urlscan.io logo urlscan.io
SecurityTrails logo

telegram-top.site Open in urlscan Pro
81.177.140.149  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://telegram-top.site/
Effective URL: https://telegram-top.site/
Submission: On February 02 via api from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 6 countries across 33 domains to perform 78 HTTP transactions. The main IP is 81.177.140.149, located in Russian Federation and belongs to RTCOMM-AS, RU. The main domain is telegram-top.site.
TLS certificate: Issued by R3 on January 23rd 2024. Valid for: 3 months.
This is the only time telegram-top.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 81.177.140.149 8342 (RTCOMM-AS)
3 195.161.41.160 8342 (RTCOMM-AS)
1 195.161.41.61 8342 (RTCOMM-AS)
5 31.222.226.234 8849 (MELBICOM-...)
1 6 87.250.250.119 13238 (YANDEX)
1 2 104.19.232.122 13335 (CLOUDFLAR...)
1 10 203.195.121.142 7979 (SERVERS-COM)
1 3 194.226.130.229 52016 (ADFACT)
1 195.161.62.100 8342 (RTCOMM-AS)
3 13.33.88.111 16509 (AMAZON-02)
7 7 35.213.12.39 15169 (GOOGLE)
3 3 54.249.249.163 16509 (AMAZON-02)
2 2 35.80.146.220 16509 (AMAZON-02)
1 1 167.172.185.217 14061 (DIGITALOC...)
1 104.17.106.212 13335 (CLOUDFLAR...)
3 130.211.115.4 396982 (GOOGLE-CL...)
3 3 31.172.81.159 44066 (DE-FIRSTC...)
2 2 89.108.120.68 197695 (AS-REG)
1 93.158.134.90 ()
1 1 23.39.5.30 ()
2 104.83.198.23 ()
3 8 69.173.158.64 ()
4 6 74.125.130.155 ()
2 2 52.223.40.198 ()
1 51.79.152.76 ()
78 18
2    81.177.140.149 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
PTR: srv28-h-st.jino.ru
telegram-top.site
3    195.161.41.160 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
parking-static.jino.ru
1    195.161.41.61 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
PTR: srv193-s-st.jino.ru
jino.ru
5    31.222.226.234 (Singapore, Singapore)

ASN8849 (MELBICOM-EU-AS Melbikomas UAB, LT)
cache.betweendigital.com
6    87.250.250.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
2    104.19.232.122 (None, )

ASN13335 (CLOUDFLARENET, US)
pixel.yabidos.com
10    203.195.121.142 (Singapore)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
lbs-asia1.ads.betweendigital.com
3    194.226.130.229 (Russian Federation)

ASN52016 (ADFACT, RU)
www.tns-counter.ru
1    195.161.62.100 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
parking.jino.ru
3    13.33.88.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-111.sin2.r.cloudfront.net
js.ad-score.com
7    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
3    54.249.249.163 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-249-249-163.ap-northeast-1.compute.amazonaws.com
pool.admedo.com
2    35.80.146.220 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-80-146-220.us-west-2.compute.amazonaws.com
ap.lijit.com
1    167.172.185.217 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: dsp.mobydix
cm.mobydix.com
1    104.17.106.212 (None, )

ASN13335 (CLOUDFLARENET, US)
pre.glotgrx.com
3    130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
3    31.172.81.159 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    89.108.120.68 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru
x01.aidata.io
1    93.158.134.90 (None, )

ASN- ()
an.yandex.ru
1    23.39.5.30 (None, )

ASN- ()
secure-assets.rubiconproject.com
2    104.83.198.23 (None, )

ASN- ()
eus.rubiconproject.com
8    69.173.158.64 (None, )

ASN- ()
token.rubiconproject.com
pixel.rubiconproject.com
6    74.125.130.155 (None, )

ASN- ()
cm.g.doubleclick.net
2    52.223.40.198 (None, )

ASN- ()
match.adsrvr.org
1    51.79.152.76 (None, )

ASN- ()
onetag-sys.com
Apex Domain
Subdomains		 Transfer
15 betweendigital.com
cache.betweendigital.com — Cisco Umbrella Rank: 33205
ads.betweendigital.com — Cisco Umbrella Rank: 1908
lbs-asia1.ads.betweendigital.com — Cisco Umbrella Rank: 234751
114 KB
11 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
pixel-eu.rubiconproject.com Failed
18 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
4 KB
7 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3982
an.yandex.ru
64 KB
6 doubleclick.net
cm.g.doubleclick.net
2 KB
6 ad-score.com
js.ad-score.com — Cisco Umbrella Rank: 3066
data.ad-score.com — Cisco Umbrella Rank: 2906
184 KB
5 jino.ru
parking-static.jino.ru
jino.ru — Cisco Umbrella Rank: 457263
parking.jino.ru
119 KB
3 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 4420
2 KB
3 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5392
1 KB
3 tns-counter.ru
www.tns-counter.ru — Cisco Umbrella Rank: 14837
1 KB
2 adsrvr.org
match.adsrvr.org
694 B
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 14168
1 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 671
725 B
2 yabidos.com
pixel.yabidos.com — Cisco Umbrella Rank: 11724
2 KB
2 telegram-top.site
telegram-top.site
920 B
1 onetag-sys.com
onetag-sys.com
2 KB
1 glotgrx.com
pre.glotgrx.com — Cisco Umbrella Rank: 11204
233 B
1 mobydix.com
cm.mobydix.com — Cisco Umbrella Rank: 192795
360 B
0 pubmatic.com Failed
image8.pubmatic.com Failed
0 smartadserver.com Failed
ssbsync-global.smartadserver.com Failed
0 opera.com Failed
t.adx.opera.com Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 stickyadstv.com Failed
ads.stickyadstv.com Failed
0 adnxs.com Failed
ib.adnxs.com Failed
0 mathtag.com Failed
sync.mathtag.com Failed
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
0 sharethrough.com Failed
match.sharethrough.com Failed
0 a-mo.net Failed
prebid.a-mo.net Failed
0 connatix.com Failed
capi.connatix.com Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 amazon-adsystem.com Failed
s.amazon-adsystem.com Failed
aax-eu.amazon-adsystem.com Failed
0 linkedin.com Failed
px.ads.linkedin.com Failed
0 yahoo.com Failed
pr-bh.ybp.yahoo.com Failed
ups.analytics.yahoo.com Failed
78 33
Domain Requested by
9 ads.betweendigital.com 1 redirects cache.betweendigital.com
ads.betweendigital.com
telegram-top.site
onetag-sys.com
7 x.bidswitch.net 7 redirects onetag-sys.com
6 cm.g.doubleclick.net 4 redirects
6 mc.yandex.ru 1 redirects parking-static.jino.ru
telegram-top.site
mc.yandex.ru
5 pixel.rubiconproject.com 1 redirects onetag-sys.com
5 cache.betweendigital.com parking-static.jino.ru
cache.betweendigital.com
telegram-top.site
ads.betweendigital.com
lbs-asia1.ads.betweendigital.com
3 token.rubiconproject.com 2 redirects eus.rubiconproject.com
3 sync.bumlam.com 3 redirects
3 data.ad-score.com js.ad-score.com
3 pool.admedo.com 3 redirects
3 js.ad-score.com ads.betweendigital.com
js.ad-score.com
3 www.tns-counter.ru 1 redirects telegram-top.site
3 parking-static.jino.ru telegram-top.site
2 match.adsrvr.org 2 redirects
2 eus.rubiconproject.com cache.betweendigital.com
eus.rubiconproject.com
2 x01.aidata.io 2 redirects
2 ap.lijit.com 2 redirects
2 pixel.yabidos.com 1 redirects telegram-top.site
2 telegram-top.site 1 redirects
1 onetag-sys.com cache.betweendigital.com
onetag-sys.com
1 secure-assets.rubiconproject.com 1 redirects
1 an.yandex.ru
1 pre.glotgrx.com telegram-top.site
1 cm.mobydix.com 1 redirects
1 lbs-asia1.ads.betweendigital.com ads.betweendigital.com
1 parking.jino.ru ads.betweendigital.com
1 jino.ru telegram-top.site
0 ups.analytics.yahoo.com Failed onetag-sys.com
0 image8.pubmatic.com Failed onetag-sys.com
0 ssbsync-global.smartadserver.com Failed onetag-sys.com
0 t.adx.opera.com Failed onetag-sys.com
0 cs.admanmedia.com Failed onetag-sys.com
0 ads.stickyadstv.com Failed onetag-sys.com
0 ib.adnxs.com Failed onetag-sys.com
0 sync.mathtag.com Failed onetag-sys.com
0 rtb.mfadsrvr.com Failed onetag-sys.com
0 match.sharethrough.com Failed
0 prebid.a-mo.net Failed
0 capi.connatix.com Failed
0 match.prod.bidr.io Failed
0 aax-eu.amazon-adsystem.com Failed
0 s.amazon-adsystem.com Failed
0 px.ads.linkedin.com Failed
0 pr-bh.ybp.yahoo.com Failed
0 pixel-eu.rubiconproject.com Failed onetag-sys.com
78 45

This site contains links to these domains. Also see Links.

Domain
jino.ru
Subject Issuer Validity Valid
telegram-top.site
R3		 2024-01-23 -
2024-04-22		 3 months crt.sh
parking-static.jino.ru
R3		 2023-12-13 -
2024-03-12		 3 months crt.sh
*.jino.ru
AlphaSSL CA - SHA256 - G4		 2023-06-01 -
2024-07-02		 a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-16 -
2024-03-18		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-12-26 -
2024-06-05		 5 months crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-13 -
2024-02-13		 a year crt.sh
parking.jino.ru
R3		 2024-01-11 -
2024-04-10		 3 months crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2023-09-02 -
2024-10-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-13 -
2024-05-12		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.tns-counter.ru
GlobalSign ECC OV SSL CA 2018		 2023-12-18 -
2025-01-18		 a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-23 -
2025-01-29		 a year crt.sh

This page contains 8 frames:

Primary Page: https://telegram-top.site/
Frame ID: 16ADF6B16CF6C9BAC9027A1C33911C01
Requests: 17 HTTP requests in this frame

Frame: https://mc.yandex.ru/metrika/metrika_match.html
Frame ID: DCF3C0DA3FC1A7CE734480DE820284E9
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=-480&fl=0&ord=3339003998533505&rr=direct&foc=1&r_seq=0&tld=dGVsZWdyYW0tdG9wLnNpdGU%3D&tagType=adi&w=728&h=90&s=266562&jst=ai&crf=1&rts=-7306352919473314150
Frame ID: B7EB96D5931F4A2EE2CC97E77B51D913
Requests: 17 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=f619666b-4fd8-5421-8445-fd81e1f8c5a1&CACHEBUSTER=253783
Frame ID: 722B82F5118CF8D23066FF45FBB7D2E9
Requests: 5 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?v=f487d82&pid=1000787
Frame ID: 32DF172E6DAABFA40481AA886F667B4F
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: B0EE9F075209C3CA7C4E973BFAFB3141
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 185A96C38E62A6DEF5AAFF8BC3AC0870
Requests: 20 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: BCEC72BBA3C067AFBA2CC3B26B385428
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ошибка 403. Доступ запрещен

Page URL History Show full URLs

  1. http://telegram-top.site/ HTTP 302
    https://telegram-top.site/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

78
Requests

42 %
HTTPS

0 %
IPv6

33
Domains

45
Subdomains

18
IPs

6
Countries

501 kB
Transfer

1341 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://telegram-top.site/ HTTP 302
    https://telegram-top.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://mc.yandex.ru/watch/25328195?wmode=7&page-url=https%3A%2F%2Ftelegram-top.site%2F&charset=utf-8&site-info=%7B%22page%22%3A%22403%22%2C%22jsVersion%22%3A%221.44.0%22%2C%22htmlVersion%22%3Anull%7D&ut=noindex&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Advwfxy7fn8eey0p9uffdyqvz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1231%3Acn%3A1%3Adp%3A0%3Als%3A1497694443064%3Ahid%3A98948053%3Az%3A480%3Ai%3A20240203024447%3Aet%3A1706899488%3Ac%3A1%3Arn%3A734512684%3Arqn%3A1%3Au%3A1706899488404887441%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C482%2C238%2C1%2C2036%2C0%2C%2C2136%2C0%2C%2C%2C%2C4895%3Aco%3A0%3Acpf%3A1%3Ans%3A1706899481203%3Arqnl%3A1%3Ast%3A1706899488%3At%3A%D0%9E%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20403.%20%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%B7%D0%B0%D0%BF%D1%80%D0%B5%D1%89%D0%B5%D0%BD&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
  • https://mc.yandex.ru/watch/25328195/1?wmode=7&page-url=https%3A%2F%2Ftelegram-top.site%2F&charset=utf-8&site-info=%7B%22page%22%3A%22403%22%2C%22jsVersion%22%3A%221.44.0%22%2C%22htmlVersion%22%3Anull%7D&ut=noindex&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Advwfxy7fn8eey0p9uffdyqvz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1231%3Acn%3A1%3Adp%3A0%3Als%3A1497694443064%3Ahid%3A98948053%3Az%3A480%3Ai%3A20240203024447%3Aet%3A1706899488%3Ac%3A1%3Arn%3A734512684%3Arqn%3A1%3Au%3A1706899488404887441%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C482%2C238%2C1%2C2036%2C0%2C%2C2136%2C0%2C%2C%2C%2C4895%3Aco%3A0%3Acpf%3A1%3Ans%3A1706899481203%3Arqnl%3A1%3Ast%3A1706899488%3At%3A%D0%9E%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20403.%20%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%B7%D0%B0%D0%BF%D1%80%D0%B5%D1%89%D0%B5%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
Request Chain 11
  • https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://telegram-top.site&x=&nci=&adtg=266562&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
  • https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://telegram-top.site&x=&nci=&adtg=266562&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Request Chain 12
  • https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=-480&fl=0&ord=3339003998533505&rr=direct&foc=1&r_seq=0&tld=dGVsZWdyYW0tdG9wLnNpdGU=&tagType=adi&w=728&h=90&s=266562&jst=ai HTTP 302
  • https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=-480&fl=0&ord=3339003998533505&rr=direct&foc=1&r_seq=0&tld=dGVsZWdyYW0tdG9wLnNpdGU%3D&tagType=adi&w=728&h=90&s=266562&jst=ai&crf=1&rts=-7306352919473314150
Request Chain 13
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/88804533 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/88804533
Request Chain 20
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=5e8530ed-3cd8-4e2c-977f-a21fcc89513a HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=&ssp=between&bsw_param=5e8530ed-3cd8-4e2c-977f-a21fcc89513a HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=5e8530ed-3cd8-4e2c-977f-a21fcc89513a
Request Chain 21
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=IGIEALZHq7XcxBw8Rzy1yUxu
Request Chain 22
  • https://cm.mobydix.com/rd HTTP 303
  • https://ads.betweendigital.com/match?bidder_id=144&external_user_id=cmujg8ff3l2nlc07ktj0
Request Chain 24
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=5e8530ed-3cd8-4e2c-977f-a21fcc89513a HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=5e8530ed-3cd8-4e2c-977f-a21fcc89513a HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=cf24b035-e4d7-420a-8422-8a1124153653&user_group=1&ssp=between&bsw_param=5e8530ed-3cd8-4e2c-977f-a21fcc89513a HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=5e8530ed-3cd8-4e2c-977f-a21fcc89513a
Request Chain 39
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARik8PStBqIBECaQyp7B-xHuhuAAJZDAZHw* HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=2690ca9e-c1fb-11ee-86e0-002590c0647c HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=2690ca9e-c1fb-11ee-86e0-002590c0647c&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=FGy41vFGhcivR%2FOSlfmxVQ& HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/2690ca9e-c1fb-11ee-86e0-002590c0647c
Request Chain 40
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 44
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=f619666b-4fd8-5421-8445-fd81e1f8c5a1&expires=60 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=5e8530ed-3cd8-4e2c-977f-a21fcc89513a&expires=30&gdpr=&gdpr_consent=&us_privacy=
Request Chain 46
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjI3NTVjMzQyM2NjN2UxZDhmYzg2NWZhY2I4N2M0ZDIxNjM0MDVlMw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjI3NTVjMzQyM2NjN2UxZDhmYzg2NWZhY2I4N2M0ZDIxNjM0MDVlMw&google_tc=
Request Chain 47
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://match.adsrvr.org/track/cmb/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=49858b35-b2a4-454a-a664-1f45067392c2&gdpr=0&gdpr_consent=&expires=30
Request Chain 48
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/xy4J68h8SzHfUsduBO_3aA?csrc=
Request Chain 49
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMTNCSN9-3quaDU0pPu6vB4&google_cver=1
Request Chain 50
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFM0WlcxM1QtTi01S0w= HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBwQmzLSBYCm2ogHGHaIIzg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFM0WlcxM1QtTi01S0w=&google_push=
Request Chain 51
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS4ZW13T-N-5KL
Request Chain 52
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LS4ZW13T-N-5KL&ex=d-rubiconproject.com&status=ok
Request Chain 56
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LS4ZW1EF-1V-D91G&pId=11&gdpr=&gdpr_consent=&us_privacy=
Request Chain 57
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LS4ZW1EF-1V-D91G
Request Chain 58
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS4ZW1EF-1V-D91G
Request Chain 75
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECmQYWtyIg3vJ3j3Wtw2A94&google_cver=1
Request Chain 77
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=49858b35-b2a4-454a-a664-1f45067392c2&gdpr=0&gdpr_consent=

78 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
telegram-top.site/
Redirect Chain
  • http://telegram-top.site/
  • https://telegram-top.site/
642 B
726 B 		Document
General
Check archive.org
Download Go to
Full URL
https://telegram-top.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.140.149 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
srv28-h-st.jino.ru
Software
Apache /
Resource Hash
70217754219b968600d1addd509240ec9671c0de40038eace6467737eff6ea23

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-length
642
content-type
text/html
date
Fri, 02 Feb 2024 18:44:43 GMT
server
Apache

Redirect headers

Connection
keep-alive
Content-Length
138
Content-Type
text/html
Date
Fri, 02 Feb 2024 18:44:43 GMT
Location
https://telegram-top.site/
Server
nginx
main.js
parking-static.jino.ru/static/ 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://parking-static.jino.ru/static/main.js?1.25.2
Requested by
Host: telegram-top.site
URL: https://telegram-top.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.161.41.160 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
18662c6edffb3875965f8d4b01357fd333ec481444eea2594b8c591b48cbda1b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://telegram-top.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:44:45 GMT
content-encoding
gzip
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
nginx/1.20.0
etag
W/"1dc09d84-1b86c"
content-type
application/javascript
logo.svg
parking-static.jino.ru/static/components/page/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://parking-static.jino.ru/static/components/page/logo.svg
Requested by
Host: telegram-top.site
URL: https://telegram-top.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.161.41.160 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
cbddb47fe51730b469878fb7dbcabc8834cb0a30ba2607b529ea35a94de2bc19

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://telegram-top.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:44:46 GMT
content-encoding
gzip
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
nginx/1.20.0
etag
W/"1dc09d84-a26"
content-type
image/svg+xml
page_403.svg
parking-static.jino.ru/static/components/page/icons/ 		596 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://parking-static.jino.ru/static/components/page/icons/page_403.svg
Requested by
Host: telegram-top.site
URL: https://telegram-top.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.161.41.160 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
0892483e50d392121320094cf5db52a7ca9bc37fab447120c152cf20d12c8735

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://telegram-top.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:44:46 GMT
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
nginx/1.20.0
accept-ranges
bytes
etag
"1dc09d84-254"
content-length
596
content-type
image/svg+xml
ptsans-regular.woff2
jino.ru/static/lib/fonts/ptsans-sub/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jino.ru/static/lib/fonts/ptsans-sub/ptsans-regular.woff2
Requested by
Host: telegram-top.site
URL: https://telegram-top.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.161.41.61 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
srv193-s-st.jino.ru
Software
nginx/1.14.2 /
Resource Hash
84baa1b0c5914a65ef3b6049d5d06cd64c44eb35151e6558940d505b9c5ad8af

Request headers

Referer
https://telegram-top.site/
Origin
https://telegram-top.site
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:44:47 GMT
last-modified
Wed, 31 Jan 2024 13:09:18 GMT
server
nginx/1.14.2
etag
"65ba467e-f0a0"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
61600
expires
Sat, 01 Feb 2025 18:44:47 GMT
266562.js
cache.betweendigital.com/sections/2/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/sections/2/266562.js
Requested by
Host: parking-static.jino.ru
URL: https://parking-static.jino.ru/static/main.js?1.25.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.226.234 Singapore, Singapore, ASN8849 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
d5f1150d320e64d27ec179c903e8d6a67ca12023a0383ccd3eff896a9c3a85e8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://telegram-top.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:44:48 GMT
content-encoding
gzip
last-modified
Fri, 04 Oct 2019 08:41:04 GMT
server
nginx
x-cdn-edge-id
43
etag
W/"5d9705a0-2176"
content-type
application/javascript
x-cdn-edge-cache
HIT
x-cdn-request-id
49a5e23c215c6aef17cb790408aecabe
watch.js
mc.yandex.ru/metrika/ 		171 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: parking-static.jino.ru
URL: https://parking-static.jino.ru/static/main.js?1.25.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
02f4d0b05c06ebf812121753681797c1a742d3be0c0ee22f2c843bc15b56633d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://telegram-top.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:44:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 02 Feb 2024 07:42:36 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65bc9cec-f012"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
61458
expires
Fri, 02 Feb 2024 19:44:47 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: telegram-top.site
URL: https://telegram-top.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://telegram-top.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:44:47 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 02 Feb 2024 07:42:36 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65bc9cec-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 02 Feb 2024 19:44:47 GMT
1
mc.yandex.ru/watch/25328195/
Redirect Chain
  • https://mc.yandex.ru/watch/25328195?wmode=7&page-url=https%3A%2F%2Ftelegram-top.site%2F&charset=utf-8&site-info=%7B%22page%22%3A%22403%22%2C%22jsVersion%22%3A%221.44.0%22%2C%22htmlVersion%22%3Anull...
  • https://mc.yandex.ru/watch/25328195/1?wmode=7&page-url=https%3A%2F%2Ftelegram-top.site%2F&charset=utf-8&site-info=%7B%22page%22%3A%22403%22%2C%22jsVersion%22%3A%221.44.0%22%2C%22htmlVersion%22%3Anu...
447 B
530 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/25328195/1?wmode=7&page-url=https%3A%2F%2Ftelegram-top.site%2F&charset=utf-8&site-info=%7B%22page%22%3A%22403%22%2C%22jsVersion%22%3A%221.44.0%22%2C%22htmlVersion%22%3Anull%7D&ut=noindex&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Advwfxy7fn8eey0p9uffdyqvz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1231%3Acn%3A1%3Adp%3A0%3Als%3A1497694443064%3Ahid%3A98948053%3Az%3A480%3Ai%3A20240203024447%3Aet%3A1706899488%3Ac%3A1%3Arn%3A734512684%3Arqn%3A1%3Au%3A1706899488404887441%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C482%2C238%2C1%2C2036%2C0%2C%2C2136%2C0%2C%2C%2C%2C4895%3Aco%3A0%3Acpf%3A1%3Ans%3A1706899481203%3Arqnl%3A1%3Ast%3A1706899488%3At%3A%D0%9E%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20403.%20%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%B7%D0%B0%D0%BF%D1%80%D0%B5%D1%89%D0%B5%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
Requested by
Host: telegram-top.site
URL: https://telegram-top.site/
Protocol
H2
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
637d2932fc2f3adcc833c73f1cf67104b66fddaf93f3e527a8c0a86f6d56d640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://telegram-top.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 18:44:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 02-Feb-2024 18:44:48 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://telegram-top.site
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Fri, 02-Feb-2024 18:44:48 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 18:44:48 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 02-Feb-2024 18:44:48 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/25328195/1?wmode=7&page-url=https%3A%2F%2Ftelegram-top.site%2F&charset=utf-8&site-info=%7B%22page%22%3A%22403%22%2C%22jsVersion%22%3A%221.44.0%22%2C%22htmlVersion%22%3Anull%7D&ut=noindex&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Advwfxy7fn8eey0p9uffdyqvz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1231%3Acn%3A1%3Adp%3A0%3Als%3A1497694443064%3Ahid%3A98948053%3Az%3A480%3Ai%3A20240203024447%3Aet%3A1706899488%3Ac%3A1%3Arn%3A734512684%3Arqn%3A1%3Au%3A1706899488404887441%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C482%2C238%2C1%2C2036%2C0%2C%2C2136%2C0%2C%2C%2C%2C4895%3Aco%3A0%3Acpf%3A1%3Ans%3A1706899481203%3Arqnl%3A1%3Ast%3A1706899488%3At%3A%D0%9E%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20403.%20%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%B7%D0%B0%D0%BF%D1%80%D0%B5%D1%89%D0%B5%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin
https://telegram-top.site
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 02-Feb-2024 18:44:48 GMT
metrika_match.html
mc.yandex.ru/metrika/ Frame DCF3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
482625f9d55feac9a3187b21e5a8ac098bdfaa328a094f7b4dd2d24ba59056e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://telegram-top.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
862
content-type
text/html
date
Fri, 02 Feb 2024 18:44:48 GMT
etag
"65bc9cec-35e"
expires
Fri, 02 Feb 2024 19:44:48 GMT
last-modified
Fri, 02 Feb 2024 07:42:36 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
async_rtb.js
cache.betweendigital.com/code/ 		310 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/async_rtb.js
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/266562.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.226.234 Singapore, Singapore, ASN8849 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
d41891be57345558b4d03c80719255c5bd0d03141e19928c06e95f3d3e7a2fd6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://telegram-top.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:44:48 GMT
content-encoding
gzip
last-modified
Wed, 31 May 2023 11:39:11 GMT
server
nginx
x-cdn-edge-id
43
etag
W/"647731df-4d9c1"
content-type
application/javascript
cache-control
public, max-age=7200, immutable
x-cdn-edge-cache
HIT
x-cdn-request-id
bb5614d98292830a3d5f4d61a055d576
1x1.gif
cache.betweendigital.com/code/ 		43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache.betweendigital.com/code/1x1.gif
Requested by
Host: telegram-top.site
URL: https://telegram-top.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.226.234 Singapore, Singapore, ASN8849 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://telegram-top.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:44:48 GMT
last-modified
Tue, 08 Oct 2019 15:27:01 GMT
server
nginx
x-cdn-edge-id
43
etag
"5d9caac5-2b"
content-type
image/gif
x-cdn-edge-cache
HIT
accept-ranges
bytes
x-cdn-request-id
402fc7a1fb810159a0817b11d87164be
content-length
43
fltiukqt.js
pixel.yabidos.com/
Redirect Chain
  • https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://telegram-top.site&x=&nci=&adtg=266562&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
  • https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://telegram-top.site&x=&nci=&adtg=266562&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://telegram-top.site&x=&nci=&adtg=266562&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Requested by
Host: telegram-top.site
URL: https://telegram-top.site/
Protocol
H2
Server
104.19.232.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
785336b4f84d9d08f0a668862267ebe15fbd2834c7f05a0fd27ba8f42384b53e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://telegram-top.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:44:48 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 22 Jan 2024 19:51:13 GMT
server
cloudflare
age
3657
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
84f4966d8d4481a4-SIN
content-length
1607
expires
Fri, 02 Feb 2024 20:44:48 GMT

Redirect headers

location
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://telegram-top.site&x=&nci=&adtg=266562&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
date
Fri, 02 Feb 2024 18:44:48 GMT
cache-control
max-age=3600
server
cloudflare
cf-ray
84f4966c7c5881a4-SIN
vary
Accept-Encoding
expires
Fri, 02 Feb 2024 19:44:48 GMT
adi
ads.betweendigital.com/ Frame B7EB
Redirect Chain
  • https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=-480&fl=0&ord=3339003998533505&rr=direct&foc=1&r_seq=0&tld=dGVsZWdyYW0tdG9wLnNpdGU=&tagType=adi&w=728&h=90&s=266562&jst=ai
  • https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=-480&fl=0&ord=3339003998533505&rr=direct&foc=1&r_seq=0&tld=dGVsZWdyYW0tdG9wLnNpdGU%3D&tagType=adi&w=728&h=90&s=266562&jst=ai&crf=1&rts=-730635291...
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=-480&fl=0&ord=3339003998533505&rr=direct&foc=1&r_seq=0&tld=dGVsZWdyYW0tdG9wLnNpdGU%3D&tagType=adi&w=728&h=90&s=266562&jst=ai&crf=1&rts=-7306352919473314150
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/async_rtb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
a9b5857a1be16af613cc465332f58f17c60f5a2649a59bf7761aacf54cb30a3d

Request headers

Referer
https://telegram-top.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
/adi?frl=0&pos=atf&tz=-480&fl=0&ord=3339003998533505&rr=direct&foc=1&r_seq=0&tld=dGVsZWdyYW0tdG9wLnNpdGU%3D&tagType=adi&w=728&h=90&s=266562&jst=ai&crf=1&rts=-7306352919473314150
88804533
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/88804533
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/88804533
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/88804533
Requested by
Host: telegram-top.site
URL: https://telegram-top.site/
Protocol
H2
Server
194.226.130.229 , Russian Federation, ASN52016 (ADFACT, RU),
Reverse DNS
Software
ms-counter-4.4.3/1.22.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://telegram-top.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 18:44:49 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-4.4.3/1.22.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 18:44:49 GMT
strict-transport-security
max-age=2678400
server
ms-counter-4.4.3/1.22.1
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/88804533
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
1
mc.yandex.ru/watch/25328195/ 		43 B
74 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/25328195/1?page-url=https%3A%2F%2Ftelegram-top.site%2F&charset=utf-8&ut=noindex&uah=chm%0A%3F0&hittoken=1706899488_5705a2402bc4aa8a594fa1d0fc3d813eb688fb3090ea7a2204337b6e0673e59f&browser-info=pa%3A1%3Aar%3A1%3Avf%3Advwfxy7fn8eey0p9uffdyqvz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1231%3Acn%3A1%3Adp%3A1%3Als%3A1497694443064%3Ahid%3A98948053%3Az%3A480%3Ai%3A20240203024448%3Aet%3A1706899489%3Ac%3A1%3Arn%3A479270756%3Arqn%3A2%3Au%3A1706899488404887441%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1706899481203%3Ahsa%3A1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706899489&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(2)aw(1)rcm(1)cdl(na)ti(0)&force-urlencoded=1&site-info=%7B%22ads%22%3A%22between_728x90%22%7D
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://telegram-top.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 18:44:48 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 02-Feb-2024 18:44:48 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://telegram-top.site
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 02-Feb-2024 18:44:48 GMT
728x90-domains39.jpg
parking.jino.ru/static/bnr/ Frame B7EB 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://parking.jino.ru/static/bnr/728x90-domains39.jpg
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=-480&fl=0&ord=3339003998533505&rr=direct&foc=1&r_seq=0&tld=dGVsZWdyYW0tdG9wLnNpdGU%3D&tagType=adi&w=728&h=90&s=266562&jst=ai&crf=1&rts=-7306352919473314150
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.161.62.100 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
476821eb12554fd39a4d1642acf0e232f4b236ff00e7108aecba532406647c31

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:44:50 GMT
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
nginx/1.20.0
accept-ranges
bytes
etag
"1dc09d84-4acb"
content-length
19147
content-type
image/jpeg
sspmatch-js
lbs-asia1.ads.betweendigital.com/ Frame B7EB 		844 B
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lbs-asia1.ads.betweendigital.com/sspmatch-js?randsalt=409200&p=34047&gdpr=0&consent=&country=SG
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=-480&fl=0&ord=3339003998533505&rr=direct&foc=1&r_seq=0&tld=dGVsZWdyYW0tdG9wLnNpdGU%3D&tagType=adi&w=728&h=90&s=266562&jst=ai&crf=1&rts=-7306352919473314150
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
54a3450be1ed7ae20fbc52da7114f3e906ada8cac11ecd7abebbf06d7a80bf79

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
844
content-type
text/javascript
pmListener.js
cache.betweendigital.com/ Frame B7EB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/pmListener.js
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=-480&fl=0&ord=3339003998533505&rr=direct&foc=1&r_seq=0&tld=dGVsZWdyYW0tdG9wLnNpdGU%3D&tagType=adi&w=728&h=90&s=266562&jst=ai&crf=1&rts=-7306352919473314150
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.226.234 Singapore, Singapore, ASN8849 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
7aa631033bbe188024b7562121e4bfa2fc17d00b5a982aec980c521b242d498e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:44:48 GMT
content-encoding
gzip
last-modified
Wed, 03 Feb 2021 14:20:14 GMT
server
nginx
x-cdn-edge-id
43
etag
W/"601ab11e-caf"
content-type
application/javascript
x-cdn-edge-cache
HIT
x-cdn-request-id
7c853693589d23fca816f63913cadd59
score.min.js
js.ad-score.com/ Frame B7EB 		507 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/score.min.js?pid=1000787
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=-480&fl=0&ord=3339003998533505&rr=direct&foc=1&r_seq=0&tld=dGVsZWdyYW0tdG9wLnNpdGU%3D&tagType=adi&w=728&h=90&s=266562&jst=ai&crf=1&rts=-7306352919473314150
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-111.sin2.r.cloudfront.net
Software
/
Resource Hash
675fbdb581f7ce1ac8355d030c5aa0fdacbf55019a1210c72eb5949d2cc872e4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 15:28:56 GMT
Content-Encoding
br
Via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SIN2-P2
Age
11753
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 02 Feb 2024 15:28:56 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
PPWASfzgavw0aQPripkcOE8kGs1SJJ48IiF7pd2UruT9IEVb6DBBbg==
Expires
Sat, 03 Feb 2024 15:28:56 GMT
bidder_18.html
cache.betweendigital.com/code/ Frame 722B 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=f619666b-4fd8-5421-8445-fd81e1f8c5a1&CACHEBUSTER=253783
Requested by
Host: lbs-asia1.ads.betweendigital.com
URL: https://lbs-asia1.ads.betweendigital.com/sspmatch-js?randsalt=409200&p=34047&gdpr=0&consent=&country=SG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.222.226.234 Singapore, Singapore, ASN8849 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878

Request headers

Referer
https://ads.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 02 Feb 2024 18:44:48 GMT
etag
W/"638623e5-e7e"
last-modified
Tue, 29 Nov 2022 15:23:17 GMT
server
nginx
x-cdn-edge-cache
HIT
x-cdn-edge-id
43
x-cdn-request-id
c0ad4c40df17ee19ee517ccb97db0a44
match
ads.betweendigital.com/ Frame B7EB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=5e8530ed-3cd8-4e2c-977f-a21fcc89513a
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=&ssp=between&bsw_param=5e8530ed-3cd8-4e2c-977f-a21fcc89513a
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=5e8530ed-3cd8-4e2c-977f-a21fcc89513a
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=5e8530ed-3cd8-4e2c-977f-a21fcc89513a
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=-480&fl=0&ord=3339003998533505&rr=direct&foc=1&r_seq=0&tld=dGVsZWdyYW0tdG9wLnNpdGU%3D&tagType=adi&w=728&h=90&s=266562&jst=ai&crf=1&rts=-7306352919473314150
Protocol
H2
Server
203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=5e8530ed-3cd8-4e2c-977f-a21fcc89513a
Date
Fri, 02 Feb 2024 18:44:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
match
ads.betweendigital.com/ Frame B7EB
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=IGIEALZHq7XcxBw8Rzy1yUxu
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=IGIEALZHq7XcxBw8Rzy1yUxu
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=-480&fl=0&ord=3339003998533505&rr=direct&foc=1&r_seq=0&tld=dGVsZWdyYW0tdG9wLnNpdGU%3D&tagType=adi&w=728&h=90&s=266562&jst=ai&crf=1&rts=-7306352919473314150
Protocol
H2
Server
203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=IGIEALZHq7XcxBw8Rzy1yUxu
access-control-allow-origin
*
date
Fri, 02 Feb 2024 18:44:50 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
0
access-control-allow-methods
GET, POST, DELETE, PUT
match
ads.betweendigital.com/ Frame B7EB
Redirect Chain
  • https://cm.mobydix.com/rd
  • https://ads.betweendigital.com/match?bidder_id=144&external_user_id=cmujg8ff3l2nlc07ktj0
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=144&external_user_id=cmujg8ff3l2nlc07ktj0
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=-480&fl=0&ord=3339003998533505&rr=direct&foc=1&r_seq=0&tld=dGVsZWdyYW0tdG9wLnNpdGU%3D&tagType=adi&w=728&h=90&s=266562&jst=ai&crf=1&rts=-7306352919473314150
Protocol
H2
Server
203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
https://ads.betweendigital.com/match?bidder_id=144&external_user_id=cmujg8ff3l2nlc07ktj0
Date
Fri, 02 Feb 2024 18:44:49 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
js
ads.betweendigital.com/ 		68 B
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/js?en=anNfcnVu&context=AAAAAOEESXBhdgACdwA6A9VTT2vUQBRPXkMpdVEpHjwG0dCCyc5kkmxiCautsIX-UWxr0UvJJpPd2HSzJkO37al4EAQPHrwI4jcQRLxW_AS63gQvHjzUWw_edZLdbWur4FFfJjPz3rx5783vvQczuILrVp2GqlUnoWr4NlJtBweq4_i67lQw0esh4Hdfvn0uff3x7PVLf2Qjoh1BAL3JWDu7Ui4zGtNG6q2rLGlrWcQoGH88KsN5bGgYIc02NYPAnjifbEdx7JVNDcnjK1ErSDqZvLAkY6ShSZkLLGNS3rSMCflaux3TFVqfjVjZJBWNWPL47MzS_NxlOY7WqFyj_loyIU8302SdlrHODWgWchxN1w150Qu9NOrfg1FiIKNysJgVmwtLumWZlg6vTsEbEQSQAGAmtLBjWVZdNcLAVk1Dx6ptGKbKOUxxaPumh_9S68JJoAQYS-nGatb0UgqAuEMBhJzyGSSMQLL5v1iDscWo1fDaSUqFXFHabsLpPloAGEZvsCZNB0th4Vz3SXf344Pu2-7uwKIAw9M356Fg4MXQIEtekGl1yjqUtoKoETEv1vxknYujapjGLlLaSeZ6LFTYtqsaNlLCXJikgUsIcRAijmObhJjIVNLUDaKU-kwJE9_FSrqa0ftcmcWBG9RuZ3dXgq07K4gFNacz11poB7XlS-S6wrzG0labutyl0nEruq00XQcpmdtLiXIvY64XKX4a5jZZ5qoVgixi6g52jAoh2MAm4tidDb04rnv-Gk8efySUsG7ZFhEKJge3GELBF0ypVy0wzMulAKgHfz8L_xPtV49yx-Pn_E4Vii7uz4VY7L8YLj4XrvLN4ykQRDhyW8w1_oWW3ZOE45Hk8e1Jw7eWp45jAf3vNzSSRS1cvOz70AA4scQrbtNBwsMRcefRdv_qhzP56NG5I7DCJ6nXSyKvKPHw4LBxD8J4upAPUfiFBhrcb2_THXgR3ksnYt6vSsX6Ew==&tld=dGVsZWdyYW0tdG9wLnNpdGU=
Requested by
Host: telegram-top.site
URL: https://telegram-top.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://telegram-top.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
match
ads.betweendigital.com/ Frame 722B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=5e8530ed-3cd8-4e2c-977f-a21fcc89513a
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=5e8530ed-3cd8-4e2c-977f-a21fcc89513a
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=cf24b035-e4d7-420a-8422-8a1124153653&user_group=1&ssp=between&bsw_param=5e8530ed-3cd8-4e2c-977f-a21fcc89513a
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=5e8530ed-3cd8-4e2c-977f-a21fcc89513a
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=5e8530ed-3cd8-4e2c-977f-a21fcc89513a
Protocol
H2
Server
203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=5e8530ed-3cd8-4e2c-977f-a21fcc89513a
Date
Fri, 02 Feb 2024 18:44:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
impimg.gif
pre.glotgrx.com/ 		26 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/impimg.gif?cb=1706899488943&qid=53532313f523632313f5436393&cid=964&s=https://telegram-top.site&p=BX&x=&adtg=266562&nsi=&si=&nci=&nai=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/120.0.6099.224%20Safari/537.36&ai=&flsrc=1
Requested by
Host: telegram-top.site
URL: https://telegram-top.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.106.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://telegram-top.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:44:49 GMT
cf-cache-status
HIT
last-modified
Sun, 26 Nov 2023 06:49:37 GMT
server
cloudflare
age
3815
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
84f496716d3389b0-SIN
content-length
26
expires
Fri, 02 Feb 2024 20:44:49 GMT
cors
data.ad-score.com/data/ Frame B7EB 		50 B
603 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=acZTxIajITOptehxJYiwtjzJFeGLNUTb-FE7fPshldVPiMiMY2XHAEUvJOcU=-E03BOsVvbFXhMA==&pm_ct=8c8a879b23be54de0f04ace7&pm_pl=1706899489303&pm_td=16&pid=1000787&en=1.1&callback=__pm_glbl_Ko0gTh64NGf8e2Eu8DjzAcai._gc1&v=f487d82
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000787
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
3641ece361c84fde69eda2743c83620048e75779ddd7934f376433077de9f1e0

Request headers

Referer
https://ads.betweendigital.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 02 Feb 2024 18:44:50 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://ads.betweendigital.com
Content-Type
text/plain; charset=utf-8
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
50
x.html
js.ad-score.com/ Frame 32DF 		76 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/x.html?v=f487d82&pid=1000787
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000787
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-111.sin2.r.cloudfront.net
Software
/
Resource Hash
c7d3ef33717dc737cf52cf24fc5f710d9e0ad2988519de3cca27900581c605bf

Request headers

Referer
https://ads.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
11750
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 02 Feb 2024 15:28:59 GMT
Last-Modified
Fri, 02 Feb 2024 08:04:52 GMT
Transfer-Encoding
chunked
Via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
X-Amz-Cf-Id
dwMtn9GZYPb9-rLDj6m6v1L7nKLVXUdZqUvFeseBOS14USIgppIxBg==
X-Amz-Cf-Pop
SIN2-P2
X-Cache
Hit from cloudfront
truncated
/ Frame B0EE 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B7EB 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
e99a004e-336b-4edc-9804-0ad9a0eb0682
https://ads.betweendigital.com/ Frame B7EB 		11 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ads.betweendigital.com/e99a004e-336b-4edc-9804-0ad9a0eb0682
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=-480&fl=0&ord=3339003998533505&rr=direct&foc=1&r_seq=0&tld=dGVsZWdyYW0tdG9wLnNpdGU%3D&tagType=adi&w=728&h=90&s=266562&jst=ai&crf=1&rts=-7306352919473314150
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
831f84c2e1956cac7cee876abf7774df3bc8d26a308e2d7994248a8899ffc361

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
10947
Content-Type
text/javascript
a5d48db8-069a-4adc-86d1-d1afb6c8cf4a
https://ads.betweendigital.com/ Frame B7EB 		720 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ads.betweendigital.com/a5d48db8-069a-4adc-86d1-d1afb6c8cf4a
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=-480&fl=0&ord=3339003998533505&rr=direct&foc=1&r_seq=0&tld=dGVsZWdyYW0tdG9wLnNpdGU%3D&tagType=adi&w=728&h=90&s=266562&jst=ai&crf=1&rts=-7306352919473314150
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
720
Content-Type
application/javascript
dea790ae-6997-4d13-b882-20eb6ac4ec39
https://ads.betweendigital.com/ Frame B7EB 		725 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ads.betweendigital.com/dea790ae-6997-4d13-b882-20eb6ac4ec39
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=-480&fl=0&ord=3339003998533505&rr=direct&foc=1&r_seq=0&tld=dGVsZWdyYW0tdG9wLnNpdGU%3D&tagType=adi&w=728&h=90&s=266562&jst=ai&crf=1&rts=-7306352919473314150
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
725
Content-Type
text/javascript
245cedf3-3dd9-4ae5-8d4d-e7d619193851
https://ads.betweendigital.com/ Frame B7EB 		288 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ads.betweendigital.com/245cedf3-3dd9-4ae5-8d4d-e7d619193851
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=-480&fl=0&ord=3339003998533505&rr=direct&foc=1&r_seq=0&tld=dGVsZWdyYW0tdG9wLnNpdGU%3D&tagType=adi&w=728&h=90&s=266562&jst=ai&crf=1&rts=-7306352919473314150
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
288
Content-Type
text/javascript
x.html
js.ad-score.com/ Frame 32DF 		0
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/x.html?v=f487d82&pid=1000787
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/x.html?v=f487d82&pid=1000787
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-111.sin2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://js.ad-score.com/x.html?v=f487d82&pid=1000787
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 15:28:59 GMT
Content-Encoding
gzip
Via
1.1 26d217ae6e701acdff710e730b58288a.cloudfront.net (CloudFront)
Last-Modified
Fri, 02 Feb 2024 08:04:52 GMT
X-Amz-Cf-Pop
SIN2-P2
Age
11750
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Hit from cloudfront
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Id
ch155LMeqt29H9jwDNrXujMjPLpedK_eRBR7vOz9W8maX2f8CdfS4g==
view
ads.betweendigital.com/ 		68 B
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/view?context=AAAAAOEESXBhdgACdwA6A9VTT2vUQBRPXkMpdVEpHjwG0dCCyc5kkmxiCautsIX-UWxr0UvJJpPd2HSzJkO37al4EAQPHrwI4jcQRLxW_AS63gQvHjzUWw_edZLdbWur4FFfJjPz3rx5783vvQczuILrVp2GqlUnoWr4NlJtBweq4_i67lQw0esh4Hdfvn0uff3x7PVLf2Qjoh1BAL3JWDu7Ui4zGtNG6q2rLGlrWcQoGH88KsN5bGgYIc02NYPAnjifbEdx7JVNDcnjK1ErSDqZvLAkY6ShSZkLLGNS3rSMCflaux3TFVqfjVjZJBWNWPL47MzS_NxlOY7WqFyj_loyIU8302SdlrHODWgWchxN1w150Qu9NOrfg1FiIKNysJgVmwtLumWZlg6vTsEbEQSQAGAmtLBjWVZdNcLAVk1Dx6ptGKbKOUxxaPumh_9S68JJoAQYS-nGatb0UgqAuEMBhJzyGSSMQLL5v1iDscWo1fDaSUqFXFHabsLpPloAGEZvsCZNB0th4Vz3SXf344Pu2-7uwKIAw9M356Fg4MXQIEtekGl1yjqUtoKoETEv1vxknYujapjGLlLaSeZ6LFTYtqsaNlLCXJikgUsIcRAijmObhJjIVNLUDaKU-kwJE9_FSrqa0ftcmcWBG9RuZ3dXgq07K4gFNacz11poB7XlS-S6wrzG0labutyl0nEruq00XQcpmdtLiXIvY64XKX4a5jZZ5qoVgixi6g52jAoh2MAm4tidDb04rnv-Gk8efySUsG7ZFhEKJge3GELBF0ypVy0wzMulAKgHfz8L_xPtV49yx-Pn_E4Vii7uz4VY7L8YLj4XrvLN4ykQRDhyW8w1_oWW3ZOE45Hk8e1Jw7eWp45jAf3vNzSSRS1cvOz70AA4scQrbtNBwsMRcefRdv_qhzP56NG5I7DCJ6nXSyKvKPHw4LBxD8J4upAPUfiFBhrcb2_THXgR3ksnYt6vSsX6Ew==&jsp=rsize%3D728x90%26tld%3DdGVsZWdyYW0tdG9wLnNpdGU%3D%26utbo%3D%2B08%3A00%26fstc%3D-1%26dm%3D0
Requested by
Host: telegram-top.site
URL: https://telegram-top.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://telegram-top.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
truncated
/ Frame B7EB 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
cors
data.ad-score.com/data/ Frame B7EB 		1 B
278 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=acZTxIajITOptehxJYiwtjzJFeGLNUTb-FE7fPshldVPiMiMY2XHAEUvJOcU=-E03BOsVvbFXhMA==&pm_ct=8c8a879b23be54de0f04ace7&pm_pl=1706899489303&pm_td=1036&pid=1000787&en=1.1&callback=__pm_glbl_Ko0gTh64NGf8e2Eu8DjzAcai._gc2&v=f487d82
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000787
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://ads.betweendigital.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://ads.betweendigital.com
Date
Fri, 02 Feb 2024 18:44:50 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
cors
data.ad-score.com/data/ Frame B7EB 		1 B
278 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=acZTxIajITOptehxJYiwtjzJFeGLNUTb-FE7fPshldVPiMiMY2XHAEUvJOcU=-E03BOsVvbFXhMA==&pm_ct=8c8a879b23be54de0f04ace7&pm_pl=1706899489303&pm_td=1541&pid=1000787&en=1.1&callback=__pm_glbl_Ko0gTh64NGf8e2Eu8DjzAcai._gc3&v=f487d82
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000787
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://ads.betweendigital.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://ads.betweendigital.com
Date
Fri, 02 Feb 2024 18:44:50 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
2690ca9e-c1fb-11ee-86e0-002590c0647c
an.yandex.ru/mapuid/adsniperis/ Frame 722B
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARik8PStBqIBECaQyp7B-xHuhuAAJZDAZHw*
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=2690ca9e-c1fb-11ee-86e0-002590c0647c
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=2690ca9e-c1fb-11ee-86e0-002590c0647c&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=FGy41vFGhcivR%2FOSlfmxVQ&
  • https://an.yandex.ru/mapuid/adsniperis/2690ca9e-c1fb-11ee-86e0-002590c0647c
43 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/adsniperis/2690ca9e-c1fb-11ee-86e0-002590c0647c
Protocol
H2
Server
93.158.134.90 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 18:44:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 02 Feb 2024 18:44:55 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 02 Feb 2024 18:44:55 GMT

Redirect headers

Date
Fri, 02 Feb 2024 18:44:54 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://an.yandex.ru/mapuid/adsniperis/2690ca9e-c1fb-11ee-86e0-002590c0647c
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
usync.html
eus.rubiconproject.com/ Frame 185A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=f619666b-4fd8-5421-8445-fd81e1f8c5a1&CACHEBUSTER=253783
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.198.23 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 02 Feb 2024 18:44:56 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 02 Feb 2024 18:44:56 GMT
location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 185A 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.198.23 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
21654ea15dc33ce303a5e730652aa4730fdefbf6903398ad44202317099a25e7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 18:44:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 Feb 2024 05:00:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36964
Connection
keep-alive
Content-Length
10920
Expires
Sat, 03 Feb 2024 05:01:00 GMT
khaos.json
token.rubiconproject.com/ Frame 185A 		7 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
d335433bbbe0efeac67146df47932f6f
Expires
0
253783
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 722B 		43 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/253783
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.226.130.229 , Russian Federation, ASN52016 (ADFACT, RU),
Reverse DNS
Software
ms-counter-4.4.3/1.22.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=2678400

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 18:44:56 GMT
strict-transport-security
max-age=2678400
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-4.4.3/1.22.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
tap.php
pixel.rubiconproject.com/ Frame 722B
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=f619666b-4fd8-5421-8445-fd81e1f8c5a1&expires=60
  • https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=5e8530ed-3cd8-4e2c-977f-a21fcc89513a&expires=30&gdpr=&gdpr_consent=&us_privacy=
42 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=5e8530ed-3cd8-4e2c-977f-a21fcc89513a&expires=30&gdpr=&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
//pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=5e8530ed-3cd8-4e2c-977f-a21fcc89513a&expires=30&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 02 Feb 2024 18:44:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 185A 		0
0
pixel
cm.g.doubleclick.net/ Frame 185A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjI3NTVjMzQyM2NjN2UxZDhmYzg2NWZhY2I4N2M0ZDIxNjM0MDVlMw
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjI3NTVjMzQyM2NjN2UxZDhmYzg2NWZhY2I4N2M0ZDIxNjM0MDVlMw&google_tc=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjI3NTVjMzQyM2NjN2UxZDhmYzg2NWZhY2I4N2M0ZDIxNjM0MDVlMw&google_tc=
Protocol
H2
Server
74.125.130.155 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 18:44:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 18:44:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjI3NTVjMzQyM2NjN2UxZDhmYzg2NWZhY2I4N2M0ZDIxNjM0MDVlMw&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 185A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://match.adsrvr.org/track/cmb/rubicon?
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=49858b35-b2a4-454a-a664-1f45067392c2&gdpr=0&gdpr_consent=&expires=30
42 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=49858b35-b2a4-454a-a664-1f45067392c2&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4290507b7388fb86809e552482e2fff0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=49858b35-b2a4-454a-a664-1f45067392c2&gdpr=0&gdpr_consent=&expires=30
date
Fri, 02 Feb 2024 18:44:57 GMT
server
Kestrel
content-length
289
xy4J68h8SzHfUsduBO_3aA
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame 185A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/xy4J68h8SzHfUsduBO_3aA?csrc=
0
0
tap.php
pixel.rubiconproject.com/ Frame 185A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMTNCSN9-3quaDU0pPu6vB4&google_cver=1
42 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMTNCSN9-3quaDU0pPu6vB4&google_cver=1
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d5ff5cea86970f029093dfe0a29d015
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 18:44:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMTNCSN9-3quaDU0pPu6vB4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 185A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFM0WlcxM1QtTi01S0w=
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBwQmzLSBYCm2ogHGHaIIzg&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFM0WlcxM1QtTi01S0w=&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFM0WlcxM1QtTi01S0w=&google_push=
Protocol
H3
Server
74.125.130.155 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 18:44:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFM0WlcxM1QtTi01S0w=&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e2b6b837307e4a2cb84d126fbaf2cea2
Expires
0
setuid
px.ads.linkedin.com/ Frame 185A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS4ZW13T-N-5KL
0
0
ecm3
s.amazon-adsystem.com/ Frame 185A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LS4ZW13T-N-5KL&ex=d-rubiconproject.com&status=ok
0
0
dcm
s.amazon-adsystem.com/ Frame 185A 		0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 185A 		0
0
rp
match.prod.bidr.io/cookie-sync/ Frame 185A 		0
0
pixel
capi.connatix.com/us/ Frame 185A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LS4ZW1EF-1V-D91G&pId=11&gdpr=&gdpr_consent=&us_privacy=
0
0
magnite
prebid.a-mo.net/setuid/ Frame 185A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LS4ZW1EF-1V-D91G
0
0
v1
match.sharethrough.com/sync/ Frame 185A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS4ZW1EF-1V-D91G
0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame 185A 		0
0
token
token.rubiconproject.com/ Frame 185A 		0
0
token
token.rubiconproject.com/ Frame 185A 		0
0
/
onetag-sys.com/usync/ Frame BCEC 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=f619666b-4fd8-5421-8445-fd81e1f8c5a1&CACHEBUSTER=253783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.152.76 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ddc46c117e3f9f9787be969b500382bfef5db5b5a3b7c09577f0761e3f7865e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1577
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
rtb.mfadsrvr.com/ Frame BCEC 		0
0
img
sync.mathtag.com/sync/ Frame BCEC 		0
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame BCEC 		0
0
getuid
ib.adnxs.com/ Frame BCEC 		0
0
user-matching
ads.stickyadstv.com/ Frame BCEC 		0
0
tap.php
pixel.rubiconproject.com/ Frame BCEC 		42 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=UJ5SKGGWa2qgoGwzxrZ0HUEDOv9Cdh-megQOAwWDBUQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
73c1e1bfc3bde354d60b80e601ae3914.gif
cs.admanmedia.com/ Frame BCEC 		0
0
sync
t.adx.opera.com/pub/ Frame BCEC 		0
0
/
onetag-sys.com/match/ Frame BCEC 		0
0
sync
ssbsync-global.smartadserver.com/api/ Frame BCEC 		0
0
/
onetag-sys.com/match/ Frame BCEC 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame BCEC 		0
0
/
onetag-sys.com/match/ Frame BCEC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECmQYWtyIg3vJ3j3Wtw2A94&google_cver=1
0
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame BCEC 		0
0
/
onetag-sys.com/match/ Frame BCEC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=49858b35-b2a4-454a-a664-1f45067392c2&gdpr=0&gdpr_consent=
0
0
sync
x.bidswitch.net/ Frame BCEC 		0
0
match
ads.betweendigital.com/ Frame BCEC 		68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=129&external_user_id=UJ5SKGGWa2qgoGwzxrZ0HUEDOv9Cdh-megQOAwWDBUQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pixel-eu.rubiconproject.com
URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&khaos=LS4ZW13T-N-5KL
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/rubicon/xy4J68h8SzHfUsduBO_3aA?csrc=
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS4ZW13T-N-5KL
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/ecm3?id=LS4ZW13T-N-5KL&ex=d-rubiconproject.com&status=ok
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
Domain
capi.connatix.com
URL
https://capi.connatix.com/us/pixel?puid=LS4ZW1EF-1V-D91G&pId=11&gdpr=&gdpr_consent=&us_privacy=
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/setuid/magnite?uid=LS4ZW1EF-1V-D91G
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS4ZW1EF-1V-D91G
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=37556&a=1
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=26594
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=onetag&ssp_user_id=UJ5SKGGWa2qgoGwzxrZ0HUEDOv9Cdh-megQOAwWDBUQ
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Domain
pixel-eu.rubiconproject.com
URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&ccpa=&coppa=
Domain
t.adx.opera.com
URL
https://t.adx.opera.com/pub/sync?pubid=pub10101531197440
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
Domain
ssbsync-global.smartadserver.com
URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECmQYWtyIg3vJ3j3Wtw2A94&google_cver=1
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=29&uid=49858b35-b2a4-454a-a664-1f45067392c2&gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| webpackJsonp object| Ya object| yaCounter25328195 object| btw_init function| a5_0x5295 function| a5_0x41b8 function| OutstreamPlayer function| bswad object| r_seq object| spt

24 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: i
Value: MQmkmHrw/S3puSdjemnkDJLSdFCaJF1Fg30DvLr85/fhruth6IRsm1+2H6HrVKXALQ4nNQTGyydxeSUSPn0ixeQO/pk=
.yandex.ru/ Name: yandexuid
Value: 6250750581706899487
.telegram-top.site/ Name: _ym_uid
Value: 1706899488404887441
.telegram-top.site/ Name: _ym_d
Value: 1706899488
.telegram-top.site/ Name: _ym_isad
Value: 2
mc.yandex.ru/ Name: yabs-sid
Value: 1873769801706899488
.yandex.ru/ Name: yuidss
Value: 6250750581706899487
.yandex.ru/ Name: ymex
Value: 2022259488.yrts.1706899488
.yandex.ru/ Name: bh
Value: KgI/MA==
.betweendigital.com/ Name: dc
Value: sin1
.betweendigital.com/ Name: tuuid
Value: f619666b-4fd8-5421-8445-fd81e1f8c5a1
.betweendigital.com/ Name: ss
Value: 1
.bidswitch.net/ Name: c
Value: 1706899489
.bidswitch.net/ Name: tuuid_lu
Value: 1706899489
.bidswitch.net/ Name: tuuid
Value: 5e8530ed-3cd8-4e2c-977f-a21fcc89513a
.tns-counter.ru/ Name: guid
Value: D5E16F0A65BD3821X1706899489
.lijit.com/ Name: ljt_reader
Value: IGIEALZHq7XcxBw8Rzy1yUxu
pool.admedo.com/ Name: tuuid
Value: cf24b035-e4d7-420a-8422-8a1124153653
pool.admedo.com/ Name: c
Value: 1706899490
pool.admedo.com/ Name: tuuid_lu
Value: 1706899490
.betweendigital.com/ Name: ut
Value: Zb04IwACp7DM_kUk4OtJZziDpLWlFnBQQn3RpA==
.bumlam.com/ Name: suuid3
Value: IiQyNjkwY2E5ZS1jMWZiLTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
.aidata.io/ Name: __upin
Value: FGy41vFGhcivR/OSlfmxVQ
.aidata.io/ Name: __upints
Value: 1706899493

7 Console Messages

Source Level URL
Text
network error URL: https://telegram-top.site/
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript info URL: https://js.ad-score.com/score.min.js?pid=1000787(Line 1)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://js.ad-score.com/score.min.js?pid=1000787(Line 1)
Message:
Failed to create WebGPU Context Provider
javascript info URL: https://js.ad-score.com/score.min.js?pid=1000787(Line 1)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://js.ad-score.com/score.min.js?pid=1000787(Line 1)
Message:
Failed to create WebGPU Context Provider
javascript info URL: https://js.ad-score.com/score.min.js?pid=1000787(Line 1)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://js.ad-score.com/score.min.js?pid=1000787(Line 1)
Message:
Failed to create WebGPU Context Provider

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ads.betweendigital.com
ads.stickyadstv.com
an.yandex.ru
ap.lijit.com
cache.betweendigital.com
capi.connatix.com
cm.g.doubleclick.net
cm.mobydix.com
cs.admanmedia.com
data.ad-score.com
eus.rubiconproject.com
ib.adnxs.com
image8.pubmatic.com
jino.ru
js.ad-score.com
lbs-asia1.ads.betweendigital.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mc.yandex.ru
onetag-sys.com
parking-static.jino.ru
parking.jino.ru
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pixel.yabidos.com
pool.admedo.com
pr-bh.ybp.yahoo.com
pre.glotgrx.com
prebid.a-mo.net
px.ads.linkedin.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
secure-assets.rubiconproject.com
ssbsync-global.smartadserver.com
sync.bumlam.com
sync.mathtag.com
t.adx.opera.com
telegram-top.site
token.rubiconproject.com
ups.analytics.yahoo.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
aax-eu.amazon-adsystem.com
ads.stickyadstv.com
capi.connatix.com
cs.admanmedia.com
ib.adnxs.com
image8.pubmatic.com
match.prod.bidr.io
match.sharethrough.com
onetag-sys.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
px.ads.linkedin.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
ssbsync-global.smartadserver.com
sync.mathtag.com
t.adx.opera.com
token.rubiconproject.com
ups.analytics.yahoo.com
x.bidswitch.net
104.17.106.212
104.19.232.122
104.83.198.23
13.33.88.111
130.211.115.4
167.172.185.217
194.226.130.229
195.161.41.160
195.161.41.61
195.161.62.100
203.195.121.142
23.39.5.30
31.172.81.159
31.222.226.234
35.213.12.39
35.80.146.220
51.79.152.76
52.223.40.198
54.249.249.163
69.173.158.64
74.125.130.155
81.177.140.149
87.250.250.119
89.108.120.68
93.158.134.90
02f4d0b05c06ebf812121753681797c1a742d3be0c0ee22f2c843bc15b56633d
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878
0892483e50d392121320094cf5db52a7ca9bc37fab447120c152cf20d12c8735
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
18662c6edffb3875965f8d4b01357fd333ec481444eea2594b8c591b48cbda1b
21654ea15dc33ce303a5e730652aa4730fdefbf6903398ad44202317099a25e7
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
3641ece361c84fde69eda2743c83620048e75779ddd7934f376433077de9f1e0
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
476821eb12554fd39a4d1642acf0e232f4b236ff00e7108aecba532406647c31
482625f9d55feac9a3187b21e5a8ac098bdfaa328a094f7b4dd2d24ba59056e8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a3450be1ed7ae20fbc52da7114f3e906ada8cac11ecd7abebbf06d7a80bf79
5ddc46c117e3f9f9787be969b500382bfef5db5b5a3b7c09577f0761e3f7865e
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
637d2932fc2f3adcc833c73f1cf67104b66fddaf93f3e527a8c0a86f6d56d640
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
675fbdb581f7ce1ac8355d030c5aa0fdacbf55019a1210c72eb5949d2cc872e4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
70217754219b968600d1addd509240ec9671c0de40038eace6467737eff6ea23
785336b4f84d9d08f0a668862267ebe15fbd2834c7f05a0fd27ba8f42384b53e
7aa631033bbe188024b7562121e4bfa2fc17d00b5a982aec980c521b242d498e
831f84c2e1956cac7cee876abf7774df3bc8d26a308e2d7994248a8899ffc361
84baa1b0c5914a65ef3b6049d5d06cd64c44eb35151e6558940d505b9c5ad8af
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a9b5857a1be16af613cc465332f58f17c60f5a2649a59bf7761aacf54cb30a3d
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
c7d3ef33717dc737cf52cf24fc5f710d9e0ad2988519de3cca27900581c605bf
cbddb47fe51730b469878fb7dbcabc8834cb0a30ba2607b529ea35a94de2bc19
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d41891be57345558b4d03c80719255c5bd0d03141e19928c06e95f3d3e7a2fd6
d5f1150d320e64d27ec179c903e8d6a67ca12023a0383ccd3eff896a9c3a85e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629