlgrm.ru
URL: https://tlgrm.ru/faq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2eea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/faq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Apr 2023 10:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"642bf60d-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H58FS9J8w0AjnU07A4qF2P9re1oOUQ9Mi1Bm9b4eTy5IdK2SHnvcgFIVqAWdRlGzTdqZ5D66RsWN0ZaTBqdzwBVj1EpR2bwQZeKM0veKbiO5ZKOXCY02HcuwHR2PbrsZxvcnEZiTbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7b60528dfdf2bbb6-FRA
expires: Thu, 13 Apr 2023 04:00:25 GMT

GET
H2 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 212 KB
86 KB 42ms
21ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: tlgrm.ru
URL: https://tlgrm.ru/faq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa70d4ed35d1ba3fbaf5b04876616eb3303c1ce7edc20310f9033860a900be2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 26711
x-jsd-version: 1.264.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230100-FRA, cache-bma1646-BMA
x-jsd-version-type: version
server: cloudflare
etag: W/"3507d-j79a9KFKaQLfv5yypvuDOjWWPTY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fd7hJwutaygiCqkh8WTGCa28dT%2BZCQZoRa5Cfkz%2BRWIdyrorDmEtQfBGem7JSQElwf8mN14yx1eWUO8FKdt3JmjObXXbsya4W1jYZHWUWhPH2KOt394%2BhK%2FvcWtQIzoj1MDGgyH9of5fUZHX754%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7b605290e9215c44-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tlgrm.ru
URL: https://tlgrm.ru/faq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Apr 2023 02:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6914
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 11 Apr 2023 04:05:11 GMT

GET
H3 200 icons.9ba464e9.svg
tlgrm.ru/img/ 29 KB
12 KB 18ms
15ms Other
image/svg+xml 2606:4700:3034::6815:2eea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgrm.ru/img/icons.9ba464e9.svg

Requested by

Host: tlgrm.ru
URL: https://tlgrm.ru/faq

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:2eea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a6c628313303b1d03b68569fa1c5021e317e4a02f49241a1e8e628985800764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/faq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3987928
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 04 Sep 2022 14:12:51 GMT
server: cloudflare
etag: W/"6314b263-2b7e"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mqn6YphejEyvHy2y8LK6CrwKm4jeEHVIBqyLAbid41k%2FDxtpSfalDbtJb46McUF0iKPT0p9Re1vks23onF6lna4MYpXxLVMJamOEZ6a2Y7dNaKZ8YWjRK7CDbfhjhh9QfqAu3%2BKatA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 7b605290dc66381c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icons-app-ui.75434109.svg
tlgrm.ru/img/ 15 KB
6 KB 24ms
23ms Other
image/svg+xml 2606:4700:3034::6815:2eea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgrm.ru/img/icons-app-ui.75434109.svg

Requested by

Host: tlgrm.ru
URL: https://tlgrm.ru/faq

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:2eea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

501ffeebeadf3c2c401dc9ff9e68f101ff5c9912c0c42cacc98ebb33df18bba3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/faq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3984442
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 04 Sep 2022 14:12:51 GMT
server: cloudflare
etag: W/"6314b263-156f"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=in8r4yQGg6IWfzcfbBYGMC%2Bt2awAuUraFZ03trzocYuw8N53TFj4Z6ZZelKgbkToM9lCwiFgErbdxQPIF14z3%2F3ToDV1iV707KAsPMWYuQc7ktNM9yKn8RZDXL%2FMLIqAAcjjrGVpEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 7b605290dc68381c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 432 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d899cc5f8afee7f2133b85f3a8a4afa3827e33ec320fa17d183b593c76f0ab73

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 697 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 989e965a925076efa5363984eccd04496b06f056fed7611eff290a1c04f75ce5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 375 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98f3423070dc573ba0d72ecca23da3b7fbbdf4235fafc2f6571b5f9c6ec43b8f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 479 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a7af7f306df72219e6fec9376679bd6a5bc92a1ced67140159aa6c11bb83660

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbd2dfd27b11568955f947982be195a47fbe9bae729631e5301cea06e47ba931

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ea82f8f1d56cdfb1be9314b0d54e2f7f3ac69fb22efbd8f9e078b649e0923f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 top-logo-icon_monochrome.20025079.svg
cdn.tlgrm.app/img/ 497 B
351 B 40ms
40ms Image
image/svg+xml 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tlgrm.app/img/top-logo-icon_monochrome.20025079.svg
Requested by: Host: cdn.tlgrm.app
URL: https://cdn.tlgrm.app/css/app.2179f3af.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 1ec78de14a4fc9ea1e9e209abd5bec9703df8998713febab2f2039bee677dfb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.tlgrm.app/css/app.2179f3af.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-id: m9-up-gc86
date: Tue, 11 Apr 2023 04:00:25 GMT
content-encoding: gzip
last-modified: Sun, 04 Sep 2022 14:12:51 GMT
server: nginx
etag: "6314b263-111"
x-cached-since: 2023-04-10T15:33:06+00:00
content-type: image/svg+xml
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-length: 273
expires: Wed, 12 Apr 2023 04:00:25 GMT

GET
H2 200 ptsanscaption-latin-400.woff2
cdn.tlgrm.app/fonts/ptsanscaption/v13/ 38 KB
39 KB 45ms
44ms Font
font/woff2 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tlgrm.app/fonts/ptsanscaption/v13/ptsanscaption-latin-400.woff2
Requested by: Host: cdn.tlgrm.app
URL: https://cdn.tlgrm.app/css/app.2179f3af.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2cc2dc463136f83997692baae0211e0c1d9573159476a988d20e1a6afe9a8c2e

Request headers

Referer: https://cdn.tlgrm.app/css/app.2179f3af.css
Origin: https://tlgrm.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-id: m9-up-gc91
date: Tue, 11 Apr 2023 04:00:25 GMT
last-modified: Sat, 05 Mar 2022 15:18:46 GMT
server: nginx
etag: "62237f56-99a0"
x-cached-since: 2023-04-10T15:51:35+00:00
content-type: font/woff2
access-control-allow-origin: https://tlgrm.ru
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-length: 39328
expires: Wed, 12 Apr 2023 04:00:25 GMT

GET
H2 200 rubik-cyrillic-400-italic.woff2
cdn.tlgrm.app/fonts/rubik/v14/ 7 KB
7 KB 41ms
40ms Font
font/woff2 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tlgrm.app/fonts/rubik/v14/rubik-cyrillic-400-italic.woff2
Requested by: Host: cdn.tlgrm.app
URL: https://cdn.tlgrm.app/css/app.2179f3af.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: b9c281d47971a6ac7bc7ab83d3d049024184b236f9f1139ee41d3d84a6a6160c

Request headers

Referer: https://cdn.tlgrm.app/css/app.2179f3af.css
Origin: https://tlgrm.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-id: m9-up-gc89
date: Tue, 11 Apr 2023 04:00:25 GMT
last-modified: Sat, 05 Mar 2022 15:18:46 GMT
server: nginx
etag: "62237f56-1d50"
x-cached-since: 2023-04-10T15:32:16+00:00
content-type: font/woff2
access-control-allow-origin: https://tlgrm.ru
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-length: 7504
expires: Wed, 12 Apr 2023 04:00:25 GMT

GET
H2 200 ptsanscaption-latin-700.woff2
cdn.tlgrm.app/fonts/ptsanscaption/v13/ 34 KB
34 KB 53ms
53ms Font
font/woff2 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tlgrm.app/fonts/ptsanscaption/v13/ptsanscaption-latin-700.woff2
Requested by: Host: cdn.tlgrm.app
URL: https://cdn.tlgrm.app/css/app.2179f3af.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3083af23db561c3c0aae0cf64869b61a1f84efc498df8d78eefaaecb9ef76c31

Request headers

Referer: https://cdn.tlgrm.app/css/app.2179f3af.css
Origin: https://tlgrm.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-id: m9-up-gc19
date: Tue, 11 Apr 2023 04:00:25 GMT
last-modified: Sat, 05 Mar 2022 15:18:46 GMT
server: nginx
etag: "62237f56-896c"
x-cached-since: 2023-04-10T15:48:49+00:00
content-type: font/woff2
access-control-allow-origin: https://tlgrm.ru
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-length: 35180
expires: Wed, 12 Apr 2023 04:00:25 GMT

GET
H2 200 ptsanscaption-cyrillic-700.woff2
cdn.tlgrm.app/fonts/ptsanscaption/v13/ 22 KB
22 KB 81ms
81ms Font
font/woff2 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tlgrm.app/fonts/ptsanscaption/v13/ptsanscaption-cyrillic-700.woff2
Requested by: Host: cdn.tlgrm.app
URL: https://cdn.tlgrm.app/css/app.2179f3af.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 78032a218493781035f5b73adc5cfc23f69df97d040fe1cfde8fca3f4138b8b9

Request headers

Referer: https://cdn.tlgrm.app/css/app.2179f3af.css
Origin: https://tlgrm.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-id: m9-up-gc90
date: Tue, 11 Apr 2023 04:00:25 GMT
last-modified: Sat, 05 Mar 2022 15:18:46 GMT
server: nginx
etag: "62237f56-5780"
x-cached-since: 2023-04-10T15:48:49+00:00
content-type: font/woff2
access-control-allow-origin: https://tlgrm.ru
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-length: 22400
expires: Wed, 12 Apr 2023 04:00:25 GMT

GET
H2 200 rubik-latin-400-italic.woff2
cdn.tlgrm.app/fonts/rubik/v14/ 17 KB
17 KB 65ms
65ms Font
font/woff2 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tlgrm.app/fonts/rubik/v14/rubik-latin-400-italic.woff2
Requested by: Host: cdn.tlgrm.app
URL: https://cdn.tlgrm.app/css/app.2179f3af.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6dedfacc756e6613276441781cfb286e71b3f1e8e479dca150502b84281326e0

Request headers

Referer: https://cdn.tlgrm.app/css/app.2179f3af.css
Origin: https://tlgrm.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-id: m9-up-gc85
date: Tue, 11 Apr 2023 04:00:25 GMT
last-modified: Sat, 05 Mar 2022 15:18:46 GMT
server: nginx
etag: "62237f56-43ec"
x-cached-since: 2023-04-10T15:33:53+00:00
content-type: font/woff2
access-control-allow-origin: https://tlgrm.ru
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-length: 17388
expires: Wed, 12 Apr 2023 04:00:25 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
203 B 14ms
14ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1385773746&t=pageview&_s=1&dl=https%3A%2F%2Ftlgrm.ru%2Ffaq&ul=en-us&de=UTF-8&dt=Telegram%20%E2%80%94%20%D1%87%D0%B0%D1%81%D1%82%D0%BE%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%B2%D0%B0%D0%B5%D0%BC%D1%8B%D0%B5%20%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%D1%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=807296103&gjid=319578595&cid=1392181173.1681185626&tid=UA-36126783-7&_gid=1496578318.1681185626&_r=1&_slc=1&z=1931555247

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tlgrm.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 04:00:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tlgrm.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Ftlgrm.ru%2Ffaq%23q-how-do-self-destructing-messages-work&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus5bcduk3a3j%3Afp%3...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Ftlgrm.ru%2Ffaq%23q-how-do-self-destructing-messages-work&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus5bcduk3a3j%3Afp%...

264 B
634 B

47ms
46ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Ftlgrm.ru%2Ffaq%23q-how-do-self-destructing-messages-work&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus5bcduk3a3j%3Afp%3A652%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1001%3Acn%3A2%3Adp%3A0%3Als%3A642404037423%3Ahid%3A138021913%3Az%3A0%3Ai%3A20230411040025%3Aet%3A1681185626%3Ac%3A1%3Arn%3A449881909%3Arqn%3A1%3Au%3A1681185626923725006%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C21%2C65%2C19%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1681185625158%3Ast%3A1681185626&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: tlgrm.ru
URL: https://tlgrm.ru/faq

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5857de573c6ca032437f02358a3c502a10327f139c22d125315376dc1472d3cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 04:00:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 11-Apr-2023 04:00:26 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tlgrm.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 264
x-xss-protection: 1; mode=block
expires: Tue, 11-Apr-2023 04:00:26 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 04:00:26 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 11-Apr-2023 04:00:26 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Ftlgrm.ru%2Ffaq%23q-how-do-self-destructing-messages-work&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus5bcduk3a3j%3Afp%3A652%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1001%3Acn%3A2%3Adp%3A0%3Als%3A642404037423%3Ahid%3A138021913%3Az%3A0%3Ai%3A20230411040025%3Aet%3A1681185626%3Ac%3A1%3Arn%3A449881909%3Arqn%3A1%3Au%3A1681185626923725006%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C21%2C65%2C19%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1681185625158%3Ast%3A1681185626&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://tlgrm.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 11-Apr-2023 04:00:26 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/23984608/
Redirect Chain

https://mc.yandex.ru/watch/23984608?wmode=7&page-url=https%3A%2F%2Ftlgrm.ru%2Ffaq%23q-how-do-self-destructing-messages-work&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus5bcduk3a3j%3Afp%3A65...
https://mc.yandex.ru/watch/23984608/1?wmode=7&page-url=https%3A%2F%2Ftlgrm.ru%2Ffaq%23q-how-do-self-destructing-messages-work&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus5bcduk3a3j%3Afp%3A...

428 B
464 B

50ms
50ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/23984608/1?wmode=7&page-url=https%3A%2F%2Ftlgrm.ru%2Ffaq%23q-how-do-self-destructing-messages-work&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus5bcduk3a3j%3Afp%3A652%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1001%3Acn%3A1%3Adp%3A0%3Als%3A526796468268%3Ahid%3A138021913%3Az%3A0%3Ai%3A20230411040025%3Aet%3A1681185626%3Ac%3A1%3Arn%3A325851039%3Arqn%3A1%3Au%3A1681185626923725006%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C21%2C65%2C19%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1681185625158%3Arqnl%3A1%3Ast%3A1681185626%3At%3ATelegram%20%E2%80%94%20%D1%87%D0%B0%D1%81%D1%82%D0%BE%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%B2%D0%B0%D0%B5%D0%BC%D1%8B%D0%B5%20%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: tlgrm.ru
URL: https://tlgrm.ru/faq

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

908c5804a27d64130960f88ab50390cf6301e7ee701028792187d5067a5bf425

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 04:00:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 11-Apr-2023 04:00:26 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tlgrm.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 428
x-xss-protection: 1; mode=block
expires: Tue, 11-Apr-2023 04:00:26 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 04:00:26 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 11-Apr-2023 04:00:26 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/23984608/1?wmode=7&page-url=https%3A%2F%2Ftlgrm.ru%2Ffaq%23q-how-do-self-destructing-messages-work&charset=utf-8&browser-info=pv%3A1%3Avf%3A7ovr8edh4eus5bcduk3a3j%3Afp%3A652%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1001%3Acn%3A1%3Adp%3A0%3Als%3A526796468268%3Ahid%3A138021913%3Az%3A0%3Ai%3A20230411040025%3Aet%3A1681185626%3Ac%3A1%3Arn%3A325851039%3Arqn%3A1%3Au%3A1681185626923725006%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C21%2C65%2C19%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1681185625158%3Arqnl%3A1%3Ast%3A1681185626%3At%3ATelegram%20%E2%80%94%20%D1%87%D0%B0%D1%81%D1%82%D0%BE%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%B2%D0%B0%D0%B5%D0%BC%D1%8B%D0%B5%20%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://tlgrm.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 11-Apr-2023 04:00:26 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
511 B 197ms
46ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: tlgrm.ru
URL: https://tlgrm.ru/faq

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:26 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 07 Apr 2023 06:00:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "642f8739-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 11 Apr 2023 05:00:26 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/ 348 KB
116 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8517037333597275&plah=tlgrm.ru&bust=31073709

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c39c4700972cf9eb60603946046786f0ef16199ba01308372f79ee6069325a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119056
x-xss-protection: 0
server: cafe
etag: 7525704575425941806
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 04:00:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/ Frame A41D 10 KB
5 KB 36ms
7ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tlgrm.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 10:05:41 GMT
etag: 2378337311435320485
expires: Mon, 24 Apr 2023 10:05:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
600 B 39ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tlgrm.ru&callback=_gfp_s_&client=ca-pub-8517037333597275

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8517037333597275&plah=tlgrm.ru&bust=31073709

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acbc5067189bdaf7b63129f25520f8b1dda6b995f25274dbf89bae2abf699a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 52ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tlgrm.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 46ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tlgrm.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B249 488 KB
91 KB 908ms
907ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8517037333597275&output=html&adk=1812271804&adf=3025194257&lmt=1681185626&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x1080_l%7C356x1080_r&format=0x0&url=https%3A%2F%2Ftlgrm.ru%2Ffaq%23q-how-do-self-destructing-messages-work&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681185625981&bpp=3&bdt=727&idt=191&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=865970096342&frm=20&pv=2&ga_vid=1392181173.1681185626&ga_sid=1681185626&ga_hid=1385773746&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44788086%2C31073709&oid=2&pvsid=167167486770119&tmod=767343214&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=217

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d7e5f2905d16cf00a7a007d569525912eb8f786631697fed3fc61f911914621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tlgrm.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 92757
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 04:00:27 GMT
expires: Tue, 11 Apr 2023 04:00:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9969.BcKOYn1um8PGD6oghvnjWSVvOvk7qRHmO_MxKd-TSSCL_cXgiTcwcbmqvKZFrmdg.7VRW5Q5MTCCk53RsXfO74MeA9nk%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=9969.cS_7RmGvDF_Xq6NqYhhb_Kz_PHUlBAPMJ4IxNdkXCeXgkfsjUV3QuMLjGHOuM0OnXQP-xTlzCgMqz6KB2CRSZaYrhecAmD3sk9N8nJuzlzcj3ut9veaPfjfOHvouVwl4hYDuqyf1d...

43 B
507 B

60ms
60ms

Image
image/gif

154.47.36.105
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=9969.cS_7RmGvDF_Xq6NqYhhb_Kz_PHUlBAPMJ4IxNdkXCeXgkfsjUV3QuMLjGHOuM0OnXQP-xTlzCgMqz6KB2CRSZaYrhecAmD3sk9N8nJuzlzcj3ut9veaPfjfOHvouVwl4hYDuqyf1dpfmzh8zTBZQ1WmrJyZ_-YzlGU2TH_GLFOoU_1w84KKqp_P7RUnCRoIkVZ9e_Vkq-OsfCwwpxBqe5YfgoFPRkrF_a4-MDDYklYc%2C.kuGTzS2so2rMCti9el6pGLnSkcI%2C

Requested by

Host: tlgrm.ru
URL: https://tlgrm.ru/faq

Protocol

Server

154.47.36.105 , United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:26 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=9969.cS_7RmGvDF_Xq6NqYhhb_Kz_PHUlBAPMJ4IxNdkXCeXgkfsjUV3QuMLjGHOuM0OnXQP-xTlzCgMqz6KB2CRSZaYrhecAmD3sk9N8nJuzlzcj3ut9veaPfjfOHvouVwl4hYDuqyf1dpfmzh8zTBZQ1WmrJyZ_-YzlGU2TH_GLFOoU_1w84KKqp_P7RUnCRoIkVZ9e_Vkq-OsfCwwpxBqe5YfgoFPRkrF_a4-MDDYklYc%2C.kuGTzS2so2rMCti9el6pGLnSkcI%2C
date: Tue, 11 Apr 2023 04:00:26 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 76ms
58ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230405&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7c6f1afe997b1b4b176509ea3a9ddb8d6d30952125771b127161c5d6ec835ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11333
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/ 149 KB
51 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/reactive_library_fy2021.js?bust=31073709

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c885ee351409bd517c16cee802e8c1e1ac6fd2844baab0ce981b6f3615c0145d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51873
x-xss-protection: 0
server: cafe
etag: 6078368264918643810
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 04:00:27 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 164ms
22ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 04:00:27 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tlgrm.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tlgrm.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/ Frame 962F 10 KB
4 KB 11ms
7ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tlgrm.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5859
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 02:22:48 GMT
etag: 2378337311435320485
expires: Tue, 25 Apr 2023 02:22:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/ Frame 2C18 10 KB
4 KB 11ms
9ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tlgrm.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5859
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 02:22:48 GMT
etag: 2378337311435320485
expires: Tue, 25 Apr 2023 02:22:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/ Frame 985A 10 KB
4 KB 11ms
9ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tlgrm.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5859
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 02:22:48 GMT
etag: 2378337311435320485
expires: Tue, 25 Apr 2023 02:22:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/ Frame EBF8 10 KB
4 KB 11ms
10ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tlgrm.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5859
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 02:22:48 GMT
etag: 2378337311435320485
expires: Tue, 25 Apr 2023 02:22:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 962F 4 KB
705 B 42ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 04:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 02:16:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 04:00:27 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 962F 205 B
650 B 32ms
8ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 14:54:54 GMT
x-content-type-options: nosniff
age: 47133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 09 Apr 2024 14:54:54 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 962F 604 B
694 B 32ms
8ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 03:12:43 GMT
x-content-type-options: nosniff
age: 2864
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 10 Apr 2024 03:12:43 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/ Frame 962F 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8171
x-xss-protection: 0
server: cafe
etag: 2240023182167719722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2C18 3 KB
1006 B 34ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d247591f9522801d7a053e929a77212df61c2f153a309141648ad9a7894b1a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 04:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 02:42:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 04:00:27 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 2C18 2 KB
846 B 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23645
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:22 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 2C18 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 2C18 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:25:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:25:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 2C18 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C18 159 KB
49 KB 51ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 04:00:27 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 2C18 33 KB
14 KB 20ms
9ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 23:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 23:44:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 985A 3 KB
670 B 23ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d247591f9522801d7a053e929a77212df61c2f153a309141648ad9a7894b1a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 04:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 03:18:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 04:00:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 985A 2 KB
765 B 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23645
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:22 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 985A 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 985A 3 KB
1 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:25:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:25:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 985A 20 KB
8 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 985A 159 KB
49 KB 50ms
33ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 04:00:27 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 985A 33 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 23:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 23:44:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EBF8 0
0 58ms
57ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnPKwWts0ZPm2DbLox_APlqG0yAHJntKxXL3plfdwwI23ARABIABglaqfgrAHggEXY2EtcHViLTg1MTcwMzczMzM1OTcyNzXIAQmpAkTheteqOrI-qAMBqgTOAU_QqPAv_QUBhEYJxw8W3nCLzsE3gXPP2JCt70WrpVKV5n3mAdfTL4BSfX4AhQrYQte1ZtUDEpUc4BwwxKpANM-vD31VA5ThjAGnocLrWseG9eehL98ugM4Woeq7mLfDxdvDhJgG73FeIOVA87B2tNGC02x_Mh5e_-12Kzz_FJfqm9-q48k_KLBSEMj6KSOkqVy8-oOaaOHzW94AVo37aGYdMXuViPS1nzeWfy8_llTAVAsYAVtdpmyy67iL24NmGRU-7r3HHJo4hTV5z95RgAaFlIqR2NTwyzugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTg1MTcwMzczMzM1OTcyNzUYAA&sigh=0rZX9_-o_b8&uach_m=[UACH]&cid=CAQSGwDUE5ymoJiuE629143XlWuwi3_lttBemW4imRgB

Requested by

Host: tlgrm.ru
URL: https://tlgrm.ru/faq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 04:00:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 11 Apr 2023 04:00:27 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame EBF8 0
0 64ms
20ms Fetch 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kKLpFMz6RO0HfJ2DYgICAAAAL0DNVPzopQcQWts0ZOEIgfl88c6wnAAAABIAAAoKQVFVQkR3RVBEdw&wp=ZDTbWgADW3kIEfQyAA0QlgyuIWftEXAYLyepPw

Requested by

Host: tlgrm.ru
URL: https://tlgrm.ru/faq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:26 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 154147
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D635 120 KB
43 KB 81ms
36ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZDTbWgADW3kIEfQyAA0QlgyuIWftEXAYLyepPw&u=%7CZPJT%2FoLG9mpIMyeq2oRCLyXcsnrg49cI0wmpeRHMeYk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA96avdF0ae7T29xH-962oDDoAaWu19c-YHzrTyBa6O46ypXMDlQj6qSRcqZqS8V77DheZM30v_ijINOLsRa6RJy0kFJyLSYdbYUfYwg3VNyKh5mok8hZJde4sRd_mLA08gax6BTXRQWCoT2fIjEWHdleotvtOxjtnUWIHMrrkXA8OGjrRUw1Ya24ZT9VVxBA38Cg8hXFJVSC8HaPFf3KWfAkccl7n7foG4XICQh1rhyHhLNHJ4VUQsheDbXg4T47NmAlsDKgJFpIenvDiiYOND2tehLtT_0SlOahjjpW5oKHHK-LBChJG0_7f5HVo4Ltp5RXyz84r3ZbxmJ4VNcxku4hdFElp9_OVcMK73tVZEJt0d9BZALQZ0dfdl74HqPb-sy88_N2gw-s4y5ip2skvEFqxsRdaMdDziPerp4yyLZtI48RymokGnoct8RBANLzv7Kip6y2TL2xBQSAXi-LhJ1Nn3sdhDwfQRT-XnWf9vIbk2ky78GfhmLyyUP3e4XKzqO6MjSqeheLGFCInrRPxqtj-wFxuyce6LaaoI2lj-3mNCKWDcaEBzAw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVVHoWts0ZPm2DbLox_APlqG0yAHJntKxXL3plfdwwI23ARABIABglaqfgrAHggEXY2EtcHViLTg1MTcwMzczMzM1OTcyNzXIAQmpAkTheteqOrI-qAMBqgTRAU_QqPAv_QUBhEYJxw8W3nCLzsE3gXPP2JCt70WrpVKV5n3mAdfTL4BSfX4AhQrYQte1ZtUDEpUc4BwwxKpANM-vD31VA5ThjAGnocLrWseG9eehL98ugM4Woeq7mLfDxdvDhJgG73FeIOVA87B2tNGC02x_Mh5e_-12Kzz_FJfqm9-q48k_KLBSEMj6KSOkqVy8-oOaaOHzW94AVo37aGYdMXuViPS1n3WUXr24GcjT65cMootgAJS7_7I90a1-m6H20xs1o4QUnbDTS83u9nNLgAaFlIqR2NTwyzugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1FDiz7yR8K_9kG36Ou4m-T2qml3Q%26client%3Dca-pub-8517037333597275%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6c881be8ea786bd65f95255d9ab840f8670fa9a58f109c27bd369e9cfb1f1fcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 04:00:26 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=IrWQxUI9spFO9QYQ0NdcJCFoKOY3tMbhQKGvxJW6VSTrfoGSuZ26zzt34n206NXVtBafS4b0BeIDt0XGAEshvMmqpKiPL-v1cqLH4PozJiN2hDQbZjrQpX7_V66wFWySg4QCixwaXxhKsKQCMAGqqju0qZ-v2A50zgqoEU0XQyVyZqnk1tOxiG0sM5RSw7yfB1FH6UKad2O1crBaybcI0dbP6VOLWCW-xSydnNfSoHqIZJ0HzchijGGMoYVkyQtdQTQ9pw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 12124408
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame EBF8 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:25:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:25:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame EBF8 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EBF8 159 KB
49 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 04:00:27 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0DA2 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tlgrm.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 27651
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 20:19:36 GMT
expires: Tue, 09 Apr 2024 20:19:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0536 783 B
1 KB 44ms
17ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3b5b9aef9a31927cb2f3742fce61c0ea14ed8212f62b8ca24616bee1d01c19c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yhnde2FTBKRRKJk2qPkBig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tlgrm.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-yhnde2FTBKRRKJk2qPkBig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 04:00:27 GMT
expires: Tue, 11 Apr 2023 04:00:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ Frame 00F5 8 KB
966 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 04:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 02:34:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 04:00:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 00F5 2 KB
765 B 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23645
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:22 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 00F5 22 KB
9 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 00F5 3 KB
1 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:25:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:25:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 00F5 20 KB
8 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 21:26:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 00F5 159 KB
49 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 04:00:27 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 00F5 33 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 23:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 23:44:25 GMT

GET
DATA 200
OK truncated
/ Frame EBF8 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd77b888dc69ba9ec28d305a93dfdf068744d5a92f267850d8a1d334000f201e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D635 2 KB
1 KB 234ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZDTbWgADW3kIEfQyAA0QlgyuIWftEXAYLyepPw&u=%7CZPJT%2FoLG9mpIMyeq2oRCLyXcsnrg49cI0wmpeRHMeYk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA96avdF0ae7T29xH-962oDDoAaWu19c-YHzrTyBa6O46ypXMDlQj6qSRcqZqS8V77DheZM30v_ijINOLsRa6RJy0kFJyLSYdbYUfYwg3VNyKh5mok8hZJde4sRd_mLA08gax6BTXRQWCoT2fIjEWHdleotvtOxjtnUWIHMrrkXA8OGjrRUw1Ya24ZT9VVxBA38Cg8hXFJVSC8HaPFf3KWfAkccl7n7foG4XICQh1rhyHhLNHJ4VUQsheDbXg4T47NmAlsDKgJFpIenvDiiYOND2tehLtT_0SlOahjjpW5oKHHK-LBChJG0_7f5HVo4Ltp5RXyz84r3ZbxmJ4VNcxku4hdFElp9_OVcMK73tVZEJt0d9BZALQZ0dfdl74HqPb-sy88_N2gw-s4y5ip2skvEFqxsRdaMdDziPerp4yyLZtI48RymokGnoct8RBANLzv7Kip6y2TL2xBQSAXi-LhJ1Nn3sdhDwfQRT-XnWf9vIbk2ky78GfhmLyyUP3e4XKzqO6MjSqeheLGFCInrRPxqtj-wFxuyce6LaaoI2lj-3mNCKWDcaEBzAw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVVHoWts0ZPm2DbLox_APlqG0yAHJntKxXL3plfdwwI23ARABIABglaqfgrAHggEXY2EtcHViLTg1MTcwMzczMzM1OTcyNzXIAQmpAkTheteqOrI-qAMBqgTRAU_QqPAv_QUBhEYJxw8W3nCLzsE3gXPP2JCt70WrpVKV5n3mAdfTL4BSfX4AhQrYQte1ZtUDEpUc4BwwxKpANM-vD31VA5ThjAGnocLrWseG9eehL98ugM4Woeq7mLfDxdvDhJgG73FeIOVA87B2tNGC02x_Mh5e_-12Kzz_FJfqm9-q48k_KLBSEMj6KSOkqVy8-oOaaOHzW94AVo37aGYdMXuViPS1n3WUXr24GcjT65cMootgAJS7_7I90a1-m6H20xs1o4QUnbDTS83u9nNLgAaFlIqR2NTwyzugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1FDiz7yR8K_9kG36Ou4m-T2qml3Q%26client%3Dca-pub-8517037333597275%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Apr 2024 04:00:27 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame D635 2 KB
1 KB 235ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Apr 2024 04:00:27 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D635 308 B
636 B 224ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 05 Apr 2024 04:00:27 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D635 293 B
621 B 225ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 05 Apr 2024 04:00:27 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame D635 43 B
348 B 294ms
18ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=6gHfVaHgB5mTAG-L4KQQPRhDA6j7FqU8L-1pv9DQ560G7auMFCZEqrt3LvPYwnv5laSi6_zUsXvRlw8P9-UWjfn1zyrLbIXnLMJ5SgpD6ukzcMKfGrOQGVle6TFDs2IHyZkpRDrcyEGbuP3Ei0fxs1CuQuQrrkfXFpSSuBPnTsuqXu9j1-me_nlzFAhdQ1TNMTbYJWk9ASzIb98NyShkQN944Cyo0Sua8kDml3yT7WGWu-9_O6jHD3J9g7RxAm_zEbGRwWJxc6auY_NT7UgmG26S5FeElWE3Uf7CAT2mdBLijvAH1cEsRiVQ25hjbZUrHKg68DBPP67oye8u9hUBPPfYl-KzGmebwUvO1inh3pHa7rt50d3lMf7Qnwg3nrIyrLLQAZi542LCKnVJC5vH_55reeAlbtbjA-Zx9VgJL7DF8Lxr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 04:00:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1975863
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D635 12 KB
5 KB 225ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1580101
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIj5xvAww%2BzKPVzwKT7EdgMXcR7Wp9hAdivltiPIVMvtc0FwkD7llGMK5NlH8foNXzvTDNu7%2BUIodGl7pL0poFHl%2FS2oqJk3RBUZX%2B4jPYkFjNRr0Vw9x7hKQ0F95MafGuk%2BCHBvXZa%2FhoJwtIfiY85r"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b60529e08979bc2-FRA
expires: Sun, 31 Mar 2024 04:00:27 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D635 12 KB
6 KB 221ms
16ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Apr 2024 04:00:27 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 2C18 10 KB
11 KB 203ms
9ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRGqoZnWO-OavvrVbyBYjqV10Yp0i5ONhdr0QthJ3XwA4zGDlc&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a819d06e2c955443c9dda0bd87dcc16a6d3142e62873e265d8e8b3f0ffab5585

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 17:36:28 GMT
x-content-type-options: nosniff
age: 555839
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10332
x-xss-protection: 0
last-modified: Sat, 11 Dec 2021 09:42:55 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 03 Apr 2024 17:36:28 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 2C18 16 KB
16 KB 206ms
11ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTtoyqXIHYwOmBYsCqwjIW3w-pi1iarcz6Eb-8_Fyh8Nae9PRhK&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbdd8e6363b190b789dd4d2ea2a6346ca7ac15c216c4209481ec6915ddd6aa85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 22:07:03 GMT
x-content-type-options: nosniff
age: 107604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15981
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 01:36:10 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 08 Apr 2024 22:07:03 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 2C18 21 KB
21 KB 202ms
7ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQqOtyf0e-GmpJ4Xc5--GVIPtgt7iF1lXLRB2OW-y_ZPdisCGcOmBCD5r4I3Po&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64093bff7f5db6448892f41583ba50e383450ff8ae2079605dd29d6c5eba8ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 06:21:42 GMT
x-content-type-options: nosniff
age: 596325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21436
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 14:03:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 03 Apr 2024 06:21:42 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 2C18 10 KB
10 KB 215ms
21ms Image
image/png 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSWvf_ta7pcmZEamYYt3VHObNGgnNz62-LI0kut9z06gAPG950&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f03ee14d631c32cc5c0d98c89a31f98c707d914d50e32db4cbc10caf8a94c68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 19:36:56 GMT
x-content-type-options: nosniff
age: 30211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10485
x-xss-protection: 0
last-modified: Fri, 04 Sep 2020 13:04:58 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 09 Apr 2024 19:36:56 GMT

GET
DATA 200
OK truncated
/ Frame 2C18 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c2192e05de8cb10aed6351f713b89aaea9098b7c557f090503a8e2ca789bd36

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 985A 10 KB
10 KB 199ms
15ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRGqoZnWO-OavvrVbyBYjqV10Yp0i5ONhdr0QthJ3XwA4zGDlc&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a819d06e2c955443c9dda0bd87dcc16a6d3142e62873e265d8e8b3f0ffab5585

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 17:36:28 GMT
x-content-type-options: nosniff
age: 555839
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10332
x-xss-protection: 0
last-modified: Sat, 11 Dec 2021 09:42:55 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 03 Apr 2024 17:36:28 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 985A 16 KB
16 KB 201ms
18ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTtoyqXIHYwOmBYsCqwjIW3w-pi1iarcz6Eb-8_Fyh8Nae9PRhK&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbdd8e6363b190b789dd4d2ea2a6346ca7ac15c216c4209481ec6915ddd6aa85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 22:07:03 GMT
x-content-type-options: nosniff
age: 107604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15981
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 01:36:10 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 08 Apr 2024 22:07:03 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 985A 11 KB
12 KB 191ms
8ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcS4pGMF-ntRXgg7QrFZzdS6Qz-UL3KeiGXxhisFaHNSFBy38ek&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc8242adce4e9df1cd179e5343f37c25e4e321c5f29d43c947c18cc46f5be474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 06:59:53 GMT
x-content-type-options: nosniff
age: 334834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11507
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 04:04:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 06 Apr 2024 06:59:53 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 985A 13 KB
13 KB 202ms
20ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQpHcxw5BLERsWUWP81xZ2F9Jmpk8osRBYsdijZFoQfXSFsOGR76Q8DB9QUGw&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2de8b598cc0e5358361813c083bce508bdb27846d4e55663660edd170d1fed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:46:10 GMT
x-content-type-options: nosniff
age: 339257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13377
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 02:58:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 06 Apr 2024 05:46:10 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 985A 10 KB
10 KB 205ms
22ms Image
image/png 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSWvf_ta7pcmZEamYYt3VHObNGgnNz62-LI0kut9z06gAPG950&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f03ee14d631c32cc5c0d98c89a31f98c707d914d50e32db4cbc10caf8a94c68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 19:36:56 GMT
x-content-type-options: nosniff
age: 30211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10485
x-xss-protection: 0
last-modified: Fri, 04 Sep 2020 13:04:58 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 09 Apr 2024 19:36:56 GMT

GET
DATA 200
OK truncated
/ Frame 985A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be7328ce6d28b0b37f31a989b157c848331ef20fabcfeebeac4b6d4e4ac9213b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C103 143 B
166 B 13ms
7ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1588
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 03:33:59 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D635 4 KB
4 KB 159ms
14ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=208&m=0&partner=25852&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F25852%2F230403%2F81e9c7a4973745c19a8bc70d8e2c7a09_de_wkda_white_bkg_rgb-03.jpg&v=3&w=416&s=mhy4WS5U7ghJnwW94B6GQXHv

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

78ce2429cea15a8579552d0effbd52bc95ca7fd6dd6da451146d2896fae5105c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30602840
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3664
expires: Sat, 30 Mar 2024 08:47:48 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D635 30 KB
30 KB 161ms
16ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?m=0&partner=25852&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F25852%2F230403%2F5a9b0f210c204c6e8376a22e1d58840e_v7.jpg&v=3&s=Lq96WmNrvWHNNWacR-bpEPje

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

a5890552b0697c378e8096b93f4fc00bf18f3e054dc968a1998c0bbd62e76dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30602964
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30392
expires: Sat, 30 Mar 2024 08:49:52 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D635 0
128 B 156ms
15ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=IrWQxUI9spFO9QYQ0NdcJCFoKOY3tMbhQKGvxJW6VSTrfoGSuZ26zzt34n206NXVtBafS4b0BeIDt0XGAEshvMmqpKiPL-v1cqLH4PozJiN2hDQbZjrQpX7_V66wFWySg4QCixwaXxhKsKQCMAGqqju0qZ-v2A50zgqoEU0XQyVyZqnk1tOxiG0sM5RSw7yfB1FH6UKad2O1crBaybcI0dbP6VOLWCW-xSydnNfSoHqIZJ0HzchijGGMoYVkyQtdQTQ9pw&sds=2&rev=85712&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 11 Apr 2023 04:00:27 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D635 2 KB
1 KB 163ms
23ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Apr 2024 04:00:27 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D635 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Apr 2024 04:00:27 GMT

GET
H3 200 qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4620 36 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js

Requested by

Host: tlgrm.ru
URL: https://tlgrm.ru/faq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8c53aaee52e675ce8282d0b6772699ad9f7b707553319fb257011698c3c27ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 287910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14303
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Apr 2024 20:01:57 GMT

GET
H3 200 qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js Show response
pagead2.googlesyndication.com/bg/ Frame B983 36 KB
14 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js

Requested by

Host: tlgrm.ru
URL: https://tlgrm.ru/faq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8c53aaee52e675ce8282d0b6772699ad9f7b707553319fb257011698c3c27ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 287910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14303
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Apr 2024 20:01:57 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2C18 0
19 B 50ms
50ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHo9bWts0ZPe2DbLox_APlqG0yAH1k5fHb_-NnYXjEdP9i-SdORABIP2Q4x1glaqfgrAHoAHuiorSA8gBCakCROF616o6sj6oAwHIA8sEqgTsAU_QGA84vMa52aCljX_7uO3gwNTWQbu75yr-9HSOj7slifBXIedi6yJP7BfvRrlbppJzC3Dd-Jr8-iLoXzj2xeM_yyRrlcGw6KGXf8S97hHK4Ng1XnbV41zhQUSeusYRfvca3EB7DNx0gv7_ULfYk1ipWmdCi2xCp1mCNh_LlZJiP7XFZl02DNbFHQwXW_dQQuS5b5bIivK8nCIbYlXpQQNbJqchH3ed0HThzHBVh7Q_YZySwsVHzwyxREDdlK79A5nGTzOa0GWiG0Q-VwYT2iCE2Is-s8zU19mfRReu0fU5NiOfkMuwpBkGtBgjwATemLivngSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-vT1LagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDq9DXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC9AVAYAXAbIXHAoaCAASFHB1Yi04NTE3MDM3MzMzNTk3Mjc1GAA&sigh=_4b6S2V8oHA&uach_m=[UACH]&cid=CAQSGwDUE5ymoJiuE629143XlWuwi3_lttBemW4imRgB&template_id=494&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 04:00:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 985A 0
19 B 53ms
53ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5oPOWts0ZPi2DbLox_APlqG0yAH1k5fHb_-NnYXjEdP9i-SdORABIP2Q4x1glaqfgrAHoAHuiorSA8gBCakCROF616o6sj6oAwHIA8sEqgTsAU_QEv8aLHXD9WKelNkqXGyNOog88OFw7vv-kALrJdaAZYIJ3Y6ETRRp171UszcOqXDwcDKZpaYUXFdFvAm9KUxnvwIPrXgD0QefOWKXjq_Z_SkAYlVJx72mHbbMpLpNKzHFMQytpSaU_-5UBXRExeLRkYBRFhHKe1Z6QyOf-QkAqnSIYgysw8g33N1f_2co5-fXidaaX_2cw-yxRo_4nskYyTCvV0BUC9xlB9zK4XCN3wvAySNWIRPfvyIC-UzjGC9DMR-MmWr7jNa8mgbPGvZqAYp74FRmuffd3Nml75ZhJ4kFmM3y1doZCaCAwATemLivngSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-vT1LagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDgwhjSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC9AVAYAXAbIXHAoaCAASFHB1Yi04NTE3MDM3MzMzNTk3Mjc1GAA&sigh=y1edghyBGoc&uach_m=[UACH]&cid=CAQSGwDUE5ymoJiuE629143XlWuwi3_lttBemW4imRgB&template_id=494&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 04:00:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0536 0
0 41ms
41ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230405&jk=167167486770119&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DA2 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8c53aaee52e675ce8282d0b6772699ad9f7b707553319fb257011698c3c27ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 287910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14303
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Apr 2024 20:01:57 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C103
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

26ms
26ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 04:00:28 GMT
expires: Tue, 11 Apr 2023 04:00:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 04:00:28 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js Show response
pagead2.googlesyndication.com/bg/ Frame D6B2 36 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qMU6ruUuZ1zoKC0LZ3Jpmtn3twdVMxn7JXARaYw8J-4.js

Requested by

Host: tlgrm.ru
URL: https://tlgrm.ru/faq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8c53aaee52e675ce8282d0b6772699ad9f7b707553319fb257011698c3c27ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 20:01:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 287911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14303
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Apr 2024 20:01:57 GMT

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame D635 2 KB
899 B 16ms
14ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Apr 2024 04:00:28 GMT

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame D635 16 KB
17 KB 54ms
26ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Apr 2024 04:00:28 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0DA2 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?L_pm9Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 04:00:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230405&jk=167167486770119&bg=!SUqlSh7NAAYIJb0jKCU7ADkAdvg8WqIcKXl7KyCBQBpyKkQTPuQyI7bPi-A3aqxMrkZchI3ZdbfdsqSfGBft-s8dzSogun-cSZICAAABM1IAAAACaAEHCgCf6LDXz20sIbFKRwhemTsUB2yaUB_3h8a3u0P6rE2WjfsZzkHvVDPROy7bc5h-8jDSd9LIfwdG8LZlibdSeYrs6JwZdXvs9OvtfmEXjK9QqW8cxbn2flUWc961CB4n1LN-xPPMORtQDNB19Raj-YG3_cW9SojLZsDHg_NTNjffRQh3mkrNm6rHh2Rw6RkDjf34JShaRlXVfU2P0kPZ7iiAmQKnL8vtF-F4Bf2C3k7lz14P8r_-Z05GZuGW5mtmucZ_EMcwc2VuZZb0rPgnmuNntgFbJ3SWHFkeJyGLpoQaM7X0P2m9ebDF130FylKmiM0ZrV_-LPgsQLRtYrZKaZphiYTPJjlSHu0UgZ2aT0OKl3_fjp2Jc4qkHeUjE1oaxofEm8j9yXF0eTpAB1WEceYagMYiTl_2VhLfxlqqbdJleoS2MUKpuEjbnduGNsQFLORm-jCGaLDzSfVQtfX6-OyShx8V6lXXGy1mAKljS2NlYrxrzUC2vc1RR5TD6GCwzYUZPh9IMSTLgSHIyl1yG1EAYwIhLvt_YOvKjZfiFLKLg87AOrIUcvQ651cL0eTl-xoKN4eeAZJ3dsTQyK6HWb69idY-CDzOINLMd2tNuChfDXiFOwk_w_kUr1HXrMZcTGCPnUEIeSP0ErtarOpbkUqQeQ_yIPQEO6aoFoaMl65-q7ytFFryXLTAlRcCShnzfYs7iRe0MXTWWr3BODdvr91_WZ_J5wtXAeH5VQ8T_TOkooJXtmamfK8i2VDFjZQZfo-sKD8qgVi_SiJRjrHLogAiT_IJntjEFIj94OJrJWPrm2LZz-KrFQVZ-HPpYb0eimGN9A1gZkTqNb8yXPT87JwcOsyEUU6Er5FcOtiSSXb_kgpnbUG9K1wTsD95d4F-CPtTiAw95KHqm93PUJvytrDGjGyg9fFkN8VpUktyclHw3SaqjPxvFKDgPjQ6cYASxfiVM_ci-eSsnEcIaUgQYRWwD9_g56A-hO86TJoqKv7z-919roEOULl_D13ql2XfIWDINqm3SwUphhAKelcSjCGldeHCX-3BLWkcJ1iOxFoFilgJm740wtJwEqzWwFLXjmTIJQ_JsREbTnKUzS33ABnrgCsy5Fb6mSYpqg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EBF8 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsseimHKdQW0wzCmNJYaxb8T4vfLQQPcHCc9TIJpkaSxuZmfyZn56N3MxpeiIzzRCWy22oGhG9DLqQD1Dz8a0ZAoyWo&sig=Cg0ArKJSzFyDf9FdsI1yEAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=128,701,1001,1079,1109&tos=128,573,300,78,30&v=20230410&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681185627283&rpt=314&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 04:00:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2C18 42 B
64 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOzz7-OhNVXV_vEBklGk_gLnBcWHi5el6NQGj4qff6MhpPSZshoYvmm-Kncos5Jhua12NCw2fkNbymmP7dxhAonmFZobWhj6Z1My8fg2MJv0fH51uGeDPI8QjL9T2QyRDVDln8AQ&sai=AMfl-YQqiQmtSMKrKpqT63TUPMYQ8r_rhJ5wIB2AazHN6r9hiS43Dy4gpa-N_i4KdzAFqxEAxp1BvVCEGx95&sig=Cg0ArKJSzNIv28LMB6hbEAE&cid=CAQSGwDUE5ymoJiuE629143XlWuwi3_lttBemW4imRgB&id=lidar2&mcvt=1011&p=0,0,600,200&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20230410&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681185627280&rpt=373&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 04:00:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 985A 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuoesHmlK1PTiXiyv_RlnZrLrIbD1Gvia1Bra1nSG7mVDS2LbgXwtT2seDN72tuqiCYdqqDyft240QBzYwdpYwcKhEqZre0RusN5QR08iD-iSdN2w0eGBNPiRNdEKvZFYSZECl8xw&sai=AMfl-YQKYPmixhWqpRtIc2r-EK32FsBJg6eFzTYdNcveoHdN0M1_hJD6EApRfnTvh5IEMDSXV0yGXkER8DZk&sig=Cg0ArKJSzEbCYAe8haXbEAE&cid=CAQSGwDUE5ymoJiuE629143XlWuwi3_lttBemW4imRgB&id=lidar2&mcvt=1018&p=0,0,600,200&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20230410&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681185627282&rpt=383&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 04:00:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D635 0
127 B 14ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 11 Apr 2023 04:00:28 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tlgrm.ru/	1970-01-20 20:35:45	Name: _ga Value: GA1.2.1392181173.1681185626
.tlgrm.ru/	1970-01-20 11:01:12	Name: _gid Value: GA1.2.1496578318.1681185626
.tlgrm.ru/	1970-01-20 10:59:45	Name: _gat Value: 1
.tlgrm.ru/	1970-01-20 19:45:21	Name: _ym_uid Value: 1681185626923725006
.tlgrm.ru/	1970-01-20 19:45:21	Name: _ym_d Value: 1681185626
.tlgrm.ru/	1970-01-20 11:00:57	Name: _ym_isad Value: 2
.yandex.ru/	1970-01-20 19:45:21	Name: ymex Value: 1712721626.yc.1681185626#1712721626.yrts.1681185626#1712721626.yrtsi.1681185626
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 375784641681185626
.yandex.ru/	1970-01-20 20:35:45	Name: i Value: rmrQaoOTJOXYWIbwrfUf5UAEjrVtWbBFodq019l92A9cSERXHa+J7H+9xqfUDzoRqEe07LfuAHZMO1Mrs+dYHNRB/Zk=
.yandex.ru/	1970-01-20 20:35:45	Name: yandexuid Value: 5230199991681185626
.yandex.ru/	1970-01-20 19:45:21	Name: yuidss Value: 5230199991681185626
.tlgrm.ru/	1970-01-20 20:21:21	Name: __gads Value: ID=3ac05af92f0a123a-22e48b708cdd007f:T=1681185626:RT=1681185626:S=ALNI_MYCebtHfdFQIUfRiZpFcax3ne7vCg
.tlgrm.ru/	1970-01-20 20:21:21	Name: __gpi Value: UID=00000bd3c83720bf:T=1681185626:RT=1681185626:S=ALNI_MaIQhavDfsrukSrJZ7car5nGLVBxA
.mc.webvisor.org/	1970-01-20 10:59:46	Name: sync_cookie_csrf Value: 598250999fake
.mc.yandex.ru/	1970-01-20 10:59:46	Name: sync_cookie_csrf Value: 2274635315fake
.webvisor.org/	1970-01-20 20:35:45	Name: yandexuid Value: 5230199991681185626
.webvisor.org/	1970-01-20 20:35:45	Name: yuidss Value: 5230199991681185626
.webvisor.org/	1970-01-20 20:35:45	Name: i Value: rmrQaoOTJOXYWIbwrfUf5UAEjrVtWbBFodq019l92A9cSERXHa+J7H+9xqfUDzoRqEe07LfuAHZMO1Mrs+dYHNRB/Zk=
.mc.webvisor.org/	1970-01-20 11:01:12	Name: sync_cookie_ok Value: synced
.doubleclick.net/	1970-01-20 20:21:21	Name: IDE Value: AHWqTUnaD5PgX9FP2CeTkiUF4SAkDL-66ssSDAcvajzjw60eCiShdYHh7zsIeXR0V0U
.doubleclick.net/	1970-01-20 10:59:49	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.fr3.eu.criteo.com
cdn.jsdelivr.net
cdn.tlgrm.app
cdnjs.cloudflare.com
csm.eu.criteo.net
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
googleads.g.doubleclick.net
mc.webvisor.org
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.fr3.eu.criteo.com
static.criteo.net
tlgrm.ru
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
154.47.36.105
178.250.7.9
2606:4700:3034::6815:2eea
2606:4700::6810:5514
2606:4700::6811:190e
2a00:1450:4001:800::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:813::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::f
2a02:2638:d::4
2a02:2638:d::c
2a02:6b8::1:119
2a11:27c0::93
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0c2192e05de8cb10aed6351f713b89aaea9098b7c557f090503a8e2ca789bd36
154e28bad039c96fd8dcf8d05bcc075ffd6df95bb6bb328f73a13420e88189fe
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d7e5f2905d16cf00a7a007d569525912eb8f786631697fed3fc61f911914621
1ec78de14a4fc9ea1e9e209abd5bec9703df8998713febab2f2039bee677dfb0
1fe307f8df8fec6db89add6d9f502a2380280bdf83532c1d9efc85c645d7671d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2cc2dc463136f83997692baae0211e0c1d9573159476a988d20e1a6afe9a8c2e
3083af23db561c3c0aae0cf64869b61a1f84efc498df8d78eefaaecb9ef76c31
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3b5b9aef9a31927cb2f3742fce61c0ea14ed8212f62b8ca24616bee1d01c19c3
3f03ee14d631c32cc5c0d98c89a31f98c707d914d50e32db4cbc10caf8a94c68
4a6c628313303b1d03b68569fa1c5021e317e4a02f49241a1e8e628985800764
4a71add93ddee462bbf4594e34e621687e0af41b1891352c2cea4aa2c003c254
4c39c4700972cf9eb60603946046786f0ef16199ba01308372f79ee6069325a5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ece5ec33c9fbea4b68348a50af4e579f1ef63b6d3d902cd4b1781e7bb0c5d39
501ffeebeadf3c2c401dc9ff9e68f101ff5c9912c0c42cacc98ebb33df18bba3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406
5857de573c6ca032437f02358a3c502a10327f139c22d125315376dc1472d3cb
59033a96303bd0d0d8369431081518683a51fddf634bdfcdf14985d51a11104a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
618c6763687e1638e02a48fbc074788a9a91ba13daafdea1f80430920b534946
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64093bff7f5db6448892f41583ba50e383450ff8ae2079605dd29d6c5eba8ff6
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
694a66577478e440ee4c37e69dd2fcb17161a0a37df35d924fdc8617203383bd
6c4e821117841b205d81cb500023bb9eacaa6c7327d81bf2d2a06341f7dc30b4
6c881be8ea786bd65f95255d9ab840f8670fa9a58f109c27bd369e9cfb1f1fcd
6dedfacc756e6613276441781cfb286e71b3f1e8e479dca150502b84281326e0
6ea82f8f1d56cdfb1be9314b0d54e2f7f3ac69fb22efbd8f9e078b649e0923f1
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73b7edabd4687d99646f2e7afa69cac49a58f7f64823a846c131a90fd2b63079
78032a218493781035f5b73adc5cfc23f69df97d040fe1cfde8fca3f4138b8b9
78ce2429cea15a8579552d0effbd52bc95ca7fd6dd6da451146d2896fae5105c
7bc7fee8ec77f177caa06256240e5f3897ce8258481d3cd42fb32c43cfafa436
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a
908c5804a27d64130960f88ab50390cf6301e7ee701028792187d5067a5bf425
989e965a925076efa5363984eccd04496b06f056fed7611eff290a1c04f75ce5
98f3423070dc573ba0d72ecca23da3b7fbbdf4235fafc2f6571b5f9c6ec43b8f
9a7af7f306df72219e6fec9376679bd6a5bc92a1ced67140159aa6c11bb83660
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5890552b0697c378e8096b93f4fc00bf18f3e054dc968a1998c0bbd62e76dc6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a819d06e2c955443c9dda0bd87dcc16a6d3142e62873e265d8e8b3f0ffab5585
a8c53aaee52e675ce8282d0b6772699ad9f7b707553319fb257011698c3c27ee
aa70d4ed35d1ba3fbaf5b04876616eb3303c1ce7edc20310f9033860a900be2e
acbc5067189bdaf7b63129f25520f8b1dda6b995f25274dbf89bae2abf699a54
b9c281d47971a6ac7bc7ab83d3d049024184b236f9f1139ee41d3d84a6a6160c
bbd2dfd27b11568955f947982be195a47fbe9bae729631e5301cea06e47ba931
be7328ce6d28b0b37f31a989b157c848331ef20fabcfeebeac4b6d4e4ac9213b
c1ffa8436eaef567b4c7e49aae1a2dc200c168500ad967c08eb55cd6d43e8e06
c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9
c7c6f1afe997b1b4b176509ea3a9ddb8d6d30952125771b127161c5d6ec835ed
c885ee351409bd517c16cee802e8c1e1ac6fd2844baab0ce981b6f3615c0145d
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d247591f9522801d7a053e929a77212df61c2f153a309141648ad9a7894b1a32
d2de8b598cc0e5358361813c083bce508bdb27846d4e55663660edd170d1fed8
d899cc5f8afee7f2133b85f3a8a4afa3827e33ec320fa17d183b593c76f0ab73
dbdd8e6363b190b789dd4d2ea2a6346ca7ac15c216c4209481ec6915ddd6aa85
dcb7008341883535d4158c6b97f5eda110a06578237eccc29f9d849708f87476
dd77b888dc69ba9ec28d305a93dfdf068744d5a92f267850d8a1d334000f201e
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
fc8242adce4e9df1cd179e5343f37c25e4e321c5f29d43c947c18cc46f5be474
fd0f6299441ed4c03ab1857cb7cb5f13480405b2e6f96c37b2ef56a0a3e2ab20

tlgrm.ru Open in urlscan Pro 2606:4700:3034::6815:2eea Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

115 Requests

97 %HTTPS

92 %IPv6

17 Domains

26 Subdomains

25 IPs

4 Countries

1360 kBTransfer

3518 kBSize

21 Cookies

30 Outgoing links

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tlgrm.ru Open in urlscan Pro
2606:4700:3034::6815:2eea Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

97 %
HTTPS

92 %
IPv6

17
Domains

26
Subdomains

25
IPs

4
Countries

1360 kB
Transfer

3518 kB
Size

21
Cookies

115 HTTP transactions
9 data transactions