telegram-downloads.ru Open in urlscan Pro
92.53.96.193 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.telegram-downloads.ru/
Effective URL:
https://telegram-downloads.ru/
Submission: On October 01 via api (October 1st 2023, 11:50:52 pm UTC) from US — Scanned from US

Summary HTTP 255 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 32 domains to perform 255 HTTP transactions. The main IP is 92.53.96.193, located in St Petersburg, Russian Federation and belongs to TIMEWEB-AS, RU. The main domain is telegram-downloads.ru.
TLS certificate: Issued by R3 on July 18th 2023. Valid for: 3 months.

This is the only time telegram-downloads.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 44	92.53.96.193 92.53.96.193	9123 (TIMEWEB-AS) (TIMEWEB-AS)
13	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
1	142.250.176.202 142.250.176.202	15169 (GOOGLE) (GOOGLE)
1	93.186.225.194 93.186.225.194	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
2	178.154.131.217 178.154.131.217	13238 (YANDEX) (YANDEX)
12	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
6	142.251.40.131 142.251.40.131	15169 (GOOGLE) (GOOGLE)
1	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
13	142.250.81.225 142.250.81.225	15169 (GOOGLE) (GOOGLE)
5	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
5	74.119.119.65 74.119.119.65	19750 (AS-CRITEO) (AS-CRITEO)
3 8	77.88.21.119 77.88.21.119	13238 (YANDEX) (YANDEX)
52	74.119.119.131 74.119.119.131	19750 (AS-CRITEO) (AS-CRITEO)
5	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
4	142.250.176.196 142.250.176.196	15169 (GOOGLE) (GOOGLE)
5	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
41	74.119.119.80 74.119.119.80	19750 (AS-CRITEO) (AS-CRITEO)
8	74.119.119.149 74.119.119.149	19750 (AS-CRITEO) (AS-CRITEO)
2 2	159.127.43.137 159.127.43.137	25751 (VALUECLICK) (VALUECLICK)
2 22	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
2 2	38.98.69.175 38.98.69.175	174 (COGENT-174) (COGENT-174)
1 1	34.133.71.175 34.133.71.175	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1 1	34.236.127.74 34.236.127.74	14618 (AMAZON-AES) (AMAZON-AES)
1 1	104.126.118.202 104.126.118.202	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	20.242.10.199 20.242.10.199	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	185.167.164.37 185.167.164.37	198622 (ADFORM) (ADFORM)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 1	54.164.217.79 54.164.217.79	14618 (AMAZON-AES) (AMAZON-AES)
2 3	87.250.250.90 87.250.250.90	13238 (YANDEX) (YANDEX)
1 2	50.116.194.21 50.116.194.21	6336 (TURN-US-ASN) (TURN-US-ASN)
2 2	44.219.180.129 44.219.180.129	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	69.90.254.78 69.90.254.78	13768 (COGECO-PEER1) (COGECO-PEER1)
1	202.233.84.1 202.233.84.1	131957 (MICROAD M...) (MICROAD MicroAd)
1 1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
4	74.119.119.130 74.119.119.130	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.118.147 74.119.118.147	19750 (AS-CRITEO) (AS-CRITEO)
255	26

44 92.53.96.193 (St Petersburg, Russian Federation) 1 redirects

ASN9123 (TIMEWEB-AS, RU)
PTR: vh348.timeweb.ru

www.telegram-downloads.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
telegram-downloads.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.251.40.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.202 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.186.225.194 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.154.131.217 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: static.yandex.net

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.65.162 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.40.131 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.226 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.81.225 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.40.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.119.119.65 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 77.88.21.119 (Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.176.196 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 74.119.119.80 (United States)

ASN19750 (AS-CRITEO, US)

imageproxy.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 74.119.119.149 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.127.43.137 (United States) 2 redirects

ASN25751 (VALUECLICK, US)
PTR: iad07-nessy-float1.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.176.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.98.69.175 (New York, United States) 2 redirects

ASN174 (COGENT-174, US)

aep.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.133.71.175 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 175.71.133.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.236.127.74 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-127-74.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.126.118.202 (New York, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-118-202.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.242.10.199 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

beacon.walmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.37 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.217.79 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-217-79.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.250.250.90 (Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.116.194.21 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)
PTR: presentation-atl1.turn.com

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.219.180.129 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-219-180-129.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.90.254.78 (Herndon, United States) 1 redirects

ASN13768 (COGECO-PEER1, CA)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway) 1 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.119.119.130 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.118.147 (United States)

ASN19750 (AS-CRITEO, US)

rtb.da.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
101	criteo.net static.criteo.net — Cisco Umbrella Rank: 897 imageproxy.us.criteo.net — Cisco Umbrella Rank: 5260 csm.us.criteo.net — Cisco Umbrella Rank: 5069	816 KB
44	telegram-downloads.ru 1 redirects www.telegram-downloads.ru telegram-downloads.ru	642 KB
34	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 329	94 KB
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	369 KB
16	criteo.com ads.us.criteo.com — Cisco Umbrella Rank: 4918 cat.va.us.criteo.com — Cisco Umbrella Rank: 5006 dis.criteo.com — Cisco Umbrella Rank: 910 rtb.va.us.criteo.com — Cisco Umbrella Rank: 10891 rtb.da.us.criteo.com — Cisco Umbrella Rank: 14664	264 KB
6	yandex.ru 3 redirects mc.yandex.ru — Cisco Umbrella Rank: 2472 an.yandex.ru — Cisco Umbrella Rank: 4716	125 KB
6	gstatic.com fonts.gstatic.com	124 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 6180	3 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 410	23 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	286 KB
4	google.com www.google.com — Cisco Umbrella Rank: 11	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 637	877 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1562	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1432 r.turn.com — Cisco Umbrella Rank: 6191	869 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 954	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 614	2 KB
2	linkedin.com 2 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 830	1 KB
2	mxptint.net 2 redirects aep.mxptint.net — Cisco Umbrella Rank: 11105	1 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 5383	890 B
2	yastatic.net yastatic.net — Cisco Umbrella Rank: 3989	40 KB
1	opera.com 1 redirects t.adx.opera.com — Cisco Umbrella Rank: 2169	673 B
1	microad.jp aid.send.microad.jp — Cisco Umbrella Rank: 11034	641 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 2199	684 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 1241	1 KB
1	walmart.com 1 redirects beacon.walmart.com — Cisco Umbrella Rank: 9293	581 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 11243	555 B
1	pangle-ads.com 1 redirects analytics.pangle-ads.com — Cisco Umbrella Rank: 2902	991 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 2679	648 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1332	712 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368	611 B
1	vk.com vk.com — Cisco Umbrella Rank: 4111	31 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	2 KB
255	32

	Domain	Requested by
52	static.criteo.net	ads.us.criteo.com cdnjs.cloudflare.com static.criteo.net
43	telegram-downloads.ru	telegram-downloads.ru
41	imageproxy.us.criteo.net	ads.us.criteo.com
22	cm.g.doubleclick.net	2 redirects telegram-downloads.ru googleads.g.doubleclick.net
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	pagead2.googlesyndication.com	telegram-downloads.ru pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	csm.us.criteo.net	ads.us.criteo.com
6	fonts.gstatic.com	fonts.googleapis.com
5	mc.yandex.com	2 redirects telegram-downloads.ru
5	cdnjs.cloudflare.com	ads.us.criteo.com
5	cat.va.us.criteo.com	ads.us.criteo.com
5	ads.us.criteo.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
4	rtb.va.us.criteo.com	googleads.g.doubleclick.net
4	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	an.yandex.ru	2 redirects telegram-downloads.ru
3	mc.yandex.ru	1 redirects telegram-downloads.ru yastatic.net
2	match.adsrvr.org	2 redirects
2	pm.w55c.net	2 redirects
2	c1.adform.net	2 redirects
2	x.bidswitch.net	2 redirects
2	px.ads.linkedin.com	2 redirects
2	aep.mxptint.net	2 redirects
2	dclk-match.dotomi.com	2 redirects
2	yastatic.net	telegram-downloads.ru
1	rtb.da.us.criteo.com	googleads.g.doubleclick.net
1	t.adx.opera.com	1 redirects
1	aid.send.microad.jp	googleads.g.doubleclick.net
1	ums.acuityplatform.com	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	beacon.walmart.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	analytics.pangle-ads.com	1 redirects
1	beacon.lynx.cognitivlabs.com	1 redirects
1	um.simpli.fi	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	vk.com	telegram-downloads.ru
1	fonts.googleapis.com	telegram-downloads.ru
1	www.telegram-downloads.ru	1 redirects
255	43

This site contains links to these domains. Also see Links.

Domain
web.telegram.org
vk.com
connect.ok.ru
twitter.com
t.me
play.google.com
itunes.apple.com
www.microsoft.com
wordpress.org
www.templatesnext.org

Subject Issuer	Validity	Valid
telegram-downloads.ru R3	`2023-07-18` - `2023-10-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2023-03-16` - `2024-02-20`	a year	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-07-10` - `2024-01-07`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-01` - `2023-12-02`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.va.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2023-12-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-09` - `2023-11-07`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2022-10-05` - `2023-11-06`	a year	crt.sh
*.da.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-29` - `2023-11-29`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://telegram-downloads.ru/
Frame ID: C23DDCD99D73DE463DB2A8572AF196CE
Requests: 74 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html
Frame ID: 70130972D085F71D10ABF5996755C7A3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&adk=1812271804&adf=3025194257&lmt=1696240244&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x1080_l%7C164x1080_r&format=0x0&url=https%3A%2F%2Ftelegram-downloads.ru%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204244490&bpp=61&bdt=423&idt=197&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1200992134216&frm=20&pv=2&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=262
Frame ID: 164AEB7EDA534F5E3B820BDEBB632DE4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&h=280&slotname=6381865431&adk=421633162&adf=33309763&pi=t.ma~as.6381865431&w=1200&fwrn=4&fwrnh=100&lmt=1696240244&rafmt=1&format=1200x280&url=https%3A%2F%2Ftelegram-downloads.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204244552&bpp=19&bdt=485&idt=209&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1200992134216&frm=20&pv=1&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vKtTsLttsA&p=https%3A//telegram-downloads.ru&dtd=217
Frame ID: 37528044FCF450985A566A8589E6A92D
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZRoF1AANGK4AszzDAAs2SEuiRnEAjA6tmZuWIQ&u=%7CkHQU%2FM0sFPkDLwBdOnKC8HN6rQYBe6W1jqa5hLqC%2BLQ%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cno76PwCYU5ChNmYmO3XJC4WaciyIpNutWHtOB9KzXiHsHHAXr06FV60lXp62cb2Y_6edrDdY4LKwunxlfhm3miTDLFp1kfbR8lMTluAiyHedcrrveSIfjWfRfOZhSVUf0NAf7-K9HaHYcWjyGtlGkm_zg0u4mcn0WgYC7LqIPylKA_YH3H1_vYEJ4hUxezO41o0l2jAUeiflA9fO8JqzWosib-X3A9wn1XkCvpmqjLdxITqRegM2tmEOWDvyJckbldOLFc2OEWreaa1xUtFsFsGgeGnAvoY_rm7-dRXdPpGZWHSnThEsBN8lLsT1rxaaGrylgDHNnSZP1EVlYOwzytxq0glzstg1jitgkZDWfWb3RTGnXvhVK8j_7KEtxPWOLKszxUBQ65wf7ntVLE17vecsCT4iRvAFfgkkxEbYzG8FhQo92zKoENXRKduUCvfuNFMJlwGZdlB1WlR3yeKBC1oEL1NYn9b8sAnXsg96PDpQhaWqE86gcwjFVz9Ww7jM3fdLzGSxCeGyGy_i_Knc8wKdq0hlDqhkN-FwzhFFVGA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa89q1AUaZa6xNMP5zLUPyOyskAicge-wXKLKp6p0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMTczMDUwMDU5ODkyMjMyNsgBCagDAcgDAqoE-QFP0B6Gst4XT8l6L0DRjWwCPYkefApA5k2Hps4izYOh0ZQf6680-e1dE6gk3AblWB1MWN_04iIMzr5EfMyq_m9xBCVadt_OmkRqOEoIogFea8XmqoIjR921dXgUsgTkULoabUHx0rKkg9ApaMqQRsELt_erWf36NCYOpwC6e19N-9dBvElu3RHBazJV_jMX_RbQH7ahzkpHJjeMu4Aq2LDvSVnjOPEQZo-l4ucx2BR5tOpXvsZ83SWLVUkD5rSP1prx4iKHAlDYpcNqr8W306NINoYmH2D3Eq656qnSPWnqis1d2uuTCD7McRrZXWTh-Z_czeSonvQijtWABsfV-PSTnoC9FKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2NubTseFbzb9Lsvl6xXMBthOJmtw%26client%3Dca-pub-1730500598922326%26adurl%3D
Frame ID: 13D195F72C72334030A2A7CD4CE8420B
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1696240245&rafmt=1&to=qs&pwprc=1275318804&format=1200x280&url=https%3A%2F%2Ftelegram-downloads.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204245229&bpp=1&bdt=1162&idt=-M&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48bcaa1e0f69cd79-2224e2fc76e40078%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_MaBpbUoeP6xV5wkmbX_vNyl2v1pAQ&gpic=UID%3D00000d96405a144e%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_Mb7-GVFS4k8qi62VqnuGOOxs0zQFA&prev_fmts=0x0%2C1200x280&nras=2&correlator=1200992134216&frm=20&pv=1&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=kIa02h8WK1&p=https%3A//telegram-downloads.ru&dtd=5
Frame ID: 58868CDD25C5482E7A80DB4551925A4F
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&h=280&adk=997297033&adf=122919196&pi=t.aa~a.2586680255~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696240245&rafmt=1&to=qs&pwprc=1275318804&format=1200x280&url=https%3A%2F%2Ftelegram-downloads.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204245229&bpp=1&bdt=1162&idt=-M&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48bcaa1e0f69cd79-2224e2fc76e40078%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_MaBpbUoeP6xV5wkmbX_vNyl2v1pAQ&gpic=UID%3D00000d96405a144e%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_Mb7-GVFS4k8qi62VqnuGOOxs0zQFA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=1200992134216&frm=20&pv=1&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tqR6pKiqai&p=https%3A//telegram-downloads.ru&dtd=13
Frame ID: D6145A3FECBE99A6F68218D086C7700C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&h=280&adk=2550612135&adf=3020769239&pi=t.aa~a.245933387~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696240245&rafmt=1&to=qs&pwprc=1275318804&format=1200x280&url=https%3A%2F%2Ftelegram-downloads.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204245229&bpp=1&bdt=1162&idt=0&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48bcaa1e0f69cd79-2224e2fc76e40078%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_MaBpbUoeP6xV5wkmbX_vNyl2v1pAQ&gpic=UID%3D00000d96405a144e%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_Mb7-GVFS4k8qi62VqnuGOOxs0zQFA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=4&correlator=1200992134216&frm=20&pv=1&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=DmBTzvygR5&p=https%3A//telegram-downloads.ru&dtd=22
Frame ID: 647D8F223DCA5925BB27F46FF70D1A68
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Frame ID: 252E48BA9649C1EB0BA3EDC590DE2DEF
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZRoF1AANm34GrTOrAAaa2tvTxVTtarO-9c9Pcg&u=%7CkHQU%2FM0sFPmfJX0P6nL%2BYWf2Lg%2BFAE3MmwDQl8lSgRg%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkpnon-rZw82eH2rx6hJWzWx9iOokkUW12Zuam5YjKS1Cy0e89u7bVOJAvxaK1lbErZsQhi3dfD_aCqtkxwKUgJgLPJKxVwk0rPdeg4H70UsYSvUgpKVQITBhVTxkUSYzDkfFqgKO-bNbAldCNuwxCG4YllXO5tguSJ4OXJeQIn3CFHbL0oYWR0zqUpN7XXXEqKDJAYezAsWwXGCFJv1gj-6rI75Cl9P_WrTzy8JZbLdfFjNp6ETtI2YAMh6R45qbiXVqokgdupIgSH7uCqiuElZ_Ptag405M6sElDedGYGEdDnppqfOlShyTdz3AJnNuj9Wwu5zsLnkclC2lfRqUDS4iPCBTOjwtfbr-vpra9hACLjCiaH7hnoCmtdcTCXSCMnDK7hr6TSrSIK09EO3FJoTkEOLyYbNH4GMhr0vHkHmM6uCG70H-tdFiRvL3ieSnICY83DaBPZDSh01CzaAAz1vGSQNvOgkxQlP0yA837ofCpZJwQdrGdUPwMjvBAUTgMh44jBdzvsIylqi_ZAUqLA2slivSqgdqoLHfPY4Y301Mr71JTrWQNs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyWXq1AUaZf62NqvntOUP2rWa8A-cge-wXNL4t52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE3MzA1MDA1OTg5MjIzMjbIAQmoAwHIAwKqBPkBT9DreJkluFC3XAtPtd6u9WJnkSvUS0U1Af1nc0-9_fLmouGkQ-ANLcJYY3dICfeRqpwGrq2MBVmwGnpFB78cs41bfTZvvsXYjCp4CAsWfu4A1X7QcdIQrhbWlPsou-D7rURkh1vESU1676OCNQVUW_a90nPeabkfi3gu7Y5dGCH_OHBlO3G9ZePR2KGWW5fN7msgyyzFh5PrPgMTt-YmCYSwEtApi3HjR7ifxjQ-gkZDY-yGKQrlJ5JL_cYAXNnTEBAWYn7IBaZ5V7gU1uuP6KAmT8mmc4ivwRzVpQUAfOlxyR_9C-BoJu5jG6KEXR1VmsIGELYy_uzNgAbH1fj0k56AvRSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Tvgrqll21foeZRyNcxPCpJtpqGg%26client%3Dca-pub-1730500598922326%26adurl%3D
Frame ID: 57745EA3740FE5C6351BE91C166AEFD0
Requests: 28 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZRoF1QAEHrwAsz7nAAH5Q_kXokkULpPTeha6Dg&u=%7CSzEvG2f%2BeOlyctjiVycoduTZLAQHHKUw5maNsLieIhE%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cno76PwCYU5ChNmYmO3XJCywOCFOT5oDX5BowUZ5qPf2-O44YvRNxwTa3TNARSJm0ui8_gbqzcn6FHdNeMnWOu8XqH-eHLz8jBcYwvjCR6lM8UtgFrAH_5TUfMs1tJMNclbH5t-jIPx3H4TeJjvQCUib-i4RaLeKLqFaB4Uxrk-1PCYiLonvvu-Fh3PSopw2BNDdEOnm3y6t1RwbeX9CwE2PKQ_Ykjd-yb6w7voZxQoojzGM8aZeR4UvhkArz7A4d1gfcD6qRK6Kw9d1dyRcf_qpGkSVBvlRvQKXFosMA6f-5rnYTCLthFnisYvAUvBdkMd3Rrb-Pqd6zAu0ziNWAoSJ3l_CjX5eJcxA3FN7rwCXfRprlBsbl5DIZOkIuh3FcpR2fSDyx6Wgpf2i2FiK52OWoVcE77aKlVSD4ItDBzvMqM5RHWPL2Vv2KyquLZcV8Pn-dAnHyl7KKefbJ3mVXxVMcIoGPFmyCDzcIXAna5Sfi39c2vSrps2bsZoKwTeeVyG4rneIH8_NbVXo7K-qhu8bq_YKKAm_6CSFEIlMuzWg_QztYxjye6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNmCX1QUaZby9EOf9zLUPw_KHmAacge-wXLLtt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE3MzA1MDA1OTg5MjIzMjbIAQmoAwHIAwKqBP8BT9AI-z_bEPSCRXAVmkeoOaA0V5Er0wDxuuTyyweShiho5VIQOfrmg3C5pAyibgxj7Kps6hnGw0gM-dy29PgFIbR_202XUOKu7sKz-UdSoShZZf5843ZKfonz1Go-b3zRtFnzDpvp-IYV47kNfiCqR_aEhgWX0NQenLe3fYnV3n4U_3sz3hoCQ_BmMr26Esc5fpvldJtMNeK9cD4rQBieOmyMm70-cRTfVdeOLF0Hj1z_0EvQ7vm9keRhsW_wQYP6GQPXHORnzQKM7DdnEEACqtffGmPDsRoIGm72e-1cec4TD6V6NB2QfsArVKt2UdGZBJ9xhwzR1CVVsU-K9xn-gAbH1fj0k56AvRSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1j2GFtpPUX7jtKfq4x4scIz0elvg%26client%3Dca-pub-1730500598922326%26adurl%3D
Frame ID: A28DE31E850659C2EC45F381890A2AB3
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1A1822413CC6A6B5A428E9D1E067239B
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZRoF1QAEIbMJlOf1AAeZ_dJhJ3VLND5AkJMezw&u=%7CSzEvG2f%2BeOlsbQvWOFtyhIMFTjQhRknGalfl9tzYyiQ%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cno76PwCYU5ChNmYmO3XJC_61tGlzd5f5iyrkLv86jRjLnErw8n-EFR2JDvVNfn4eNESzl0QGtKCEMlzoVW5LjeZ-0TZIBQ3SPS-yKEhK4RBNtxe4-tZgen5AqpYI98flKHygzyWrl7jjXAm4zbI3ut2SaLz8XcJLaIKNEO7aVn3C-nxbkyCbiL6rHJHLQXhvMkYFBYLu-ud4-UIgjhhMZAnLxbrzFGcnWJJUID3QCfiiNTKq9Uf_OrYpLCL-k3eKkBaIojc9_p-t3AtfvOj35GFnlrAQCt8ncCMdPh-MHCEK5DKOvCH3sQEc7BxImbc53LU12dWDB5T1djwN0kPrpynCREcXQ9EHVc_1lPRKyNlZB39gTP3xn9mIi-9CmnXfsqzrRpdNbEZFYPkZYReYZiZqYDPYjL6l0rdTgIn-1yq1wjfv8lYLz7kNcyxGD1DOChrHuNuAdH35ldEdGGvHAc-fVdznOcIZMNKHyRZ4VQ-8Pk0seo0V1SQMsJ7ySODPAB05rYhaOwDBhOaPLq35aHWNRjGe2AasPOre_T_gKFM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGz9H1QUaZbPDEPXP0_wP_bOe2Amcge-wXLLtt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE3MzA1MDA1OTg5MjIzMjbIAQmoAwHIAwKqBP8BT9C0vJ9ZSzKdG3DCZtTNWhRdFWf-dZbQLEQ363b7S2T486aOS0uBSHJgCJ3EBWQlbmNaizTsDsRXcI93Bg3SceoxkkFLNqsFktAUmtG88z-aKYJRhEzWauie8IzMp2_HYv1_usFqZ2pG4Es0JGh0-WyU3Y1mFeprrlOZ-NARTgyuDJCKIdnwYg4Jikq7Hbzl9sQAl3hk-pvm7v9MHFnoUs0HR-15z7oxbGPwlCI-lVDR8h80DXFa7Cufw7wVaxMxhQpAVtuiABkaQSdBbIwSsuZh9sSwfDxvWe5Nc4YRJh5TjQf7uJbCSNO6MOtkplLtpCtdwMShclKeR7ElFJMVgAbH1fj0k56AvRSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0SLvyvqK91i998g72_Y_n0UPKKeQ%26client%3Dca-pub-1730500598922326%26adurl%3D
Frame ID: 9A2968B9643E54BA4C4673C3078B129F
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 019CCE07DA2F3AACD9B927402831618F
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZRoF1QAEP_UJlPFVAAM_1SqQOg3-XMPjCxIFUg&u=%7CSzEvG2f%2BeOkKKYatn1SUWJrHvoLkUDuOebVB4hzgz5s%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cno76PwCYU5ChNmYmO3XJCyMbQHmu86R3v8Ps9nFsOSPW0zndyl-5OPTJR-gJzUPsan0vtyf4yItvpS7Ln_H1xiCPAdi1u-5l9mIOrjhfxkUrWr85BHctmDudJmypd2FYLP5d67y5bSOOkZBBRslD7x0RPxC-OZePoTaZFMuUzDi7MhW8tff1NGa6Tz92HwfRNv8Up0_M71WKjFo7kmM_3N5NSqyfnGvX_tnDge98Q1nOGeMlca-t7DN7oLVBkC3h58jeDQBBKTvrTtr46sOrZYOxSLHq9Ubgf66rj0BE7eh124fvF5HhjGIbpiIbHz-g2eAQRyEAM3FNf1ZGAunyfcTYPV-Ju8dizPVz33AYcTwU49u8aCFuwDIfO5ZEEdTpx0OxfIHQsZqmtVn39EYJMZovQLEYOOgeCNI3AiPIlvcm__csekI0ADvGhp3wFfF6a_7W7srHqE1epo59pkHFVLLyMTf0nuniTZLZAvmaKXGIhxXw_VK0t4WRGzKZ0uCNgf82VoSOKXkEGqbPqckRHAIQXsX_v2Q_1biohpQ55fnJ8JCcCdu-fw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKeEZ1QUaZfX_ENXi0_wP1f-MyAucge-wXOLDuM6jAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE3MzA1MDA1OTg5MjIzMjbIAQmoAwHIAwKqBP8BT9CfPBRmG2G4v3aLkRsYGC8zhxtlic91lWUKzGrODNsxrTplawBn-kCCRUhdw2rFSaHk-TdpPf3a3q5j-qAfhoLN0jWIfu7EBO42h_Hd8g_2AsPslpQNyDqydjW_R4DN9Ps77Fo4PvqkGPz1hbQ1t8yXtQ4Rl0JGpFKGv7NIql7QuKFxIdzRkBna-oTX8XspRgjPVaJ3t-3LOU7ImDkT3luMy1gkA4D3iHOoM3dxwdBj-WanoWcT6dAhK6oP9RzLdOfDYdyH0YC0vaq4VwC__txj3Gz_R16k5xrSDLDbplANDLx01qOSUcW8oPjbOLxKl7uQR4Q5VGTjdvxl0LIUgAbH1fj0k56AvRSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Ed1_f6sMfS2TntIHSoj4PzHp6Mg%26client%3Dca-pub-1730500598922326%26adurl%3D
Frame ID: D5426A291DC90A9B33A89954B451C06D
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E021FDA774708DA1AE27367270AC6481
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 57B71EFF83FF6DF1E8A8FFF748BFAAF3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D17BE5180667DEF3E7B31C5AB14F148F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Мессенджер Телеграмм на русском

Page URL History Show full URLs

https://www.telegram-downloads.ru/ HTTP 301
https://telegram-downloads.ru/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

255
Requests

90 %
HTTPS

0 %
IPv6

32
Domains

43
Subdomains

26
IPs

6
Countries

2818 kB
Transfer

5687 kB
Size

46
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://web.telegram.org/
Title: Telegram Web

Search URL Search Domain Scan URL

URL: https://vk.com/share.php?url=https%3A%2F%2Ftelegram-downloads.ru%2F&title=%D0%9C%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC&utm_source=share2
Title: ВКонтакте

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/offer?url=https%3A%2F%2Ftelegram-downloads.ru%2F&title=%D0%9C%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC&utm_source=share2
Title: Одноклассники

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=%D0%9C%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC&url=https%3A%2F%2Ftelegram-downloads.ru%2F&utm_source=share2
Title: Twitter

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=https%3A%2F%2Ftelegram-downloads.ru%2F&text=%D0%9C%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC&utm_source=share2
Title: Telegram

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=org.telegram.messenger

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ru/app/telegram-messenger/id686449807?mt=8

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/ru-ru/store/p/telegram-messenger/9wzdncrdzhs0

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: Powered by WordPress

Search URL Search Domain Scan URL

URL: http://www.templatesnext.org/
Title: templatesnext

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.telegram-downloads.ru/ HTTP 301
https://telegram-downloads.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 156

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEML07B8a9ZemCaW92z4s3T8&google_cver=1&google_push=AXcoOmQexiLdeCmvvwX8JK4lwhopMB02VpRP4KOXBsxzbcdHf-1DxlgpquAvzhWWKXo92pX7ZOfeQIaJzDAXgiNIXL_4-L1rQjQLdWE HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=363a2f7a2f261132&is_secure=true&networkId=14000&version=1&google_gid=CAESEML07B8a9ZemCaW92z4s3T8&google_cver=1&google_push=AXcoOmQexiLdeCmvvwX8JK4lwhopMB02VpRP4KOXBsxzbcdHf-1DxlgpquAvzhWWKXo92pX7ZOfeQIaJzDAXgiNIXL_4-L1rQjQLdWE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGWysp38s0HQMD-nftAAAAAAA&expiration=1696290646&google_cver=1&is_secure=true&google_gid=CAESEML07B8a9ZemCaW92z4s3T8&google_push=AXcoOmQexiLdeCmvvwX8JK4lwhopMB02VpRP4KOXBsxzbcdHf-1DxlgpquAvzhWWKXo92pX7ZOfeQIaJzDAXgiNIXL_4-L1rQjQLdWE

Request Chain 157

https://aep.mxptint.net/sn.ashx?google_gid=CAESEH2jDzVSlV04qz14YuOb0m0&google_cver=1&google_push=AXcoOmTiJ-f76O83U2dRYureIpg1keFtlZUKs5-rr3bOaWYSJbgC-WEE2QvzwMTViGYlYHcAVAHeKpJZb_ThTOov6l1DjDz6YmabLq8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmTiJ-f76O83U2dRYureIpg1keFtlZUKs5-rr3bOaWYSJbgC-WEE2QvzwMTViGYlYHcAVAHeKpJZb_ThTOov6l1DjDz6YmabLq8&google_hm=UjMzNjQ2XzEwOUU0N0ZCM19FOUVCNEJDMA%3D%3D

Request Chain 158

https://um.simpli.fi/gp_match?google_gid=CAESEMjs4jOfrttkToJAxAWj_gc&google_cver=1&google_push=AXcoOmQ35Fs5fU9wJL-4_36S_FWBZT85FertKu6LouA8fAQIE0o3QyJsgh0z-9g0tFec0QFqSBKWC8YgjYaYogjW0upKZjxRX-VrnA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8E605A5C60A0435697265185CC160D3F&google_push=AXcoOmQ35Fs5fU9wJL-4_36S_FWBZT85FertKu6LouA8fAQIE0o3QyJsgh0z-9g0tFec0QFqSBKWC8YgjYaYogjW0upKZjxRX-VrnA

Request Chain 159

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEDoD8UxuNL_tLtY0E2d3kZ8&google_cver=1&google_push=AXcoOmSbRL1rA6aQlT_uVBmaWZehJVr_nWk9ACzfkIoz5NyJG2-mjU2bHK0PjKdqEpJZQEoRpZU8FhxQH97aNuzogWAj0kAZ4RGadg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSbRL1rA6aQlT_uVBmaWZehJVr_nWk9ACzfkIoz5NyJG2-mjU2bHK0PjKdqEpJZQEoRpZU8FhxQH97aNuzogWAj0kAZ4RGadg

Request Chain 160

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEY6St5OvccRGRy6hleHy_I&google_cver=1&google_push=AXcoOmSGOQlQdcC_Mwx9FfJr_04Ns5ve62-pC6wObYQhg1H5PqJrX-LdvA5rm4QsiW-QFV9KYgs2BD6IWet6nk0YKVWD5hLqcDKS5w HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEY6St5OvccRGRy6hleHy_I&google_cver=1&google_push=AXcoOmSGOQlQdcC_Mwx9FfJr_04Ns5ve62-pC6wObYQhg1H5PqJrX-LdvA5rm4QsiW-QFV9KYgs2BD6IWet6nk0YKVWD5hLqcDKS5w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSGOQlQdcC_Mwx9FfJr_04Ns5ve62-pC6wObYQhg1H5PqJrX-LdvA5rm4QsiW-QFV9KYgs2BD6IWet6nk0YKVWD5hLqcDKS5w&google_hm=oyPm_l0aSFKWvGNuSNsR2g==

Request Chain 161

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEFfWb5DJa53D9libKa2-aKI&google_cver=1&google_push=AXcoOmT-zBLPjkuVAW2n_doyKvV7VsDAgn3t6GZ_rd2Q5AoZJ8gNs0GCAiq5r7IDm7v3NOxXBlWqG7J-8YRj3aClHH6cnynKhOFmbuxM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=oLxS8x94uEOMaaAUnJyXzQ&google_push=AXcoOmT-zBLPjkuVAW2n_doyKvV7VsDAgn3t6GZ_rd2Q5AoZJ8gNs0GCAiq5r7IDm7v3NOxXBlWqG7J-8YRj3aClHH6cnynKhOFmbuxM

Request Chain 162

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEGEbLGN9HeOr33-t-bw1AWo&google_cver=1&google_push=AXcoOmSt66lanoJzM119yixwvRe7uO27oVUbMIsfWkaZzh_z2wcZGt6J55Gb5nx5S0F2otPbgxClYv4yNykTivt7aSVQXnm1vekjSr4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSt66lanoJzM119yixwvRe7uO27oVUbMIsfWkaZzh_z2wcZGt6J55Gb5nx5S0F2otPbgxClYv4yNykTivt7aSVQXnm1vekjSr4

Request Chain 164

https://aep.mxptint.net/sn.ashx?google_gid=CAESEM0FsejYAb-4cfe5gAyzNkI&google_cver=1&google_push=AXcoOmQDFHpUO_dem2qpL0bFesAzfTY72vAuwvcXbRG6C5duGQwKUUmYnRZ5vdiZqfbDMwC8RfJ0Wr7Sb6V0hcj-cTZJON_UVc1kbg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQDFHpUO_dem2qpL0bFesAzfTY72vAuwvcXbRG6C5duGQwKUUmYnRZ5vdiZqfbDMwC8RfJ0Wr7Sb6V0hcj-cTZJON_UVc1kbg&google_hm=UjMzNjQ1XzEwOUU0N0ZCM19FQTYwRjk5Qw%3D%3D

Request Chain 165

https://ads.travelaudience.com/google_pixel?google_gid=CAESENSDhpoDqW_K15CZA2IN6m0&google_cver=1&google_push=AXcoOmT_BKTU8M0u-2AbZWDDPEiAoQKzoXzdhhGU55EPIS_SAYGqZB8veCOeA8d4bHiYX2Qbxaz5OObdk5pWbAmPSIoxXOuGHi-kbEk HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BE_mlOg3TXs9Bs1ZKoNLDQ&google_push=AXcoOmT_BKTU8M0u-2AbZWDDPEiAoQKzoXzdhhGU55EPIS_SAYGqZB8veCOeA8d4bHiYX2Qbxaz5OObdk5pWbAmPSIoxXOuGHi-kbEk

Request Chain 166

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEKzqcVHR2ZIDla9IjuD6SdA&google_cver=1&google_push=AXcoOmSrseNCYAr5FahRCCfeZjHuC-EtMxZ5zCWsy0de8F9UGXxRCo0gOdUfh0_-F5lk2lCvp5aSK1capcW7UgIbf9aJVDFYk6MYOfU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=Q-Kq1T4q7zNkyT_dn-ltMc&tap=gAds&google_gid=CAESEKzqcVHR2ZIDla9IjuD6SdA&google_cver=1&google_push=AXcoOmSrseNCYAr5FahRCCfeZjHuC-EtMxZ5zCWsy0de8F9UGXxRCo0gOdUfh0_-F5lk2lCvp5aSK1capcW7UgIbf9aJVDFYk6MYOfU

Request Chain 167

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBEImG2UC0e0oVO0xn9AuJw&google_cver=1&google_push=AXcoOmToMhwm6Ov9w6KqPC-Z4KFYvSUk8_YNMbQ6l0VYIXgEWcyQ3FSfej73q3n3vXjt-da9ne_iXe3ICpskODZoQLSC59W_S8Jy_g HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBEImG2UC0e0oVO0xn9AuJw&google_cver=1&google_push=AXcoOmToMhwm6Ov9w6KqPC-Z4KFYvSUk8_YNMbQ6l0VYIXgEWcyQ3FSfej73q3n3vXjt-da9ne_iXe3ICpskODZoQLSC59W_S8Jy_g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjEzOTU4MzU2MDczMjE1MDM5Mw&google_push=AXcoOmToMhwm6Ov9w6KqPC-Z4KFYvSUk8_YNMbQ6l0VYIXgEWcyQ3FSfej73q3n3vXjt-da9ne_iXe3ICpskODZoQLSC59W_S8Jy_g

Request Chain 169

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEBH-a8IZYLzhsXS8PXP_wSI&google_cver=1&google_push=AXcoOmSnIg9QT8qEYF9zgECSL0jIaqf0SwR67JfwBQA_ehsjT-LpKXTHz8WL9PgJqA8d1kvGs3hR3MmD7clGUhMEh4xHb93wOg0Iwls HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=dISjD0srWlVGuKnQKPQfawW16oQ&google_push=AXcoOmSnIg9QT8qEYF9zgECSL0jIaqf0SwR67JfwBQA_ehsjT-LpKXTHz8WL9PgJqA8d1kvGs3hR3MmD7clGUhMEh4xHb93wOg0Iwls

Request Chain 170

https://an.yandex.ru/mapuid/google/CAESECiqdgpCObnyfa50sIe_4i0?ext-param=AXcoOmSMaG8YWP81rXxHW5AjYMqb3GpX_gTHIw7tfqH7v677htcMn9jaYXalmqXLM-zNgOwZ8TJadxBl0FL9jKSl6RPRJy44EW7OAG8&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESECiqdgpCObnyfa50sIe_4i0?redir-setuniq=1&ext-param=AXcoOmSMaG8YWP81rXxHW5AjYMqb3GpX_gTHIw7tfqH7v677htcMn9jaYXalmqXLM-zNgOwZ8TJadxBl0FL9jKSl6RPRJy44EW7OAG8&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESECiqdgpCObnyfa50sIe_4i0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 178

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEpN-ncXHThcOB1WzNLDukE&google_cver=1&google_push=AXcoOmR7P3TMzXB01y7Zm1sMrYbe59zvk9kn746jIAV739K26cJWGTG1SkZZc-StD5cgUGRu8tyPcAPlAbPFXxHtoyl4B0ZP5y9AaGw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NjkyMTY0Nzc4NDY4NjM4Njc1Mg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEpN-ncXHThcOB1WzNLDukE&google_cver=1

Request Chain 179

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMyywTmh639pLGcMqfTOppA&google_cver=1&google_push=AXcoOmQVfaj-eI3beiC7zYeF9Cl2GLeUvRhBOic-O05P94Lwe_Is-nIAjwdL_KFlmBsU0a48Jr_eYdB6f8Z9qNji-xDknmu8L9OrzBM HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMyywTmh639pLGcMqfTOppA&google_cver=1&google_push=AXcoOmQVfaj-eI3beiC7zYeF9Cl2GLeUvRhBOic-O05P94Lwe_Is-nIAjwdL_KFlmBsU0a48Jr_eYdB6f8Z9qNji-xDknmu8L9OrzBM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bTc4eEtIY2gxUU42ZDA1&google_gid=CAESEMyywTmh639pLGcMqfTOppA&google_cver=1&google_push=AXcoOmQVfaj-eI3beiC7zYeF9Cl2GLeUvRhBOic-O05P94Lwe_Is-nIAjwdL_KFlmBsU0a48Jr_eYdB6f8Z9qNji-xDknmu8L9OrzBM

Request Chain 180

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEIO4BTWKe2bDIxYhdWnhwKk&google_cver=1&google_push=AXcoOmRqrrHU0TUfYAHLuaMSkzyi7QTc6fJbfhLFQ_ZNnEewkgdpHCwG_EqR33bXP4BeZYkuBXU1CNSzG16vG688-nSCIusaAi4myWQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRqrrHU0TUfYAHLuaMSkzyi7QTc6fJbfhLFQ_ZNnEewkgdpHCwG_EqR33bXP4BeZYkuBXU1CNSzG16vG688-nSCIusaAi4myWQ

Request Chain 181

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHkLfgitfsWX4pESDo6YWxc&google_cver=1&google_push=AXcoOmS2ofHF2r0fd-selcUjpYUMGQISPHUVaL9hOVlxHhJWZRTa1J196RPPVz5ihLBJAjgXH_wCJ-apVYe-kM3SsatWzoPa6JJR3tw HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEHkLfgitfsWX4pESDo6YWxc&google_cver=1&google_push=AXcoOmS2ofHF2r0fd-selcUjpYUMGQISPHUVaL9hOVlxHhJWZRTa1J196RPPVz5ihLBJAjgXH_wCJ-apVYe-kM3SsatWzoPa6JJR3tw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDU1NGI0MDYtOGNhOS00YjZiLWI1MTEtYmYyNmEyYzgyM2E0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d554b406-8ca9-4b6b-b511-bf26a2c823a4

Request Chain 182

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEPDE1VqmCd8wRVMW0ckZ0f4&google_cver=1&google_push=AXcoOmS1ZEXHiirJaB-jChyp9xgn1--5f0AFJ-qTypIuoQ9uAzn2-M74224T-dqhWLgoOz_jLEka9k9QPP9Rw0sgOUAysBKgRYqz12U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=835116527841&us_privacy=1---

Request Chain 184

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQHgIDrGtxizKJ_eEpLFBfk8QkxaLwywKdVwjY_4kVQtBxUm9DReWbagn9ksiAfHh0jKog3P4dZ_RJqpRFI_PhKWeLu17OPcbhJ&google_gid=CAESEKi48oWOhnZOcETllbHz_TE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKi48oWOhnZOcETllbHz_TE&google_hm=T1BVMjEwM2Y5MTk2YWY2NDVlZmI3MDNlZGYyMjA1NDIyN2I&google_nid=opera_norway_as&google_push=AXcoOmQHgIDrGtxizKJ_eEpLFBfk8QkxaLwywKdVwjY_4kVQtBxUm9DReWbagn9ksiAfHh0jKog3P4dZ_RJqpRFI_PhKWeLu17OPcbhJ

Request Chain 244

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10143.3wK_sAltChnXHWN8AmMJp0YGDk5Dk2el7z821grDYrK1wtt6wdHxA_F7o4n9vtih.s-rvh2wWi05HaU4zztfzuAaSBFo%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10143.uzmyWKs2_k2gO6lVL8yfniycvBZqzpnj0zan3IAdvR0eteu8WAZkS7tW9bgxbhGrZTV9AsBIOgtrTqXWfxSHdUIflQksQJKtfkbr4a7wezejjJQcvH3LIgIsNLDiAp9d.uTlBZWmIMXQRe4dlKw9aDSHun-s%2C

Request Chain 253

https://mc.yandex.com/watch/32869030?wmode=7&page-url=https%3A%2F%2Ftelegram-downloads.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3wcjej5lmwx5238tghrt8yj%3Afp%3A5811%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1120%3Acn%3A1%3Adp%3A0%3Als%3A40811421284%3Ahid%3A681422274%3Az%3A-600%3Ai%3A20231001135046%3Aet%3A1696204247%3Ac%3A1%3Arn%3A833676961%3Arqn%3A1%3Au%3A1696204247270091362%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C1223%2C1%2C3608%2C0%2C%2C1478%2C11%2C%2C%2C%2C6676%3Aco%3A0%3Acpf%3A1%3Ans%3A1696204238861%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1696204247%3At%3A%D0%9C%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/32869030/1?wmode=7&page-url=https%3A%2F%2Ftelegram-downloads.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3wcjej5lmwx5238tghrt8yj%3Afp%3A5811%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1120%3Acn%3A1%3Adp%3A0%3Als%3A40811421284%3Ahid%3A681422274%3Az%3A-600%3Ai%3A20231001135046%3Aet%3A1696204247%3Ac%3A1%3Arn%3A833676961%3Arqn%3A1%3Au%3A1696204247270091362%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C1223%2C1%2C3608%2C0%2C%2C1478%2C11%2C%2C%2C%2C6676%3Aco%3A0%3Acpf%3A1%3Ans%3A1696204238861%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1696204247%3At%3A%D0%9C%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

255 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
telegram-downloads.ru/
Redirect Chain

https://www.telegram-downloads.ru/
https://telegram-downloads.ru/

53 KB
13 KB

1589ms
1223ms

Document
text/html

92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 35b6a2c1e1e5a59639fe8d6b833275d300c9471217f3e52551063bc6b058f909

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 01 Oct 2023 23:50:43 GMT
link: <https://telegram-downloads.ru/wp-json/>; rel="https://api.w.org/" <https://telegram-downloads.ru/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json" <https://telegram-downloads.ru/>; rel=shortlink
server: nginx/1.22.1
vary: Accept-Encoding
x-pingback: https://telegram-downloads.ru/xmlrpc.php

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 01 Oct 2023 23:50:42 GMT
location: https://telegram-downloads.ru/
server: nginx/1.22.1
x-pingback: https://telegram-downloads.ru/xmlrpc.php
x-redirect-by: WordPress

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 388ms
51ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

576536ae0277db245d4e8f215a974bed736813b838808f3b5cf68cbd4f849d9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50908
x-xss-protection: 0
server: cafe
etag: 6480516375299939218
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 01 Oct 2023 23:50:44 GMT

GET
H2 200 style.min.css
telegram-downloads.ru/wp-includes/css/dist/block-library/ 102 KB
14 KB 188ms
184ms Stylesheet
text/css 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 06:07:00 GMT
server: nginx/1.22.1
etag: W/"64f17f84-19824"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 styles.css
telegram-downloads.ru/wp-content/plugins/related-posts-by-taxonomy/includes/assets/css/ 416 B
593 B 189ms
185ms Stylesheet
text/css 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-content/plugins/related-posts-by-taxonomy/includes/assets/css/styles.css?ver=6.3.1
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 715d95401a0252ab3f290b8d318f8f6bfd0bf1163f025767fa065200c5e6f883

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
last-modified: Tue, 06 Oct 2020 12:38:27 GMT
server: nginx/1.22.1
etag: "5f7c6543-1a0"
content-type: text/css
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 416
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 359ms
23ms Stylesheet
text/css 142.250.176.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRoboto%3A300%2C400%2C700&subset=latin%2Clatin-ext

Requested by

Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f10.1e100.net

Software

ESF /

Resource Hash

c5579ea3a0da7420e4b96ec3b03932a2798fe91f2fef3ff60c681f52a93a6beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://telegram-downloads.ru/
Origin: https://telegram-downloads.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 01 Oct 2023 23:50:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 01 Oct 2023 23:50:44 GMT

GET
H2 200 genericons.css
telegram-downloads.ru/wp-content/themes/i-excel/fonts/ 22 KB
14 KB 314ms
310ms Stylesheet
text/css 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-content/themes/i-excel/fonts/genericons.css?ver=2.09
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: aa7172f296b0076148f1300f0118dda32861d0ed081fd24967330e22ef4f3422

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2016 05:55:10 GMT
server: nginx/1.22.1
etag: W/"57ce5a3e-5874"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 animate.min.css
telegram-downloads.ru/wp-content/themes/i-excel/css/ 41 KB
3 KB 315ms
311ms Stylesheet
text/css 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-content/themes/i-excel/css/animate.min.css?ver=2014-01-12
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: acd4dcf96c8b5f8b2ff506897cbc8f07ba0d30248b6f19b58c66d5a70f132821

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2016 05:55:10 GMT
server: nginx/1.22.1
etag: W/"57ce5a3e-a29a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 jquery.sidr.dark.css
telegram-downloads.ru/wp-content/themes/i-excel/css/ 3 KB
1 KB 316ms
312ms Stylesheet
text/css 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-content/themes/i-excel/css/jquery.sidr.dark.css?ver=2014-01-12
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 87d948f7ba0a81d921cd7a6d43af7ceb48de5728a7aaeb13259505174dff5585

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2016 05:55:10 GMT
server: nginx/1.22.1
etag: W/"57ce5a3e-ce8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 owl.carousel.css
telegram-downloads.ru/wp-content/themes/i-excel/css/ 1 KB
716 B 317ms
313ms Stylesheet
text/css 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-content/themes/i-excel/css/owl.carousel.css?ver=2014-01-12
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 4dc77ee90dc2225b57b31d28fe06213cd6c491bdc7249a6e70ebd003b72c5702

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2016 05:55:10 GMT
server: nginx/1.22.1
etag: W/"57ce5a3e-5c4"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 owl.theme.css
telegram-downloads.ru/wp-content/themes/i-excel/css/ 2 KB
795 B 317ms
314ms Stylesheet
text/css 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-content/themes/i-excel/css/owl.theme.css?ver=2014-01-12
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 91ee720f3c25ec6b209d88019c20e2592340ff1fe1c94f3d5431e5fd1e77e5dc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2016 05:55:10 GMT
server: nginx/1.22.1
etag: W/"57ce5a3e-681"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 owl.transitions.css
telegram-downloads.ru/wp-content/themes/i-excel/css/ 4 KB
883 B 318ms
315ms Stylesheet
text/css 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-content/themes/i-excel/css/owl.transitions.css?ver=2014-01-12
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 711bc5b0b8c40e39b2560e65797d175e72a89b49ebbc266a7c7b581c4bec4b21

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2016 05:55:10 GMT
server: nginx/1.22.1
etag: W/"57ce5a3e-117c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 style.css
telegram-downloads.ru/wp-content/themes/i-excel/ 83 KB
16 KB 319ms
316ms Stylesheet
text/css 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-content/themes/i-excel/style.css?ver=2015-07-18
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 47cd7f45a1fe9ae9be9aeb2fd4217525641a5e700e0385d611aaa3a62b4c3827

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: gzip
last-modified: Tue, 24 Jul 2018 04:45:14 GMT
server: nginx/1.22.1
etag: W/"5b56aeda-14d56"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 extra-style.css
telegram-downloads.ru/wp-content/themes/i-excel/css/ 39 B
215 B 320ms
317ms Stylesheet
text/css 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-content/themes/i-excel/css/extra-style.css?ver=2015-03-11
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 23dd2d1955758674e3fd92ee81b94a47e2988781f0a6d7763fdf7e2b906486bd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
last-modified: Tue, 06 Sep 2016 05:55:10 GMT
server: nginx/1.22.1
etag: "57ce5a3e-27"
content-type: text/css
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 39
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 kirki-styles.css
telegram-downloads.ru/wp-content/themes/i-excel/inc/kirki/assets/css/ 0
165 B 320ms
318ms Stylesheet
text/css 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-content/themes/i-excel/inc/kirki/assets/css/kirki-styles.css
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
last-modified: Tue, 06 Sep 2016 05:55:10 GMT
server: nginx/1.22.1
etag: "57ce5a3e-0"
content-type: text/css
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 0
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 jquery.min.js Show response
telegram-downloads.ru/wp-includes/js/jquery/ 85 KB
30 KB 322ms
319ms Script
application/x-javascript 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 06:06:59 GMT
server: nginx/1.22.1
etag: W/"64f17f83-155ba"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 jquery-migrate.min.js Show response
telegram-downloads.ru/wp-includes/js/jquery/ 13 KB
5 KB 441ms
438ms Script
application/x-javascript 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 06:06:59 GMT
server: nginx/1.22.1
etag: W/"64f17f83-3509"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 vertical.css
telegram-downloads.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/themes/ 2 KB
777 B 320ms
318ms Stylesheet
text/css 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-content/plugins/wordpress-23-related-posts-plugin/static/themes/vertical.css?version=3.6.4
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 376fd1eb7ae817a27cacf8d720f71050c406824a87f606c775beba4ef04795da

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: gzip
last-modified: Wed, 25 Jul 2018 07:12:50 GMT
server: nginx/1.22.1
etag: W/"5b5822f2-83a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 openapi.js Show response
vk.com/js/api/ 104 KB
31 KB 451ms
214ms Script
application/x-javascript 93.186.225.194
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?136
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.186.225.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: 2f7760ee2b81f4659c6f34ada0f7a7d263c2ce6035c2b5f4b082fac60802897e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: gzip
x-frontend: front605110
last-modified: Fri, 02 Dec 2022 07:14:40 GMT
server: kittenx
etag: W/"6389a5e0-1a018"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
expires: Thu, 05 Oct 2023 23:50:44 GMT

GET
H2 200 telegram_logo_2.png
telegram-downloads.ru/wp-content/uploads/2015/11/ 10 KB
10 KB 146ms
145ms Image
image/png 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram-downloads.ru/wp-content/uploads/2015/11/telegram_logo_2.png
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 53ce1143e5a93c4c9528d1e604c59ac7aaaf635ddaeceb3e28e7de292fd0a4db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
last-modified: Sun, 01 Nov 2015 04:57:15 GMT
server: nginx/1.22.1
etag: "56359bab-27bd"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 10173
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 telegram-downloads.png
telegram-downloads.ru/wp-content/uploads/2018/07/ 4 KB
5 KB 147ms
146ms Image
image/png 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram-downloads.ru/wp-content/uploads/2018/07/telegram-downloads.png
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 29002fccb9419eecb104bc8537d1e375f80cdc6b728bc7e6ce91e4e6d78f5add

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
last-modified: Mon, 23 Jul 2018 12:47:57 GMT
server: nginx/1.22.1
etag: "5b55ce7d-11d6"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 4566
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 telegram-downloads-android-01.png
telegram-downloads.ru/wp-content/uploads/2015/09/ 56 KB
56 KB 440ms
439ms Image
image/png 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram-downloads.ru/wp-content/uploads/2015/09/telegram-downloads-android-01.png
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: bbd18ec584cf2bc9039d97c29cfa58141f53cf65f0307c128d204fd06a081884

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
last-modified: Sun, 18 Oct 2015 05:08:19 GMT
server: nginx/1.22.1
etag: "56232943-e0d5"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 57557
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 telegram-downloads-ios-01.png
telegram-downloads.ru/wp-content/uploads/2015/09/ 87 KB
87 KB 134ms
133ms Image
image/png 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram-downloads.ru/wp-content/uploads/2015/09/telegram-downloads-ios-01.png
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 64ae7ca3ce2453c619a36968a7c29593e0aa4fcf3972d14655dadbe08fe8c71c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
last-modified: Sun, 18 Oct 2015 05:07:39 GMT
server: nginx/1.22.1
etag: "5623291b-15aa9"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 88745
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 es5-shims.min.js Show response
yastatic.net/es5-shims/0.0.2/ 3 KB
2 KB 646ms
112ms Script
application/x-javascript 178.154.131.217
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/es5-shims/0.0.2/es5-shims.min.js

Requested by

Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

40f09dcdb226fb60428bfe107e02f6c50db1561694264b0144e0155f9f3e4140

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
last-modified: Thu, 25 Oct 2018 11:27:00 GMT
server: nginx/1.17.9
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: W/"32e3b4f3a8f6048da9934fec1ca08cea"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
x-nginx-request-id: 05316b4553e1d3a0
timing-allow-origin: *
expires: Wed, 04 Oct 2023 11:47:19 GMT

GET
H2 200 share.js Show response
yastatic.net/share2/ 145 KB
39 KB 761ms
234ms Script
application/javascript 178.154.131.217
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/share2/share.js

Requested by

Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

73f50f75f8e010529d7194189dcce691ffb68d79b50f089df97970684398f8c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Jun 2023 22:37:42 GMT
server: nginx/1.17.9
etag: W/"d3196e5fdf7ec9c1102756335bb32ed6"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=216009
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 04 Oct 2023 11:47:26 GMT

GET
H2 200 google_play_store_btn.png
telegram-downloads.ru/wp-content/uploads/2016/10/ 10 KB
11 KB 137ms
136ms Image
image/png 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram-downloads.ru/wp-content/uploads/2016/10/google_play_store_btn.png
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 6a4eb582f08a6dadd26fe22f3b4a94d6fbeafb2e9d09ffb477e5a1a784893d1e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
last-modified: Wed, 19 Oct 2016 05:49:57 GMT
server: nginx/1.22.1
etag: "58070985-297b"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 10619
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 ios_app_store_btn.png
telegram-downloads.ru/wp-content/uploads/2016/10/ 8 KB
8 KB 138ms
137ms Image
image/png 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram-downloads.ru/wp-content/uploads/2016/10/ios_app_store_btn.png
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: fd24dd19e95655fe037d3b5a68d620e718de6ad1f330180239ebfa39840b33ec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
last-modified: Wed, 19 Oct 2016 05:49:59 GMT
server: nginx/1.22.1
etag: "58070987-205b"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 8283
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 windows_store_btn.png
telegram-downloads.ru/wp-content/uploads/2016/10/ 6 KB
6 KB 138ms
138ms Image
image/png 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram-downloads.ru/wp-content/uploads/2016/10/windows_store_btn.png
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 7d23a623cd2fe539453dda5d31bcea29bfaff024f454ad4d986a9c5e2ca2a7aa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
last-modified: Wed, 19 Oct 2016 05:49:56 GMT
server: nginx/1.22.1
etag: "58070984-18d7"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 6359
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 win.png
telegram-downloads.ru/wp-content/uploads/2016/10/ 6 KB
6 KB 140ms
132ms Image
image/png 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram-downloads.ru/wp-content/uploads/2016/10/win.png
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: d9f09cc8c4f98a6c6a1817ce27cdb2ce90ac239de55c8f2eebe0b04c70658c0a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
last-modified: Thu, 20 Oct 2016 02:25:25 GMT
server: nginx/1.22.1
etag: "58082b15-17b9"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 6073
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 osx.png
telegram-downloads.ru/wp-content/uploads/2016/10/ 10 KB
10 KB 140ms
133ms Image
image/png 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram-downloads.ru/wp-content/uploads/2016/10/osx.png
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 6ff80b76ab435969787816198f51f1096b75efb19b378f113ff37db5f7e172b4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
last-modified: Thu, 20 Oct 2016 02:25:27 GMT
server: nginx/1.22.1
etag: "58082b17-2717"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 10007
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 linux.png
telegram-downloads.ru/wp-content/uploads/2016/10/ 9 KB
9 KB 135ms
133ms Image
image/png 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram-downloads.ru/wp-content/uploads/2016/10/linux.png
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 8a80101c29f5cb363aaeecf76b1145d01252caf78a961fe3bba08e72ba5a97b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
last-modified: Thu, 20 Oct 2016 02:25:23 GMT
server: nginx/1.22.1
etag: "58082b13-248f"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 9359
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 tonline.png
telegram-downloads.ru/wp-content/uploads/2016/10/ 6 KB
7 KB 136ms
134ms Image
image/png 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram-downloads.ru/wp-content/uploads/2016/10/tonline.png
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 5c5579542540957ffa4cdb8b5f16f77e748708cee95e81df5d7ca16a61a009be

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
last-modified: Thu, 20 Oct 2016 02:40:21 GMT
server: nginx/1.22.1
etag: "58082e95-19dc"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 6620
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 shortcodes.css
telegram-downloads.ru/wp-content/plugins/shortcodes-ultimate/includes/css/ 44 KB
8 KB 136ms
130ms Stylesheet
text/css 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css?ver=5.13.2
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 41e8d373b9d97d2006ac7790c8962b71668574e1342cd834ee9e6f40302bc7e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 06:08:39 GMT
server: nginx/1.22.1
etag: W/"64f17fe7-b1e3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 imagesloaded.min.js Show response
telegram-downloads.ru/wp-includes/js/ 5 KB
2 KB 167ms
161ms Script
application/x-javascript 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: gzip
last-modified: Mon, 17 Aug 2020 05:26:34 GMT
server: nginx/1.22.1
etag: W/"5f3a150a-15fd"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 masonry.min.js Show response
telegram-downloads.ru/wp-includes/js/ 24 KB
7 KB 168ms
162ms Script
application/x-javascript 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: gzip
last-modified: Mon, 17 Aug 2020 05:26:33 GMT
server: nginx/1.22.1
etag: W/"5f3a1509-5e4a"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 jquery.masonry.min.js Show response
telegram-downloads.ru/wp-includes/js/jquery/ 2 KB
915 B 169ms
163ms Script
application/x-javascript 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: gzip
last-modified: Wed, 07 Sep 2016 16:45:07 GMT
server: nginx/1.22.1
etag: W/"57d04413-71b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 waypoints.min.js Show response
telegram-downloads.ru/wp-content/themes/i-excel/js/ 8 KB
3 KB 169ms
164ms Script
application/x-javascript 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-content/themes/i-excel/js/waypoints.min.js?ver=2014-01-13
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2016 05:55:10 GMT
server: nginx/1.22.1
etag: W/"57ce5a3e-1f6c"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 jquery.sidr.min.js Show response
telegram-downloads.ru/wp-content/themes/i-excel/js/ 4 KB
2 KB 170ms
165ms Script
application/x-javascript 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-content/themes/i-excel/js/jquery.sidr.min.js?ver=2014-01-13
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 7fbb7d0e3338e89ebead71b921eb04443793b56bbdd434e2e5cf58ecf5991b96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2016 05:55:10 GMT
server: nginx/1.22.1
etag: W/"57ce5a3e-e59"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 owl.carousel.min.js Show response
telegram-downloads.ru/wp-content/themes/i-excel/js/ 23 KB
6 KB 131ms
130ms Script
application/x-javascript 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-content/themes/i-excel/js/owl.carousel.min.js?ver=2014-01-13
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2016 05:55:10 GMT
server: nginx/1.22.1
etag: W/"57ce5a3e-5d52"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 functions.js Show response
telegram-downloads.ru/wp-content/themes/i-excel/js/ 8 KB
3 KB 132ms
132ms Script
application/x-javascript 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-content/themes/i-excel/js/functions.js?ver=2013-07-18
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 0349039c1463d4c9ff88fb49ad54b6d79817fd47d39b70d8d013dd08be0ff60f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2016 05:55:10 GMT
server: nginx/1.22.1
etag: W/"57ce5a3e-1f4a"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET jquery.fancybox.css
telegram-downloads.ru/wp-content/plugins/fancy-box/ 0
0

GET
BLOB 200
OK b8efbd72-f51e-4629-93ab-aded4abe1730
https://telegram-downloads.ru/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://telegram-downloads.ru/b8efbd72-f51e-4629-93ab-aded4abe1730
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/ 380 KB
129 KB 57ms
55ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078272

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

1c403ddc0fc4b4c8b6f208fa48ed814982c0968003cbd748b4d5f83e8ef2618a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131734
x-xss-protection: 0
server: cafe
etag: 2641544760539902059
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Oct 2023 23:50:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/ Frame 7013 10 KB
5 KB 330ms
7ms Document
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegram-downloads.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 39450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 Oct 2023 12:53:14 GMT
etag: 2603938475786422795
expires: Sun, 15 Oct 2023 12:53:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET jquery.fancybox.js
telegram-downloads.ru/wp-content/plugins/fancy-box/ 0
0

GET jquery.easing.js
telegram-downloads.ru/wp-content/plugins/fancy-box/ 0
0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 341ms
15ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRoboto%3A300%2C400%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://telegram-downloads.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 18:21:57 GMT
x-content-type-options: nosniff
age: 278927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Sep 2024 18:21:57 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 333ms
7ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRoboto%3A300%2C400%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://telegram-downloads.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 21:05:08 GMT
x-content-type-options: nosniff
age: 96336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 21:05:08 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v36/ 26 KB
26 KB 334ms
9ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRoboto%3A300%2C400%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

a1f50e52a7fda97827e6e3d2cd3bb2788a68a78296728fa2592be8e89d54b5b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://telegram-downloads.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 19:03:46 GMT
x-content-type-options: nosniff
age: 276418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26640
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Sep 2024 19:03:46 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 34ms
32ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

c5ec1d74e9960ddf0b8f42a7eb1bb25a865bb87055eca7baac378c8cba0a368a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50905
x-xss-protection: 0
server: cafe
etag: 17360371894950067677
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 01 Oct 2023 23:50:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 327ms
14ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRoboto%3A300%2C400%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://telegram-downloads.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:52:27 GMT
x-content-type-options: nosniff
age: 334697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9576
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Sep 2024 02:52:27 GMT

GET
H2 200 telegram-downloads-desktop-01.png
telegram-downloads.ru/wp-content/uploads/2015/09/ 192 KB
192 KB 136ms
135ms Image
image/png 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram-downloads.ru/wp-content/uploads/2015/09/telegram-downloads-desktop-01.png
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/wp-content/themes/i-excel/style.css?ver=2015-07-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 0ce4c7e332dbdd5b216860555987671ff4bce874a7b0bfc86cac97877ae27e86

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/wp-content/themes/i-excel/style.css?ver=2015-07-18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
last-modified: Sun, 18 Oct 2015 05:07:13 GMT
server: nginx/1.22.1
etag: "56232901-2fe03"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 196099
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 telegram-downloads-wp-01.png
telegram-downloads.ru/wp-content/uploads/2015/09/ 42 KB
42 KB 139ms
138ms Image
image/png 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram-downloads.ru/wp-content/uploads/2015/09/telegram-downloads-wp-01.png
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 0ced96ff4e9ca6e1e445292b4f1ea2fe27751ca9efab53e46c88bc0d991c1956

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:44 GMT
last-modified: Sun, 18 Oct 2015 05:07:29 GMT
server: nginx/1.22.1
etag: "56232911-a917"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 43287
expires: Wed, 01 Nov 2023 23:50:44 GMT

GET
H2 200 telegram-downloads-private-150x150.gif
telegram-downloads.ru/wp-content/uploads/2015/09/ 9 KB
9 KB 130ms
128ms Image
image/gif 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram-downloads.ru/wp-content/uploads/2015/09/telegram-downloads-private-150x150.gif
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: b6118b7facbae60d5f5f668041a9ffac4ef1c9ffdf34619b7237f94b0012f9a6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
last-modified: Thu, 15 Oct 2015 12:01:28 GMT
server: nginx/1.22.1
etag: "561f9598-23f9"
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 9209
expires: Wed, 01 Nov 2023 23:50:45 GMT

GET
H2 200 telegram-downloads-selfdestruct-01-150x150.png
telegram-downloads.ru/wp-content/uploads/2015/09/ 8 KB
9 KB 132ms
130ms Image
image/png 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram-downloads.ru/wp-content/uploads/2015/09/telegram-downloads-selfdestruct-01-150x150.png
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 1c820892faeda85eee6d2fb3174dba0ac92dd428f483eba244f94879bf8f1f0e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
last-modified: Sun, 18 Oct 2015 05:07:05 GMT
server: nginx/1.22.1
etag: "562328f9-21f8"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 8696
expires: Wed, 01 Nov 2023 23:50:45 GMT

GET
H2 200 telegram-downloads-fast-01-150x150.png
telegram-downloads.ru/wp-content/uploads/2015/09/ 11 KB
11 KB 134ms
132ms Image
image/png 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram-downloads.ru/wp-content/uploads/2015/09/telegram-downloads-fast-01-150x150.png
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 6a64a4720bae4dd029bc72fc635193cbedc765e9b7753eb6c4ba901100f84720

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
last-modified: Sun, 18 Oct 2015 05:06:58 GMT
server: nginx/1.22.1
etag: "562328f2-2a9e"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 10910
expires: Wed, 01 Nov 2023 23:50:45 GMT

GET
H2 200 telegram-downloads-store-01-150x150.png
telegram-downloads.ru/wp-content/uploads/2015/09/ 9 KB
9 KB 136ms
134ms Image
image/png 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram-downloads.ru/wp-content/uploads/2015/09/telegram-downloads-store-01-150x150.png
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 665f87fd4e9610c1ce7ceae8c034c75defb868b9c49f414e619d14cca8f24c21

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
last-modified: Sun, 18 Oct 2015 05:06:53 GMT
server: nginx/1.22.1
etag: "562328ed-22f7"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 8951
expires: Wed, 01 Nov 2023 23:50:45 GMT

GET
H2 200 telegram-downloads-encrypt-01-150x150.png
telegram-downloads.ru/wp-content/uploads/2015/09/ 8 KB
8 KB 135ms
134ms Image
image/png 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram-downloads.ru/wp-content/uploads/2015/09/telegram-downloads-encrypt-01-150x150.png
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 66a2e73c881946fba831b0e9ecea9e6052b3cb1120c06f0878d33bc9aeccbb34

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
last-modified: Sun, 18 Oct 2015 05:06:48 GMT
server: nginx/1.22.1
etag: "562328e8-2038"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 8248
expires: Wed, 01 Nov 2023 23:50:45 GMT

GET
H2 200 telegram-downloads-free-01-150x150.png
telegram-downloads.ru/wp-content/uploads/2015/09/ 10 KB
10 KB 136ms
136ms Image
image/png 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram-downloads.ru/wp-content/uploads/2015/09/telegram-downloads-free-01-150x150.png
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 2c7e4120346bae58e30b8b2a3a0c512422a0f52bab1a6b6117b3e8c98805cba7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
last-modified: Sun, 18 Oct 2015 05:06:43 GMT
server: nginx/1.22.1
etag: "562328e3-26a7"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 9895
expires: Wed, 01 Nov 2023 23:50:45 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 409 B
611 B 353ms
18ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=telegram-downloads.ru&callback=_gfp_s_&client=ca-pub-1730500598922326

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

4745a0a1480a887676caadda7bb94e3bcb5599d4c7fe30a5cb720ae26ab1cff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 164A 59 KB
19 KB 380ms
305ms Document
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&adk=1812271804&adf=3025194257&lmt=1696240244&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x1080_l%7C164x1080_r&format=0x0&url=https%3A%2F%2Ftelegram-downloads.ru%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204244490&bpp=61&bdt=423&idt=197&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1200992134216&frm=20&pv=2&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=262

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

877744426cc787a9073f698304fda520feadcbe0e2b6884c5c45beb03855c3ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegram-downloads.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 19316
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 Oct 2023 23:50:45 GMT
expires: Sun, 01 Oct 2023 23:50:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3752 35 KB
14 KB 193ms
135ms Document
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&h=280&slotname=6381865431&adk=421633162&adf=33309763&pi=t.ma~as.6381865431&w=1200&fwrn=4&fwrnh=100&lmt=1696240244&rafmt=1&format=1200x280&url=https%3A%2F%2Ftelegram-downloads.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204244552&bpp=19&bdt=485&idt=209&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1200992134216&frm=20&pv=1&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vKtTsLttsA&p=https%3A//telegram-downloads.ru&dtd=217

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

00c42eeabd263aba239521d57182501979f1c9cc4f76934aad84502ae56222d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegram-downloads.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 Oct 2023 23:50:44 GMT
expires: Sun, 01 Oct 2023 23:50:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 3752 3 KB
1 KB 332ms
4ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&h=280&slotname=6381865431&adk=421633162&adf=33309763&pi=t.ma~as.6381865431&w=1200&fwrn=4&fwrnh=100&lmt=1696240244&rafmt=1&format=1200x280&url=https%3A%2F%2Ftelegram-downloads.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204244552&bpp=19&bdt=485&idt=209&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1200992134216&frm=20&pv=1&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vKtTsLttsA&p=https%3A//telegram-downloads.ru&dtd=217

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 01:35:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 01:35:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 3752 20 KB
8 KB 331ms
3ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 01:35:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 01:35:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3752 182 KB
58 KB 349ms
22ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Oct 2023 23:50:45 GMT

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 13D1 157 KB
52 KB 413ms
91ms Document
text/html 74.119.119.65
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZRoF1AANGK4AszzDAAs2SEuiRnEAjA6tmZuWIQ&u=%7CkHQU%2FM0sFPkDLwBdOnKC8HN6rQYBe6W1jqa5hLqC%2BLQ%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cno76PwCYU5ChNmYmO3XJC4WaciyIpNutWHtOB9KzXiHsHHAXr06FV60lXp62cb2Y_6edrDdY4LKwunxlfhm3miTDLFp1kfbR8lMTluAiyHedcrrveSIfjWfRfOZhSVUf0NAf7-K9HaHYcWjyGtlGkm_zg0u4mcn0WgYC7LqIPylKA_YH3H1_vYEJ4hUxezO41o0l2jAUeiflA9fO8JqzWosib-X3A9wn1XkCvpmqjLdxITqRegM2tmEOWDvyJckbldOLFc2OEWreaa1xUtFsFsGgeGnAvoY_rm7-dRXdPpGZWHSnThEsBN8lLsT1rxaaGrylgDHNnSZP1EVlYOwzytxq0glzstg1jitgkZDWfWb3RTGnXvhVK8j_7KEtxPWOLKszxUBQ65wf7ntVLE17vecsCT4iRvAFfgkkxEbYzG8FhQo92zKoENXRKduUCvfuNFMJlwGZdlB1WlR3yeKBC1oEL1NYn9b8sAnXsg96PDpQhaWqE86gcwjFVz9Ww7jM3fdLzGSxCeGyGy_i_Knc8wKdq0hlDqhkN-FwzhFFVGA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa89q1AUaZa6xNMP5zLUPyOyskAicge-wXKLKp6p0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMTczMDUwMDU5ODkyMjMyNsgBCagDAcgDAqoE-QFP0B6Gst4XT8l6L0DRjWwCPYkefApA5k2Hps4izYOh0ZQf6680-e1dE6gk3AblWB1MWN_04iIMzr5EfMyq_m9xBCVadt_OmkRqOEoIogFea8XmqoIjR921dXgUsgTkULoabUHx0rKkg9ApaMqQRsELt_erWf36NCYOpwC6e19N-9dBvElu3RHBazJV_jMX_RbQH7ahzkpHJjeMu4Aq2LDvSVnjOPEQZo-l4ucx2BR5tOpXvsZ83SWLVUkD5rSP1prx4iKHAlDYpcNqr8W306NINoYmH2D3Eq656qnSPWnqis1d2uuTCD7McRrZXWTh-Z_czeSonvQijtWABsfV-PSTnoC9FKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2NubTseFbzb9Lsvl6xXMBthOJmtw%26client%3Dca-pub-1730500598922326%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.65 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e1c46ca7d8ee2e7bef2bd48531d1f41c8d52915cd7d89a83fdde2510119dfa5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 01 Oct 2023 23:50:45 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=1CpI5j3WCRtG75aQstw0psjurEEJyDyRxgDMw70ZL0CtBDDGegF2lac1jlXVjoYfAE2RciLw0NbO3lrKxAHrf5Gd7ROCanJjsBjFpzm3_xqdnOLh9chB1aFJscZg1b1I6k4uyUadbekMoqVYa0GhsM0JXruP6WtA-6ud1-UbTUKclwv4pkQSRwVaeJDOfucWpWpSE-M3gUpUoqHF5vyyVmKECgwp3jsDzrPPi3sZiLc1QsGIrTbYvtgaRUFo2HWreW5R-Q"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 77749084
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/ 153 KB
52 KB 33ms
33ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/reactive_library_fy2021.js?bust=31078272

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

7eeafdd20b0c8f377e06a1ea874c3487d4e0bcbe5219d445f8d38b134df985a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53260
x-xss-protection: 0
server: cafe
etag: 11218172121839154883
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Oct 2023 23:50:45 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5886 37 KB
16 KB 191ms
188ms Document
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1696240245&rafmt=1&to=qs&pwprc=1275318804&format=1200x280&url=https%3A%2F%2Ftelegram-downloads.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204245229&bpp=1&bdt=1162&idt=-M&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48bcaa1e0f69cd79-2224e2fc76e40078%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_MaBpbUoeP6xV5wkmbX_vNyl2v1pAQ&gpic=UID%3D00000d96405a144e%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_Mb7-GVFS4k8qi62VqnuGOOxs0zQFA&prev_fmts=0x0%2C1200x280&nras=2&correlator=1200992134216&frm=20&pv=1&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=kIa02h8WK1&p=https%3A//telegram-downloads.ru&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

a798a341431a452e8a8fbae5dd65faab6478c5ffee1da5b70f4ab9e740ae15af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegram-downloads.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 15904
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 Oct 2023 23:50:45 GMT
expires: Sun, 01 Oct 2023 23:50:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D614 37 KB
16 KB 201ms
199ms Document
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&h=280&adk=997297033&adf=122919196&pi=t.aa~a.2586680255~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696240245&rafmt=1&to=qs&pwprc=1275318804&format=1200x280&url=https%3A%2F%2Ftelegram-downloads.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204245229&bpp=1&bdt=1162&idt=-M&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48bcaa1e0f69cd79-2224e2fc76e40078%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_MaBpbUoeP6xV5wkmbX_vNyl2v1pAQ&gpic=UID%3D00000d96405a144e%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_Mb7-GVFS4k8qi62VqnuGOOxs0zQFA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=1200992134216&frm=20&pv=1&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tqR6pKiqai&p=https%3A//telegram-downloads.ru&dtd=13

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

f2407f1bbc3a354f70ae1f429f1201ad30a53fe4f2d80a5865226bc341f4ecdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegram-downloads.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 15957
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 Oct 2023 23:50:45 GMT
expires: Sun, 01 Oct 2023 23:50:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 647D 37 KB
16 KB 236ms
236ms Document
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&h=280&adk=2550612135&adf=3020769239&pi=t.aa~a.245933387~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696240245&rafmt=1&to=qs&pwprc=1275318804&format=1200x280&url=https%3A%2F%2Ftelegram-downloads.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204245229&bpp=1&bdt=1162&idt=0&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48bcaa1e0f69cd79-2224e2fc76e40078%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_MaBpbUoeP6xV5wkmbX_vNyl2v1pAQ&gpic=UID%3D00000d96405a144e%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_Mb7-GVFS4k8qi62VqnuGOOxs0zQFA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=4&correlator=1200992134216&frm=20&pv=1&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=DmBTzvygR5&p=https%3A//telegram-downloads.ru&dtd=22

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

f73571ed70e049ed33e2040912a6e429f55b9b66d43a808b1cb5aed541f5e543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegram-downloads.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 15964
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 Oct 2023 23:50:45 GMT
expires: Sun, 01 Oct 2023 23:50:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/ Frame 252E 10 KB
4 KB 6ms
5ms Document
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegram-downloads.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 73019
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 Oct 2023 03:33:46 GMT
etag: 2603938475786422795
expires: Sun, 15 Oct 2023 03:33:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 5774 173 KB
54 KB 97ms
92ms Document
text/html 74.119.119.65
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZRoF1AANm34GrTOrAAaa2tvTxVTtarO-9c9Pcg&u=%7CkHQU%2FM0sFPmfJX0P6nL%2BYWf2Lg%2BFAE3MmwDQl8lSgRg%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkpnon-rZw82eH2rx6hJWzWx9iOokkUW12Zuam5YjKS1Cy0e89u7bVOJAvxaK1lbErZsQhi3dfD_aCqtkxwKUgJgLPJKxVwk0rPdeg4H70UsYSvUgpKVQITBhVTxkUSYzDkfFqgKO-bNbAldCNuwxCG4YllXO5tguSJ4OXJeQIn3CFHbL0oYWR0zqUpN7XXXEqKDJAYezAsWwXGCFJv1gj-6rI75Cl9P_WrTzy8JZbLdfFjNp6ETtI2YAMh6R45qbiXVqokgdupIgSH7uCqiuElZ_Ptag405M6sElDedGYGEdDnppqfOlShyTdz3AJnNuj9Wwu5zsLnkclC2lfRqUDS4iPCBTOjwtfbr-vpra9hACLjCiaH7hnoCmtdcTCXSCMnDK7hr6TSrSIK09EO3FJoTkEOLyYbNH4GMhr0vHkHmM6uCG70H-tdFiRvL3ieSnICY83DaBPZDSh01CzaAAz1vGSQNvOgkxQlP0yA837ofCpZJwQdrGdUPwMjvBAUTgMh44jBdzvsIylqi_ZAUqLA2slivSqgdqoLHfPY4Y301Mr71JTrWQNs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyWXq1AUaZf62NqvntOUP2rWa8A-cge-wXNL4t52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE3MzA1MDA1OTg5MjIzMjbIAQmoAwHIAwKqBPkBT9DreJkluFC3XAtPtd6u9WJnkSvUS0U1Af1nc0-9_fLmouGkQ-ANLcJYY3dICfeRqpwGrq2MBVmwGnpFB78cs41bfTZvvsXYjCp4CAsWfu4A1X7QcdIQrhbWlPsou-D7rURkh1vESU1676OCNQVUW_a90nPeabkfi3gu7Y5dGCH_OHBlO3G9ZePR2KGWW5fN7msgyyzFh5PrPgMTt-YmCYSwEtApi3HjR7ifxjQ-gkZDY-yGKQrlJ5JL_cYAXNnTEBAWYn7IBaZ5V7gU1uuP6KAmT8mmc4ivwRzVpQUAfOlxyR_9C-BoJu5jG6KEXR1VmsIGELYy_uzNgAbH1fj0k56AvRSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Tvgrqll21foeZRyNcxPCpJtpqGg%26client%3Dca-pub-1730500598922326%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.65 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4247b30e612990c46ae14e850c4399a7d690791261b3fd5de64593b25854e49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 01 Oct 2023 23:50:45 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=lF-ioz3WCRtG75aQmNkkfoVbB42IK-cGE-3xIl8IFead7OXqV2UrhDNb3zWJSjywjQAbWhtEUM7RYQIZVNdBI-rD4aV1hNpTvH0dRpfRuW51GMgqd2fyIquft7JwX3TKcxDcYeW45_b3BvUoBc2KJTHkdHW3P37Isa6zL9hozbpKTijY6OLT2eRzfaeTG9XcIm1XVun5SvQw1YRarToqELUCUJV12w86t_bKvvii4jzrmz8FeyLvLczxaeXM5qxjvFGV0A"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 82113519
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 252E 3 KB
1 KB 18ms
4ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 01:35:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 01:35:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 252E 20 KB
8 KB 19ms
6ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 01:35:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 01:35:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 252E 182 KB
57 KB 54ms
53ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Oct 2023 23:50:45 GMT

GET
DATA 200
OK truncated
/ Frame 3752 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f48585b4945eec5c6e1453b2d3cf1395d3a261a140da38569230f74816e97955

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 5ms
4ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRoboto%3A300%2C400%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://telegram-downloads.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 13:02:35 GMT
x-content-type-options: nosniff
age: 298090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Sep 2024 13:02:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 6ms
5ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRoboto%3A300%2C400%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://telegram-downloads.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 09:17:00 GMT
x-content-type-options: nosniff
age: 311625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Sep 2024 09:17:00 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 153 KB
55 KB 857ms
271ms Script
application/javascript 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

f760260277e022bf9d6162bba0bdefe19125717e83ad68ff65c208f95710f1f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 28 Sep 2023 11:23:40 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6515380c-d8c0"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 55488
expires: Mon, 02 Oct 2023 00:50:46 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 13D1 2 KB
1 KB 343ms
10ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZRoF1AANGK4AszzDAAs2SEuiRnEAjA6tmZuWIQ&u=%7CkHQU%2FM0sFPkDLwBdOnKC8HN6rQYBe6W1jqa5hLqC%2BLQ%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cno76PwCYU5ChNmYmO3XJC4WaciyIpNutWHtOB9KzXiHsHHAXr06FV60lXp62cb2Y_6edrDdY4LKwunxlfhm3miTDLFp1kfbR8lMTluAiyHedcrrveSIfjWfRfOZhSVUf0NAf7-K9HaHYcWjyGtlGkm_zg0u4mcn0WgYC7LqIPylKA_YH3H1_vYEJ4hUxezO41o0l2jAUeiflA9fO8JqzWosib-X3A9wn1XkCvpmqjLdxITqRegM2tmEOWDvyJckbldOLFc2OEWreaa1xUtFsFsGgeGnAvoY_rm7-dRXdPpGZWHSnThEsBN8lLsT1rxaaGrylgDHNnSZP1EVlYOwzytxq0glzstg1jitgkZDWfWb3RTGnXvhVK8j_7KEtxPWOLKszxUBQ65wf7ntVLE17vecsCT4iRvAFfgkkxEbYzG8FhQo92zKoENXRKduUCvfuNFMJlwGZdlB1WlR3yeKBC1oEL1NYn9b8sAnXsg96PDpQhaWqE86gcwjFVz9Ww7jM3fdLzGSxCeGyGy_i_Knc8wKdq0hlDqhkN-FwzhFFVGA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa89q1AUaZa6xNMP5zLUPyOyskAicge-wXKLKp6p0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMTczMDUwMDU5ODkyMjMyNsgBCagDAcgDAqoE-QFP0B6Gst4XT8l6L0DRjWwCPYkefApA5k2Hps4izYOh0ZQf6680-e1dE6gk3AblWB1MWN_04iIMzr5EfMyq_m9xBCVadt_OmkRqOEoIogFea8XmqoIjR921dXgUsgTkULoabUHx0rKkg9ApaMqQRsELt_erWf36NCYOpwC6e19N-9dBvElu3RHBazJV_jMX_RbQH7ahzkpHJjeMu4Aq2LDvSVnjOPEQZo-l4ucx2BR5tOpXvsZ83SWLVUkD5rSP1prx4iKHAlDYpcNqr8W306NINoYmH2D3Eq656qnSPWnqis1d2uuTCD7McRrZXWTh-Z_czeSonvQijtWABsfV-PSTnoC9FKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2NubTseFbzb9Lsvl6xXMBthOJmtw%26client%3Dca-pub-1730500598922326%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 13D1 2 KB
1 KB 345ms
12ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 13D1 308 B
636 B 282ms
11ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 13D1 293 B
621 B 294ms
24ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 13D1 43 B
348 B 46ms
12ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=FJkL6ik_VShchZtfMYcBT4e2uVeU87np_vM95bA07Zu7VIEo4ZqFyyjkWC9tGnCS8LFhkupFKuxfHUOQFAUoQ5hkdgZo8hr5lTI76CpNRWJyzkkhqE3uNaEg6Q28qrCuSC2DwtVBg7H43kOw9PyaJFiyiJZhBSZVR_yeYBC40KnhIu_6nEyYKOYOO4cL2L3hy-pJTljhIFTUNXSDhJX0WEzTrXciqw9lu8I5Ure4Tt4uxx3sXTlOt-EZrZLB0oxAn2CTwNU2DI_bCRV-bpES3-Y_EOpgWqusKDbVsHxBCEN4PZSIIPFzEbYJNoHZGQlwP6JY6vW7Yl8scU-Om241Tqc-hsdSH3p1iSzQsiebyHBT17MCT2K0qAHG6g8JpjivFnpKoGL8UICGBgrNmOIl7fA_vz8irMW45r5vBs2rrmEX7taw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2850303
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 5886 3 KB
1 KB 4ms
3ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1696240245&rafmt=1&to=qs&pwprc=1275318804&format=1200x280&url=https%3A%2F%2Ftelegram-downloads.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204245229&bpp=1&bdt=1162&idt=-M&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48bcaa1e0f69cd79-2224e2fc76e40078%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_MaBpbUoeP6xV5wkmbX_vNyl2v1pAQ&gpic=UID%3D00000d96405a144e%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_Mb7-GVFS4k8qi62VqnuGOOxs0zQFA&prev_fmts=0x0%2C1200x280&nras=2&correlator=1200992134216&frm=20&pv=1&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=kIa02h8WK1&p=https%3A//telegram-downloads.ru&dtd=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 01:35:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 01:35:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 5886 20 KB
8 KB 5ms
5ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 01:35:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 01:35:57 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5886 0
0 344ms
23ms Image
text/html 142.250.176.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRFMIcPCjEtUMMZ40Mr8JICb7PhoUqI-wIo4T_7KXosOhQuW_7zERVVTBivux7ZbPYejIeFbbdtAgH_MfgeZltFIlm_6w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1696240245&rafmt=1&to=qs&pwprc=1275318804&format=1200x280&url=https%3A%2F%2Ftelegram-downloads.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204245229&bpp=1&bdt=1162&idt=-M&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48bcaa1e0f69cd79-2224e2fc76e40078%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_MaBpbUoeP6xV5wkmbX_vNyl2v1pAQ&gpic=UID%3D00000d96405a144e%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_Mb7-GVFS4k8qi62VqnuGOOxs0zQFA&prev_fmts=0x0%2C1200x280&nras=2&correlator=1200992134216&frm=20&pv=1&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=kIa02h8WK1&p=https%3A//telegram-downloads.ru&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.176.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s37-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5886 182 KB
57 KB 31ms
30ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Oct 2023 23:50:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame D614 3 KB
1 KB 4ms
3ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&h=280&adk=997297033&adf=122919196&pi=t.aa~a.2586680255~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696240245&rafmt=1&to=qs&pwprc=1275318804&format=1200x280&url=https%3A%2F%2Ftelegram-downloads.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204245229&bpp=1&bdt=1162&idt=-M&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48bcaa1e0f69cd79-2224e2fc76e40078%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_MaBpbUoeP6xV5wkmbX_vNyl2v1pAQ&gpic=UID%3D00000d96405a144e%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_Mb7-GVFS4k8qi62VqnuGOOxs0zQFA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=1200992134216&frm=20&pv=1&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tqR6pKiqai&p=https%3A//telegram-downloads.ru&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 01:35:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 01:35:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame D614 20 KB
8 KB 5ms
4ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 01:35:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 01:35:57 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D614 0
0 332ms
22ms Image
text/html 142.250.176.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQJZJwlcBu-z7sCn7NzXQQvTGaAJfmbbJ4--3UQdROQuiryYgFXS9FZXhCKulaBijGWDj67jpBaEeH-UjmuC9_g6IQSGA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&h=280&adk=997297033&adf=122919196&pi=t.aa~a.2586680255~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696240245&rafmt=1&to=qs&pwprc=1275318804&format=1200x280&url=https%3A%2F%2Ftelegram-downloads.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204245229&bpp=1&bdt=1162&idt=-M&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48bcaa1e0f69cd79-2224e2fc76e40078%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_MaBpbUoeP6xV5wkmbX_vNyl2v1pAQ&gpic=UID%3D00000d96405a144e%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_Mb7-GVFS4k8qi62VqnuGOOxs0zQFA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=1200992134216&frm=20&pv=1&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tqR6pKiqai&p=https%3A//telegram-downloads.ru&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.176.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s37-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D614 182 KB
57 KB 42ms
41ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Oct 2023 23:50:45 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5774 2 KB
1 KB 305ms
14ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZRoF1AANm34GrTOrAAaa2tvTxVTtarO-9c9Pcg&u=%7CkHQU%2FM0sFPmfJX0P6nL%2BYWf2Lg%2BFAE3MmwDQl8lSgRg%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkpnon-rZw82eH2rx6hJWzWx9iOokkUW12Zuam5YjKS1Cy0e89u7bVOJAvxaK1lbErZsQhi3dfD_aCqtkxwKUgJgLPJKxVwk0rPdeg4H70UsYSvUgpKVQITBhVTxkUSYzDkfFqgKO-bNbAldCNuwxCG4YllXO5tguSJ4OXJeQIn3CFHbL0oYWR0zqUpN7XXXEqKDJAYezAsWwXGCFJv1gj-6rI75Cl9P_WrTzy8JZbLdfFjNp6ETtI2YAMh6R45qbiXVqokgdupIgSH7uCqiuElZ_Ptag405M6sElDedGYGEdDnppqfOlShyTdz3AJnNuj9Wwu5zsLnkclC2lfRqUDS4iPCBTOjwtfbr-vpra9hACLjCiaH7hnoCmtdcTCXSCMnDK7hr6TSrSIK09EO3FJoTkEOLyYbNH4GMhr0vHkHmM6uCG70H-tdFiRvL3ieSnICY83DaBPZDSh01CzaAAz1vGSQNvOgkxQlP0yA837ofCpZJwQdrGdUPwMjvBAUTgMh44jBdzvsIylqi_ZAUqLA2slivSqgdqoLHfPY4Y301Mr71JTrWQNs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyWXq1AUaZf62NqvntOUP2rWa8A-cge-wXNL4t52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE3MzA1MDA1OTg5MjIzMjbIAQmoAwHIAwKqBPkBT9DreJkluFC3XAtPtd6u9WJnkSvUS0U1Af1nc0-9_fLmouGkQ-ANLcJYY3dICfeRqpwGrq2MBVmwGnpFB78cs41bfTZvvsXYjCp4CAsWfu4A1X7QcdIQrhbWlPsou-D7rURkh1vESU1676OCNQVUW_a90nPeabkfi3gu7Y5dGCH_OHBlO3G9ZePR2KGWW5fN7msgyyzFh5PrPgMTt-YmCYSwEtApi3HjR7ifxjQ-gkZDY-yGKQrlJ5JL_cYAXNnTEBAWYn7IBaZ5V7gU1uuP6KAmT8mmc4ivwRzVpQUAfOlxyR_9C-BoJu5jG6KEXR1VmsIGELYy_uzNgAbH1fj0k56AvRSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Tvgrqll21foeZRyNcxPCpJtpqGg%26client%3Dca-pub-1730500598922326%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 5774 2 KB
1 KB 315ms
24ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5774 308 B
636 B 220ms
16ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5774 293 B
621 B 222ms
18ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 5774 43 B
347 B 15ms
15ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=g_4ChqlpCNEoLPAXBNnzxtbeXil0d34hW222QN6MXJ8SrS2WpkVXmtxxkEYY2EnaVJhfsbUGsQp70xlGvxfq2ZUjwJS2pcF9sogGbzGqTa2KzAJjBWY7NMz7ENKXha9mn75YukXPdbm0xhYVnhYlV7Lw9A2kDxjy6Zd21TQUFHvWJcVA83EZJLZ9gErQt2qtZPbT1skdBlVTa67JHZACYBFpSMESRzZFkwkmw2uFx1Kfq2tgp6J-dXp5Aj6CqMJ8cfSGPOaB5ROmdNwpSU-bvxiKzmimzTPuzkeOYK4MdxmxvP-Hb8u4Dg0WMVHHAiDfb4K2DaXDu0Ubn2DY5tADOVbuhaC5dtGltMJHjINy9uETufRCnmUVoxdM00ZfunzdK3T_nvwgRgLp9sWtMM-jJPokYQMXbI6Ch0O-6pu-rCngBqL5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2933760
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 wp-emoji-release.min.js Show response
telegram-downloads.ru/wp-includes/js/ 18 KB
5 KB 130ms
129ms Script
application/x-javascript 92.53.96.193
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram-downloads.ru/wp-includes/js/wp-emoji-release.min.js?ver=6.3.1
Requested by: Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.193 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh348.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
last-modified: Mon, 24 Apr 2023 11:19:04 GMT
server: nginx/1.22.1
etag: W/"644665a8-4904"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Wed, 01 Nov 2023 23:50:45 GMT

GET
DATA 200
OK truncated
/ 357 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57df901ddd718ea67fc2c55f827e20fef7a5fae5145e9149e79eb065f9a097b9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 784 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32f9c09189248fc7081865c0e1b536205384f9d96c5a75e0ccb484e2a74a6f6a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 520 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb2b18ff7b82cdbab0ba5f095448f16c159526ff504699042f8069f1a70ae7f4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20f2d6255fe749341e6543047782811c5977380c562e7163efa64594d88c6b3d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 13D1 12 KB
5 KB 337ms
14ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1956627
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3VeDQ4TWCM%2FBjbXSxLpStJMm35kzlrG03czd8BQtj27VgAfUWWwwETIlESjdgQ7Iu8iorwRj6OgZX7p2xKtZVWtZ6UzQC9U7jTOT4HBLfUJ6mRIo%2FVNsVMywQIP0nRrXTLmGgxQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80f89c18c86741f8-EWR
expires: Fri, 20 Sep 2024 23:50:45 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 13D1 12 KB
6 KB 280ms
23ms Script
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 647D 3 KB
1 KB 5ms
4ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&h=280&adk=2550612135&adf=3020769239&pi=t.aa~a.245933387~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696240245&rafmt=1&to=qs&pwprc=1275318804&format=1200x280&url=https%3A%2F%2Ftelegram-downloads.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204245229&bpp=1&bdt=1162&idt=0&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48bcaa1e0f69cd79-2224e2fc76e40078%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_MaBpbUoeP6xV5wkmbX_vNyl2v1pAQ&gpic=UID%3D00000d96405a144e%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_Mb7-GVFS4k8qi62VqnuGOOxs0zQFA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=4&correlator=1200992134216&frm=20&pv=1&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=DmBTzvygR5&p=https%3A//telegram-downloads.ru&dtd=22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 01:35:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 01:35:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 647D 20 KB
8 KB 6ms
6ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 01:35:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 01:35:57 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 647D 0
0 216ms
24ms Image
text/html 142.250.176.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmlgueCdXxSKPb6_fY4mc9ZuGSRFiH_mkkk5QfrEoZKLuNIpfUdbKS4m_UnoboTxrbHNOJ5VWRZy-WI-u7UYjupVo5Ug
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&h=280&adk=2550612135&adf=3020769239&pi=t.aa~a.245933387~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696240245&rafmt=1&to=qs&pwprc=1275318804&format=1200x280&url=https%3A%2F%2Ftelegram-downloads.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204245229&bpp=1&bdt=1162&idt=0&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48bcaa1e0f69cd79-2224e2fc76e40078%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_MaBpbUoeP6xV5wkmbX_vNyl2v1pAQ&gpic=UID%3D00000d96405a144e%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_Mb7-GVFS4k8qi62VqnuGOOxs0zQFA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=4&correlator=1200992134216&frm=20&pv=1&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=DmBTzvygR5&p=https%3A//telegram-downloads.ru&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.176.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s37-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 647D 182 KB
57 KB 24ms
23ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Oct 2023 23:50:45 GMT

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame A28D 163 KB
53 KB 82ms
81ms Document
text/html 74.119.119.65
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZRoF1QAEHrwAsz7nAAH5Q_kXokkULpPTeha6Dg&u=%7CSzEvG2f%2BeOlyctjiVycoduTZLAQHHKUw5maNsLieIhE%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cno76PwCYU5ChNmYmO3XJCywOCFOT5oDX5BowUZ5qPf2-O44YvRNxwTa3TNARSJm0ui8_gbqzcn6FHdNeMnWOu8XqH-eHLz8jBcYwvjCR6lM8UtgFrAH_5TUfMs1tJMNclbH5t-jIPx3H4TeJjvQCUib-i4RaLeKLqFaB4Uxrk-1PCYiLonvvu-Fh3PSopw2BNDdEOnm3y6t1RwbeX9CwE2PKQ_Ykjd-yb6w7voZxQoojzGM8aZeR4UvhkArz7A4d1gfcD6qRK6Kw9d1dyRcf_qpGkSVBvlRvQKXFosMA6f-5rnYTCLthFnisYvAUvBdkMd3Rrb-Pqd6zAu0ziNWAoSJ3l_CjX5eJcxA3FN7rwCXfRprlBsbl5DIZOkIuh3FcpR2fSDyx6Wgpf2i2FiK52OWoVcE77aKlVSD4ItDBzvMqM5RHWPL2Vv2KyquLZcV8Pn-dAnHyl7KKefbJ3mVXxVMcIoGPFmyCDzcIXAna5Sfi39c2vSrps2bsZoKwTeeVyG4rneIH8_NbVXo7K-qhu8bq_YKKAm_6CSFEIlMuzWg_QztYxjye6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNmCX1QUaZby9EOf9zLUPw_KHmAacge-wXLLtt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE3MzA1MDA1OTg5MjIzMjbIAQmoAwHIAwKqBP8BT9AI-z_bEPSCRXAVmkeoOaA0V5Er0wDxuuTyyweShiho5VIQOfrmg3C5pAyibgxj7Kps6hnGw0gM-dy29PgFIbR_202XUOKu7sKz-UdSoShZZf5843ZKfonz1Go-b3zRtFnzDpvp-IYV47kNfiCqR_aEhgWX0NQenLe3fYnV3n4U_3sz3hoCQ_BmMr26Esc5fpvldJtMNeK9cD4rQBieOmyMm70-cRTfVdeOLF0Hj1z_0EvQ7vm9keRhsW_wQYP6GQPXHORnzQKM7DdnEEACqtffGmPDsRoIGm72e-1cec4TD6V6NB2QfsArVKt2UdGZBJ9xhwzR1CVVsU-K9xn-gAbH1fj0k56AvRSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1j2GFtpPUX7jtKfq4x4scIz0elvg%26client%3Dca-pub-1730500598922326%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.65 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

732c1e333b19eaba2000f7c99cc5160fab6e033f56f636ce7bcf300fba5f31e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 01 Oct 2023 23:50:44 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=Pmj0Bj3WCRtG75aQMQH3_1Zo8UnUBDy5kWTGF54z9CUUKf7Cu9CgqAzi8d3VbaaA6i3D6e9h4NC6bUP-jeoObnWoDzrIfajO38R1cISQNmsieLpVqr-RaLEexNQbZVVujIFBJ1qOKeHL0HABVWppnqHTzmJO1OsPJuCnHtt9nTe3CTm63AjadOrOHrW8URTKM5P_K5MaOr81p8d8M6hD9EqwpgF8fEc3-YlVRQTSbKKL0ghoZWnEUmJdfmoSVLjTzJAmbg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 67926422
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1A18 1 KB
758 B 4ms
3ms Document
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 74975
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 Oct 2023 03:01:10 GMT
etag: 48472445140208031
expires: Mon, 02 Oct 2023 03:01:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 9A29 156 KB
51 KB 77ms
76ms Document
text/html 74.119.119.65
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZRoF1QAEIbMJlOf1AAeZ_dJhJ3VLND5AkJMezw&u=%7CSzEvG2f%2BeOlsbQvWOFtyhIMFTjQhRknGalfl9tzYyiQ%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cno76PwCYU5ChNmYmO3XJC_61tGlzd5f5iyrkLv86jRjLnErw8n-EFR2JDvVNfn4eNESzl0QGtKCEMlzoVW5LjeZ-0TZIBQ3SPS-yKEhK4RBNtxe4-tZgen5AqpYI98flKHygzyWrl7jjXAm4zbI3ut2SaLz8XcJLaIKNEO7aVn3C-nxbkyCbiL6rHJHLQXhvMkYFBYLu-ud4-UIgjhhMZAnLxbrzFGcnWJJUID3QCfiiNTKq9Uf_OrYpLCL-k3eKkBaIojc9_p-t3AtfvOj35GFnlrAQCt8ncCMdPh-MHCEK5DKOvCH3sQEc7BxImbc53LU12dWDB5T1djwN0kPrpynCREcXQ9EHVc_1lPRKyNlZB39gTP3xn9mIi-9CmnXfsqzrRpdNbEZFYPkZYReYZiZqYDPYjL6l0rdTgIn-1yq1wjfv8lYLz7kNcyxGD1DOChrHuNuAdH35ldEdGGvHAc-fVdznOcIZMNKHyRZ4VQ-8Pk0seo0V1SQMsJ7ySODPAB05rYhaOwDBhOaPLq35aHWNRjGe2AasPOre_T_gKFM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGz9H1QUaZbPDEPXP0_wP_bOe2Amcge-wXLLtt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE3MzA1MDA1OTg5MjIzMjbIAQmoAwHIAwKqBP8BT9C0vJ9ZSzKdG3DCZtTNWhRdFWf-dZbQLEQ363b7S2T486aOS0uBSHJgCJ3EBWQlbmNaizTsDsRXcI93Bg3SceoxkkFLNqsFktAUmtG88z-aKYJRhEzWauie8IzMp2_HYv1_usFqZ2pG4Es0JGh0-WyU3Y1mFeprrlOZ-NARTgyuDJCKIdnwYg4Jikq7Hbzl9sQAl3hk-pvm7v9MHFnoUs0HR-15z7oxbGPwlCI-lVDR8h80DXFa7Cufw7wVaxMxhQpAVtuiABkaQSdBbIwSsuZh9sSwfDxvWe5Nc4YRJh5TjQf7uJbCSNO6MOtkplLtpCtdwMShclKeR7ElFJMVgAbH1fj0k56AvRSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0SLvyvqK91i998g72_Y_n0UPKKeQ%26client%3Dca-pub-1730500598922326%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.65 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f7ab77f82cc7f94d7e7f743b3a7f7e4a82168c2e22d97c9d01b502b7568f301c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 01 Oct 2023 23:50:45 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=DEmuzT3WCRtG75aQJcZRHjS42mxCbXiw0ME04FBok6T-TFQgSen9NIFMA4IxPjGYGwlFtpOFkUQMn2NXzbEsGfUxva3KlxpOGLqycVzjMzMrbj9PyzMwr16xMzWZ-mgkxN0fbxSbH8bpOUAF0Kvcf2y5bvOURH6qEyRWtGCxcAeMLeZ39EafLLRwdZMyOxm35VZ2ZNmw4LSYqLoLlNt9O06M3YeiFVv0lj-roI4ThsDQDRSSquU_5Ml-oYgn-zxvbPfCzg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 57926470
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 019C 1 KB
677 B 6ms
4ms Document
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 74975
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 Oct 2023 03:01:10 GMT
etag: 48472445140208031
expires: Mon, 02 Oct 2023 03:01:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 252E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1386d0fcba0554d59534a5e69db1aa587f4df42c8cadc24bb96dd12f7c93f6a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 13D1 97 KB
97 KB 367ms
33ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=1200&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F771%2F4896814%2F45691ade35734c518138f17526653c90_img_horizontal_1.jpg&v=3&w=1200&s=782zxJZ0y4T1dZ0VjZdSgWtk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1aa898a7d416aaa7f09cc1871426404841d168cf0d0c6eb93cf6efc2cdcaa4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 98938
expires: Mon, 26 Aug 2024 15:35:18 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 13D1 2 KB
2 KB 343ms
9ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F47%2F47350011LS_14_F.JPG&v=3&w=400&s=j00FynnJZ0-QY8ZkgwUvvbkS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

87c296933952b4969256a3ed7c9a3f7e50116ecbedbc7e27e1395012355aadab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 2096
expires: Sat, 14 Sep 2024 23:04:04 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 13D1 11 KB
11 KB 364ms
31ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F15%2F15117721GX_14_F.JPG&v=3&w=400&s=e-1TWXE4FX5OGH5ZpRJavcY8&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

18e160783c2d1e7d78c2c8d017244b253515f87fd05c86c541e74b4fc18b7f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 10956
expires: Tue, 03 Sep 2024 12:14:55 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 13D1 2 KB
2 KB 343ms
10ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F46%2F46924643EN_14_F.JPG&v=3&w=400&s=_7GUa14qcfdivJr_4J265Xzj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

5c1f86873ae4a57b120e9a74e292181644a570fb97c84cd2cd4ac29ed67bea02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 2254
expires: Wed, 18 Sep 2024 20:00:30 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 13D1 2 KB
3 KB 341ms
9ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F17%2F17200487DV_14_F.JPG&v=3&w=400&s=TIYuH0QstYyb-8VKg8Rn3brS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

9f8f728203d523f922e384b77aca68da97b3184d65afd9589beb535913415289

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 2532
expires: Wed, 18 Sep 2024 15:45:15 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 13D1 4 KB
4 KB 365ms
32ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F30%2F30114389GI_14_F.JPG&v=3&w=400&s=ECpiboMvizyLHlapOEm22Lvw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

9a4722a7cd0c22f78f28ee8a8cabbbe9beade0207ec4b0b2cde4ef443665584d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 3804
expires: Mon, 02 Sep 2024 02:17:50 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 13D1 4 KB
4 KB 28ms
28ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F54%2F54193829DX_14_F.JPG&v=3&w=400&s=EV1m5ze4WQx0eG2mNxdnTlJP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8cf697447f26754c18211cb07a7d8d8d032d73f17d8fe756b623dbcde842f4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 3922
expires: Wed, 25 Sep 2024 23:41:19 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 13D1 0
127 B 344ms
15ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=1CpI5j3WCRtG75aQstw0psjurEEJyDyRxgDMw70ZL0CtBDDGegF2lac1jlXVjoYfAE2RciLw0NbO3lrKxAHrf5Gd7ROCanJjsBjFpzm3_xqdnOLh9chB1aFJscZg1b1I6k4uyUadbekMoqVYa0GhsM0JXruP6WtA-6ud1-UbTUKclwv4pkQSRwVaeJDOfucWpWpSE-M3gUpUoqHF5vyyVmKECgwp3jsDzrPPi3sZiLc1QsGIrTbYvtgaRUFo2HWreW5R-Q&sds=2&rev=88628&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 13D1 2 KB
1 KB 23ms
21ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 13D1 2 KB
1 KB 24ms
22ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame D542 159 KB
51 KB 63ms
62ms Document
text/html 74.119.119.65
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZRoF1QAEP_UJlPFVAAM_1SqQOg3-XMPjCxIFUg&u=%7CSzEvG2f%2BeOkKKYatn1SUWJrHvoLkUDuOebVB4hzgz5s%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cno76PwCYU5ChNmYmO3XJCyMbQHmu86R3v8Ps9nFsOSPW0zndyl-5OPTJR-gJzUPsan0vtyf4yItvpS7Ln_H1xiCPAdi1u-5l9mIOrjhfxkUrWr85BHctmDudJmypd2FYLP5d67y5bSOOkZBBRslD7x0RPxC-OZePoTaZFMuUzDi7MhW8tff1NGa6Tz92HwfRNv8Up0_M71WKjFo7kmM_3N5NSqyfnGvX_tnDge98Q1nOGeMlca-t7DN7oLVBkC3h58jeDQBBKTvrTtr46sOrZYOxSLHq9Ubgf66rj0BE7eh124fvF5HhjGIbpiIbHz-g2eAQRyEAM3FNf1ZGAunyfcTYPV-Ju8dizPVz33AYcTwU49u8aCFuwDIfO5ZEEdTpx0OxfIHQsZqmtVn39EYJMZovQLEYOOgeCNI3AiPIlvcm__csekI0ADvGhp3wFfF6a_7W7srHqE1epo59pkHFVLLyMTf0nuniTZLZAvmaKXGIhxXw_VK0t4WRGzKZ0uCNgf82VoSOKXkEGqbPqckRHAIQXsX_v2Q_1biohpQ55fnJ8JCcCdu-fw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKeEZ1QUaZfX_ENXi0_wP1f-MyAucge-wXOLDuM6jAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE3MzA1MDA1OTg5MjIzMjbIAQmoAwHIAwKqBP8BT9CfPBRmG2G4v3aLkRsYGC8zhxtlic91lWUKzGrODNsxrTplawBn-kCCRUhdw2rFSaHk-TdpPf3a3q5j-qAfhoLN0jWIfu7EBO42h_Hd8g_2AsPslpQNyDqydjW_R4DN9Ps77Fo4PvqkGPz1hbQ1t8yXtQ4Rl0JGpFKGv7NIql7QuKFxIdzRkBna-oTX8XspRgjPVaJ3t-3LOU7ImDkT3luMy1gkA4D3iHOoM3dxwdBj-WanoWcT6dAhK6oP9RzLdOfDYdyH0YC0vaq4VwC__txj3Gz_R16k5xrSDLDbplANDLx01qOSUcW8oPjbOLxKl7uQR4Q5VGTjdvxl0LIUgAbH1fj0k56AvRSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Ed1_f6sMfS2TntIHSoj4PzHp6Mg%26client%3Dca-pub-1730500598922326%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.65 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

6fd7726313f06325c0a4f6b51b2c927cc3c4d8ff168d11fe9683f1b767c5b05e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 01 Oct 2023 23:50:45 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=1xjabT3WCRtG75aQkexDXqW6Kma7vfAI-yFAZVmZd7ssMBMetCtJXzBhmygdb3mwv_FenrLGDuN6R88HqYS64tNGBq_XT9ojjTm9fbmq6VemnX-fJxiKG_Ofb0voSVSbrkJ1gE5SjVPl6_gz8vJ2ZtANUsYQ4bxWK5O1QFiTkRV35S8e5xYsPU-ziATT3N0nfT4MDD7m4Sj8pobS2yJsbXG7PfyxZft0LF0c6jDBfrB9Egul97bsHvKkEnDhM9lsLa4dvw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 53056593
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E021 1 KB
677 B 5ms
4ms Document
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 74975
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 Oct 2023 03:01:10 GMT
etag: 48472445140208031
expires: Mon, 02 Oct 2023 03:01:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5774 12 KB
5 KB 169ms
27ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1956627
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=USCeMt17aSCP5yFWZnVcTJG%2BboHqzG%2FV90PE4Z2XuaZVXzlFNUkbd235OQle%2FOuqXiQEcysPozo%2FBD1RkGs39okwqsAYwuWLPgazUv8id1ct9ht6zHRS%2Fc1mIhi4sGL428F7ykA8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80f89c18c86b41f8-EWR
expires: Fri, 20 Sep 2024 23:50:45 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5774 12 KB
6 KB 92ms
15ms Script
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A28D 2 KB
1 KB 76ms
13ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZRoF1QAEHrwAsz7nAAH5Q_kXokkULpPTeha6Dg&u=%7CSzEvG2f%2BeOlyctjiVycoduTZLAQHHKUw5maNsLieIhE%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cno76PwCYU5ChNmYmO3XJCywOCFOT5oDX5BowUZ5qPf2-O44YvRNxwTa3TNARSJm0ui8_gbqzcn6FHdNeMnWOu8XqH-eHLz8jBcYwvjCR6lM8UtgFrAH_5TUfMs1tJMNclbH5t-jIPx3H4TeJjvQCUib-i4RaLeKLqFaB4Uxrk-1PCYiLonvvu-Fh3PSopw2BNDdEOnm3y6t1RwbeX9CwE2PKQ_Ykjd-yb6w7voZxQoojzGM8aZeR4UvhkArz7A4d1gfcD6qRK6Kw9d1dyRcf_qpGkSVBvlRvQKXFosMA6f-5rnYTCLthFnisYvAUvBdkMd3Rrb-Pqd6zAu0ziNWAoSJ3l_CjX5eJcxA3FN7rwCXfRprlBsbl5DIZOkIuh3FcpR2fSDyx6Wgpf2i2FiK52OWoVcE77aKlVSD4ItDBzvMqM5RHWPL2Vv2KyquLZcV8Pn-dAnHyl7KKefbJ3mVXxVMcIoGPFmyCDzcIXAna5Sfi39c2vSrps2bsZoKwTeeVyG4rneIH8_NbVXo7K-qhu8bq_YKKAm_6CSFEIlMuzWg_QztYxjye6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNmCX1QUaZby9EOf9zLUPw_KHmAacge-wXLLtt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE3MzA1MDA1OTg5MjIzMjbIAQmoAwHIAwKqBP8BT9AI-z_bEPSCRXAVmkeoOaA0V5Er0wDxuuTyyweShiho5VIQOfrmg3C5pAyibgxj7Kps6hnGw0gM-dy29PgFIbR_202XUOKu7sKz-UdSoShZZf5843ZKfonz1Go-b3zRtFnzDpvp-IYV47kNfiCqR_aEhgWX0NQenLe3fYnV3n4U_3sz3hoCQ_BmMr26Esc5fpvldJtMNeK9cD4rQBieOmyMm70-cRTfVdeOLF0Hj1z_0EvQ7vm9keRhsW_wQYP6GQPXHORnzQKM7DdnEEACqtffGmPDsRoIGm72e-1cec4TD6V6NB2QfsArVKt2UdGZBJ9xhwzR1CVVsU-K9xn-gAbH1fj0k56AvRSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1j2GFtpPUX7jtKfq4x4scIz0elvg%26client%3Dca-pub-1730500598922326%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame A28D 2 KB
1 KB 83ms
20ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A28D 308 B
636 B 12ms
9ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame A28D 293 B
621 B 11ms
8ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame A28D 43 B
347 B 14ms
12ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=n-u_Eik_VShchZtfMYcBT4e2uVfNOJKw3BKfKRZAxZV55ne4fE2J5MSFUwQp5G1rze1SWuVrIqyn_yyVCC8GU-fHXUweUaYRpfq8bfDQkDF3aIiRZQ0-q6VLfGqxqUlOQoOhz6DA9rdv4S1DWkwG-GrMZRfIVHMw7CblvyySk8G-kCG2ZLcxTDYZPaLGlJp8e9d2RNgfDdG51aFRTVMDqSD9iUDuWvAPUHpQBOHeVvhx9tQlQEIVwsIweLqRGgB5cqw-tPUrdqhqRM7HgWS3qeqW2TqeYAnWIqONA2G4meZ-XFIuwBrNw3_1GlpQ765PMCUKIio3Sd8JtioNuVoFe3eBPK6uPY218kfxmTPPe0O3o8GCl_ZLpQOf-C10_NEoup3u602ESbjgnqY4QO43euisfN35CILNx8pPY2VqiWuqi2uQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2099345
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9A29 2 KB
1 KB 78ms
19ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZRoF1QAEIbMJlOf1AAeZ_dJhJ3VLND5AkJMezw&u=%7CSzEvG2f%2BeOlsbQvWOFtyhIMFTjQhRknGalfl9tzYyiQ%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cno76PwCYU5ChNmYmO3XJC_61tGlzd5f5iyrkLv86jRjLnErw8n-EFR2JDvVNfn4eNESzl0QGtKCEMlzoVW5LjeZ-0TZIBQ3SPS-yKEhK4RBNtxe4-tZgen5AqpYI98flKHygzyWrl7jjXAm4zbI3ut2SaLz8XcJLaIKNEO7aVn3C-nxbkyCbiL6rHJHLQXhvMkYFBYLu-ud4-UIgjhhMZAnLxbrzFGcnWJJUID3QCfiiNTKq9Uf_OrYpLCL-k3eKkBaIojc9_p-t3AtfvOj35GFnlrAQCt8ncCMdPh-MHCEK5DKOvCH3sQEc7BxImbc53LU12dWDB5T1djwN0kPrpynCREcXQ9EHVc_1lPRKyNlZB39gTP3xn9mIi-9CmnXfsqzrRpdNbEZFYPkZYReYZiZqYDPYjL6l0rdTgIn-1yq1wjfv8lYLz7kNcyxGD1DOChrHuNuAdH35ldEdGGvHAc-fVdznOcIZMNKHyRZ4VQ-8Pk0seo0V1SQMsJ7ySODPAB05rYhaOwDBhOaPLq35aHWNRjGe2AasPOre_T_gKFM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGz9H1QUaZbPDEPXP0_wP_bOe2Amcge-wXLLtt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE3MzA1MDA1OTg5MjIzMjbIAQmoAwHIAwKqBP8BT9C0vJ9ZSzKdG3DCZtTNWhRdFWf-dZbQLEQ363b7S2T486aOS0uBSHJgCJ3EBWQlbmNaizTsDsRXcI93Bg3SceoxkkFLNqsFktAUmtG88z-aKYJRhEzWauie8IzMp2_HYv1_usFqZ2pG4Es0JGh0-WyU3Y1mFeprrlOZ-NARTgyuDJCKIdnwYg4Jikq7Hbzl9sQAl3hk-pvm7v9MHFnoUs0HR-15z7oxbGPwlCI-lVDR8h80DXFa7Cufw7wVaxMxhQpAVtuiABkaQSdBbIwSsuZh9sSwfDxvWe5Nc4YRJh5TjQf7uJbCSNO6MOtkplLtpCtdwMShclKeR7ElFJMVgAbH1fj0k56AvRSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0SLvyvqK91i998g72_Y_n0UPKKeQ%26client%3Dca-pub-1730500598922326%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 9A29 2 KB
1 KB 76ms
17ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9A29 308 B
636 B 16ms
13ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 9A29 293 B
621 B 15ms
13ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 9A29 43 B
347 B 18ms
15ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=tlDwHyk_VShchZtfMYcBT4e2uVezRvZt_IuwY-N1Av3hC-JdF-36_R4GPlY2eHRKXssu5jUj2Wk1-oSt0r-ftZ4GyArKQQNTDk55226pUfIv5ynvq1gpF-tuyg_8O15ftgYoIFjfBdV6B6BYfURtjGOZKWZtbimAbQSy41hZr6c2GROg47ZNbOFDQh8HXEY487HpJ8doFn7VkJoQSOPjdbVbkE4ZrHI9nS1EU_d8dQCRhcvxXITC0zL7ai8ec5CjeXy8E_c-NGoYlZsRNDg4cWO8Ms8h7Ny3lrDhIeI-akYzUp19gqCGLW4xCohQZi8jPKWlpjgbrZdwIaWlBtDM9YtlRy522j3LGLaLXr-fVpf66rmN-CR5s7rhbZxZDuoHRlusMYMlEqFrg5P7pbTkEpNOT0SBUOCO7MgPcLztAFYnlK_P

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1865351
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5774 97 KB
97 KB 211ms
17ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1aa898a7d416aaa7f09cc1871426404841d168cf0d0c6eb93cf6efc2cdcaa4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 98938
expires: Mon, 26 Aug 2024 15:35:18 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5774 2 KB
2 KB 229ms
36ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F47%2F47350011LS_14_F.JPG&v=3&w=400&s=j00FynnJZ0-QY8ZkgwUvvbkS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

87c296933952b4969256a3ed7c9a3f7e50116ecbedbc7e27e1395012355aadab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 2096
expires: Sat, 14 Sep 2024 23:04:04 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5774 2 KB
2 KB 230ms
36ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F46%2F46924643EN_14_F.JPG&v=3&w=400&s=_7GUa14qcfdivJr_4J265Xzj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

5c1f86873ae4a57b120e9a74e292181644a570fb97c84cd2cd4ac29ed67bea02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 2254
expires: Wed, 18 Sep 2024 20:00:30 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5774 4 KB
4 KB 284ms
91ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F30%2F30114389GI_14_F.JPG&v=3&w=400&s=ECpiboMvizyLHlapOEm22Lvw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

9a4722a7cd0c22f78f28ee8a8cabbbe9beade0207ec4b0b2cde4ef443665584d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 3804
expires: Mon, 02 Sep 2024 02:17:50 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5774 6 KB
7 KB 228ms
35ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F12%2F12936265GB_14_F.JPG&v=3&w=400&s=DCck6t0ye5v2VmAIxFsRK1Cu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

108b201f90aa1fac41dc0277a8a8c79e1a6e8f1e63f9845dc2d7df156ad85b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 6522
expires: Fri, 13 Sep 2024 09:38:58 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5774 5 KB
5 KB 227ms
33ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F17%2F17292205DE_14_F.JPG&v=3&w=400&s=BEMHmxxeqWG5LPcvGExK5LIw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f3b9348806bbe09b1e6c10499ab60c3807b6f07a46d9a60a652faab0f4dc508a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 4688
expires: Wed, 18 Sep 2024 03:55:41 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5774 3 KB
3 KB 21ms
11ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F11%2F11778122JM_14_F.JPG&v=3&w=400&s=iywY_kk4MJ8S_K2ph3JUw2SW&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2aa02ac1c62c12711602f08cbd1d35f2a2ec066b36361cd15d0ce705c64facb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 3270
expires: Tue, 24 Sep 2024 11:05:51 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5774 3 KB
3 KB 15ms
12ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F17%2F17535945JW_14_F.JPG&v=3&w=400&s=T4rfh0RK6OK6R6yTS0PE2Cz9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

834392ea71cff2fca594054b8a0806ada053e28a53ed5f2854025a4105ffcf15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 3034
expires: Mon, 09 Sep 2024 06:42:23 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5774 2 KB
2 KB 13ms
10ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F15%2F15198963QU_14_F.JPG&v=3&w=400&s=0Wdrokh08FpJVtN2hM_lMLi-&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

91833ee761b2cd075c96ebe62806908ee00df62ba772155ba26b16839dbeded7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 1602
expires: Fri, 06 Sep 2024 23:41:40 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5774 7 KB
7 KB 16ms
12ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F63%2F63007153LN_14_F.JPG&v=3&w=400&s=VQVDgkgyyqrG8EM9eJARmoGZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1ba867b6dbec8951255470dd4387487065424642581a2488c2c2489639c05812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 6806
expires: Thu, 19 Sep 2024 15:05:02 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5774 8 KB
8 KB 18ms
15ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F16%2F16187104ET_14_F.JPG&v=3&w=400&s=LUm2P0se8gBoHJnzwkGdWnPo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

a563a87c4831f029434d9e02ba53bd242f9f545d9fcd34a357d14827ade187b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 8142
expires: Wed, 21 Aug 2024 07:48:52 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5774 12 KB
12 KB 17ms
14ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F10%2F10062338GR_14_F.JPG&v=3&w=400&s=1JQRFF3IR7pAsH6CC6SskN8z&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f38d19087fd49bfdb55baf5728fd95276da0ccd5cf5020dc16f4b186c3dc788b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 12174
expires: Sat, 31 Aug 2024 15:55:21 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5774 5 KB
5 KB 16ms
13ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F12%2F12990952IR_14_F.JPG&v=3&w=400&s=xl0slGvoKzN9dbX767DWpDY_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

a56a1e28a24ba018d8af6dff55c849eba2f36876b9abc667cdb41c74431d6217

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 4990
expires: Thu, 19 Sep 2024 22:57:09 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 5774 0
127 B 347ms
16ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=lF-ioz3WCRtG75aQmNkkfoVbB42IK-cGE-3xIl8IFead7OXqV2UrhDNb3zWJSjywjQAbWhtEUM7RYQIZVNdBI-rD4aV1hNpTvH0dRpfRuW51GMgqd2fyIquft7JwX3TKcxDcYeW45_b3BvUoBc2KJTHkdHW3P37Isa6zL9hozbpKTijY6OLT2eRzfaeTG9XcIm1XVun5SvQw1YRarToqELUCUJV12w86t_bKvvii4jzrmz8FeyLvLczxaeXM5qxjvFGV0A&sds=2&rev=88628&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5774 2 KB
1 KB 28ms
25ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5774 2 KB
1 KB 16ms
13ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D542 2 KB
1 KB 23ms
23ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZRoF1QAEP_UJlPFVAAM_1SqQOg3-XMPjCxIFUg&u=%7CSzEvG2f%2BeOkKKYatn1SUWJrHvoLkUDuOebVB4hzgz5s%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cno76PwCYU5ChNmYmO3XJCyMbQHmu86R3v8Ps9nFsOSPW0zndyl-5OPTJR-gJzUPsan0vtyf4yItvpS7Ln_H1xiCPAdi1u-5l9mIOrjhfxkUrWr85BHctmDudJmypd2FYLP5d67y5bSOOkZBBRslD7x0RPxC-OZePoTaZFMuUzDi7MhW8tff1NGa6Tz92HwfRNv8Up0_M71WKjFo7kmM_3N5NSqyfnGvX_tnDge98Q1nOGeMlca-t7DN7oLVBkC3h58jeDQBBKTvrTtr46sOrZYOxSLHq9Ubgf66rj0BE7eh124fvF5HhjGIbpiIbHz-g2eAQRyEAM3FNf1ZGAunyfcTYPV-Ju8dizPVz33AYcTwU49u8aCFuwDIfO5ZEEdTpx0OxfIHQsZqmtVn39EYJMZovQLEYOOgeCNI3AiPIlvcm__csekI0ADvGhp3wFfF6a_7W7srHqE1epo59pkHFVLLyMTf0nuniTZLZAvmaKXGIhxXw_VK0t4WRGzKZ0uCNgf82VoSOKXkEGqbPqckRHAIQXsX_v2Q_1biohpQ55fnJ8JCcCdu-fw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKeEZ1QUaZfX_ENXi0_wP1f-MyAucge-wXOLDuM6jAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE3MzA1MDA1OTg5MjIzMjbIAQmoAwHIAwKqBP8BT9CfPBRmG2G4v3aLkRsYGC8zhxtlic91lWUKzGrODNsxrTplawBn-kCCRUhdw2rFSaHk-TdpPf3a3q5j-qAfhoLN0jWIfu7EBO42h_Hd8g_2AsPslpQNyDqydjW_R4DN9Ps77Fo4PvqkGPz1hbQ1t8yXtQ4Rl0JGpFKGv7NIql7QuKFxIdzRkBna-oTX8XspRgjPVaJ3t-3LOU7ImDkT3luMy1gkA4D3iHOoM3dxwdBj-WanoWcT6dAhK6oP9RzLdOfDYdyH0YC0vaq4VwC__txj3Gz_R16k5xrSDLDbplANDLx01qOSUcW8oPjbOLxKl7uQR4Q5VGTjdvxl0LIUgAbH1fj0k56AvRSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Ed1_f6sMfS2TntIHSoj4PzHp6Mg%26client%3Dca-pub-1730500598922326%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame D542 2 KB
1 KB 11ms
11ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D542 308 B
636 B 12ms
10ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D542 293 B
621 B 10ms
9ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame D542 43 B
347 B 14ms
13ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=OBdolSk_VShchZtfMYcBT4e2uVcFI9vVglcS4pheniIjgN8PJITOsC6WnyPNFwawTUWIkvtl6DXHMqlQhM-vZxlss7D2SAef0D5s6yM7pRdGYfG9rOCMpuGp2KdjNov_nQyizVfZkUloCKVTSU4stnprWwIRw6V3UVNhFzsdWUCiIN7B_g7MXVT9oo6Pxsm74JA2kYk2Q7XoZht8DpFCFp9oNDVdaPHUlFXmrnpHXktanowJlTnbhcBJyNqrRCi4Zb4O2ta1UFxQkM2rZh57541k9s_BfH9dyXn5sx6uHKQ818cwlLitHuhobmybuFTyb0zPMfq03OwUETjON3DhWPfDP41Pp83DYt8tFS7K6J--U_8MMiXRcpj07dDNzJ_z_6WWiyBXqolE4wsZKSOOBgaGD4X0i_hu7f6HB-r6ouz8mQmL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2662395
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A18
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEML07B8a9ZemCaW92z4s3T8&google_cver=1&google_push=AXcoOmQexiLdeCmvvwX8JK4lwhopMB02VpRP4KOXBsxzbcdHf-1Dxlg...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=363a2f7a2f261132&is_secure=true&networkId=14000&version=1&google_gid=CAESEML07B8a9ZemCaW92z4s3T8&google_cver=1&google_push=AXcoOmQexiLd...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGWysp38s0HQMD-nftAAAAAAA&expiration=1696290646&google_cver=1&is_secure=true&google_gid=CAESEML07B8a9ZemCaW92z4s3...

170 B
188 B

26ms
25ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGWysp38s0HQMD-nftAAAAAAA&expiration=1696290646&google_cver=1&is_secure=true&google_gid=CAESEML07B8a9ZemCaW92z4s3T8&google_push=AXcoOmQexiLdeCmvvwX8JK4lwhopMB02VpRP4KOXBsxzbcdHf-1DxlgpquAvzhWWKXo92pX7ZOfeQIaJzDAXgiNIXL_4-L1rQjQLdWE

Requested by

Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGWysp38s0HQMD-nftAAAAAAA&expiration=1696290646&google_cver=1&is_secure=true&google_gid=CAESEML07B8a9ZemCaW92z4s3T8&google_push=AXcoOmQexiLdeCmvvwX8JK4lwhopMB02VpRP4KOXBsxzbcdHf-1DxlgpquAvzhWWKXo92pX7ZOfeQIaJzDAXgiNIXL_4-L1rQjQLdWE
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A18
Redirect Chain

https://aep.mxptint.net/sn.ashx?google_gid=CAESEH2jDzVSlV04qz14YuOb0m0&google_cver=1&google_push=AXcoOmTiJ-f76O83U2dRYureIpg1keFtlZUKs5-rr3bOaWYSJbgC-WEE2QvzwMTViGYlYHcAVAHeKpJZb_ThTOov6l1DjDz6YmabLq8
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmTiJ-f76O83U2dRYureIpg1keFtlZUKs5-rr3bOaWYSJbgC-WEE2QvzwMTViGYlYHcAVAHeKpJZb_ThTOov6l1DjDz6YmabLq8&google_hm=UjMzNjQ2XzEwO...

170 B
188 B

24ms
23ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmTiJ-f76O83U2dRYureIpg1keFtlZUKs5-rr3bOaWYSJbgC-WEE2QvzwMTViGYlYHcAVAHeKpJZb_ThTOov6l1DjDz6YmabLq8&google_hm=UjMzNjQ2XzEwOUU0N0ZCM19FOUVCNEJDMA%3D%3D

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmTiJ-f76O83U2dRYureIpg1keFtlZUKs5-rr3bOaWYSJbgC-WEE2QvzwMTViGYlYHcAVAHeKpJZb_ThTOov6l1DjDz6YmabLq8&google_hm=UjMzNjQ2XzEwOUU0N0ZCM19FOUVCNEJDMA%3D%3D
Date: Sun, 01 Oct 2023 23:50:45 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-379209021; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 349
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A18
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMjs4jOfrttkToJAxAWj_gc&google_cver=1&google_push=AXcoOmQ35Fs5fU9wJL-4_36S_FWBZT85FertKu6LouA8fAQIE0o3QyJsgh0z-9g0tFec0QFqSBKWC8YgjYaYogjW0upKZjxRX-VrnA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8E605A5C60A0435697265185CC160D3F&google_push=AXcoOmQ35Fs5fU9wJL-4_36S_FWBZT85FertKu6LouA8fAQIE0o3QyJsgh0z-9g0tFec0QFqSBKWC8YgjYaYogj...

170 B
188 B

21ms
21ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8E605A5C60A0435697265185CC160D3F&google_push=AXcoOmQ35Fs5fU9wJL-4_36S_FWBZT85FertKu6LouA8fAQIE0o3QyJsgh0z-9g0tFec0QFqSBKWC8YgjYaYogjW0upKZjxRX-VrnA

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 01 Oct 2023 23:50:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8E605A5C60A0435697265185CC160D3F&google_push=AXcoOmQ35Fs5fU9wJL-4_36S_FWBZT85FertKu6LouA8fAQIE0o3QyJsgh0z-9g0tFec0QFqSBKWC8YgjYaYogjW0upKZjxRX-VrnA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 30 Sep 2023 23:50:46 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A18
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEDoD8UxuNL_tLtY0E2d3kZ8&google_cver=1&google_push=AXcoOmSbRL1rA6aQlT_uVBmaWZehJVr_nWk9ACzfkIoz5NyJG2-mjU2bHK0PjKdqEpJZQEoRpZU8F...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSbRL1rA6aQlT_uVBmaWZehJVr_nWk9ACzfkIoz5NyJG2-mjU2bHK0PjKdqEpJZQEoRpZU8FhxQH97aNuzogWAj0kAZ4RGadg

170 B
188 B

25ms
23ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSbRL1rA6aQlT_uVBmaWZehJVr_nWk9ACzfkIoz5NyJG2-mjU2bHK0PjKdqEpJZQEoRpZU8FhxQH97aNuzogWAj0kAZ4RGadg

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 01 Oct 2023 23:50:45 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 8B3DAF7ACB244CFBABCCE8B4F3F5EE06 Ref B: EWR30EDGE0419 Ref C: 2023-10-01T23:50:46Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSbRL1rA6aQlT_uVBmaWZehJVr_nWk9ACzfkIoz5NyJG2-mjU2bHK0PjKdqEpJZQEoRpZU8FhxQH97aNuzogWAj0kAZ4RGadg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYGsFOQp1UBzzlHYs9YTQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A18
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEY6St5OvccRGRy6hleHy_I&google_cver=1&google_push=AXcoOmSGOQlQdcC_Mwx9FfJr_04Ns5ve62-pC6wObYQhg1H5PqJrX-LdvA5rm4QsiW-QFV9KYgs2BD6IWet6nk0YKVWD...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEY6St5OvccRGRy6hleHy_I&google_cver=1&google_push=AXcoOmSGOQlQdcC_Mwx9FfJr_04Ns5ve62-pC6wObYQhg1H5PqJrX-LdvA5rm4QsiW-QFV9KYgs2BD6IWet6nk...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSGOQlQdcC_Mwx9FfJr_04Ns5ve62-pC6wObYQhg1H5PqJrX-LdvA5rm4QsiW-QFV9KYgs2BD6IWet6nk0YKVWD5hLqcDKS5w&google_hm=oyPm_l0aSFKWvGNuSNsR2g==

170 B
188 B

25ms
21ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSGOQlQdcC_Mwx9FfJr_04Ns5ve62-pC6wObYQhg1H5PqJrX-LdvA5rm4QsiW-QFV9KYgs2BD6IWet6nk0YKVWD5hLqcDKS5w&google_hm=oyPm_l0aSFKWvGNuSNsR2g==

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSGOQlQdcC_Mwx9FfJr_04Ns5ve62-pC6wObYQhg1H5PqJrX-LdvA5rm4QsiW-QFV9KYgs2BD6IWet6nk0YKVWD5hLqcDKS5w&google_hm=oyPm_l0aSFKWvGNuSNsR2g==
Date: Sun, 01 Oct 2023 23:50:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A18
Redirect Chain

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEFfWb5DJa53D9libKa2-aKI&google_cver=1&google_push=AXcoOmT-zBLPjkuVAW2n_doyKvV7VsDAgn3t6GZ_rd2Q5AoZJ8gNs0GCAiq5r7IDm7v3NOxXBlWqG7J-8YRj3aC...
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=oLxS8x94uEOMaaAUnJyXzQ&google_push=AXcoOmT-zBLPjkuVAW2n_doyKvV7VsDAgn3t6GZ_rd2Q5AoZJ8gNs0GCAiq5r7IDm7v3NOxXBlWqG7J-8YRj3aClHH6cnynKh...

170 B
188 B

23ms
20ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=oLxS8x94uEOMaaAUnJyXzQ&google_push=AXcoOmT-zBLPjkuVAW2n_doyKvV7VsDAgn3t6GZ_rd2Q5AoZJ8gNs0GCAiq5r7IDm7v3NOxXBlWqG7J-8YRj3aClHH6cnynKhOFmbuxM

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=oLxS8x94uEOMaaAUnJyXzQ&google_push=AXcoOmT-zBLPjkuVAW2n_doyKvV7VsDAgn3t6GZ_rd2Q5AoZJ8gNs0GCAiq5r7IDm7v3NOxXBlWqG7J-8YRj3aClHH6cnynKhOFmbuxM
Date: Sun, 01 Oct 2023 23:50:46 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A18
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEGEbLGN9HeOr33-t-bw1AWo&google_cver=1&google_push=AXcoOmSt66lanoJzM119yixwvRe7uO27oVUbMIsfWkaZzh_z2wcZGt6J55Gb5nx5S0F...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSt66lanoJzM119yixwvRe7uO27oVUbMIsfWkaZzh_z2wcZGt6J55Gb5nx5S0F2otPbgxClYv4yNykTivt7aSVQXnm1vekjSr4

170 B
188 B

21ms
21ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSt66lanoJzM119yixwvRe7uO27oVUbMIsfWkaZzh_z2wcZGt6J55Gb5nx5S0F2otPbgxClYv4yNykTivt7aSVQXnm1vekjSr4

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id: 2b63ad99.396b699b
date: Sun, 01 Oct 2023 23:50:46 GMT
x-bytefaas-request-id: 2023100123504542D4F31908701761EB07
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-118-198.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51461813) (-)
x-parent-response-time: 50,104.126.118.198
server-timing: cdn-cache; desc=MISS, edge; dur=8, origin; dur=42, inner; dur=38
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023100123504542D4F31908701761EB07
x-cache-remote: TCP_MISS from a23-207-199-91.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51461813) (-)
access-control-max-age: 86400
access-control-allow-methods: *
location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSt66lanoJzM119yixwvRe7uO27oVUbMIsfWkaZzh_z2wcZGt6J55Gb5nx5S0F2otPbgxClYv4yNykTivt7aSVQXnm1vekjSr4
x-bytefaas-execution-duration: 37.06
access-control-allow-origin: *
access-control-allow-credentials: true
x-origin-response-time: 42,23.207.199.91
x-tt-trace-host: 01c22680f231d0792a5f7e4db798f8808a0aeb059f7a9931e89bc89f9d46f8de7fa9ec61bd953b2aeab4aa9e87f09260194973380fae46d809742f5c06e1fe3e790ef6809a90cb5b7aa6988a016da57cc5d3b51b9d0ba37308a860ed5bc9746205ae97c178959ee53e81fd98d25968d469
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: *
expires: Sun, 01 Oct 2023 23:50:46 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1A18 0
139 B 70ms
20ms Image
text/html 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JDcyxFhWIB2be8El_0AZ_4FE6dp_DOFwl7NguTOd5xUoE3WoXqWOUEyqCjXNXupscWthPueMY

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 019C
Redirect Chain

https://aep.mxptint.net/sn.ashx?google_gid=CAESEM0FsejYAb-4cfe5gAyzNkI&google_cver=1&google_push=AXcoOmQDFHpUO_dem2qpL0bFesAzfTY72vAuwvcXbRG6C5duGQwKUUmYnRZ5vdiZqfbDMwC8RfJ0Wr7Sb6V0hcj-cTZJON_UVc1kbg
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQDFHpUO_dem2qpL0bFesAzfTY72vAuwvcXbRG6C5duGQwKUUmYnRZ5vdiZqfbDMwC8RfJ0Wr7Sb6V0hcj-cTZJON_UVc1kbg&google_hm=UjMzNjQ1XzEwOU...

170 B
188 B

26ms
25ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQDFHpUO_dem2qpL0bFesAzfTY72vAuwvcXbRG6C5duGQwKUUmYnRZ5vdiZqfbDMwC8RfJ0Wr7Sb6V0hcj-cTZJON_UVc1kbg&google_hm=UjMzNjQ1XzEwOUU0N0ZCM19FQTYwRjk5Qw%3D%3D

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQDFHpUO_dem2qpL0bFesAzfTY72vAuwvcXbRG6C5duGQwKUUmYnRZ5vdiZqfbDMwC8RfJ0Wr7Sb6V0hcj-cTZJON_UVc1kbg&google_hm=UjMzNjQ1XzEwOUU0N0ZCM19FQTYwRjk5Qw%3D%3D
Date: Sun, 01 Oct 2023 23:50:44 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-379208965; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 348
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 019C
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESENSDhpoDqW_K15CZA2IN6m0&google_cver=1&google_push=AXcoOmT_BKTU8M0u-2AbZWDDPEiAoQKzoXzdhhGU55EPIS_SAYGqZB8veCOeA8d4bHiYX2Qbxaz5OObdk5pWbAmP...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BE_mlOg3TXs9Bs1ZKoNLDQ&google_push=AXcoOmT_BKTU8M0u-2AbZWDDPEiAoQKzoXzdhhGU55EPIS_SAYGqZB8veCOeA8d4bHiYX2Qbxaz5OObdk5pWbAmPSIoxXOuGHi-kbEk

170 B
188 B

21ms
20ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BE_mlOg3TXs9Bs1ZKoNLDQ&google_push=AXcoOmT_BKTU8M0u-2AbZWDDPEiAoQKzoXzdhhGU55EPIS_SAYGqZB8veCOeA8d4bHiYX2Qbxaz5OObdk5pWbAmPSIoxXOuGHi-kbEk

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 01 Oct 2023 23:50:45 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BE_mlOg3TXs9Bs1ZKoNLDQ&google_push=AXcoOmT_BKTU8M0u-2AbZWDDPEiAoQKzoXzdhhGU55EPIS_SAYGqZB8veCOeA8d4bHiYX2Qbxaz5OObdk5pWbAmPSIoxXOuGHi-kbEk
x-host: tde-deliveryengine-production-8b9d7bc7f-vdwpm
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 019C
Redirect Chain

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEKzqcVHR2ZIDla9IjuD6SdA&google_cver=1&google_push=AXcoOmSrseNCYAr5FahRCCfeZjHuC-EtMxZ5zCWsy0de8F9UGXxRCo0gOdUfh0_-F5lk2lCvp5aSK1capcW7UgI...
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=Q-Kq1T4q7zNkyT_dn-ltMc&tap=gAds&google_gid=CAESEKzqcVHR2ZIDla9IjuD6SdA&google_cver=1&google_push=AXcoOmSrseNCYAr5FahRCCfeZjHuC-EtMxZ5...

170 B
188 B

53ms
52ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=Q-Kq1T4q7zNkyT_dn-ltMc&tap=gAds&google_gid=CAESEKzqcVHR2ZIDla9IjuD6SdA&google_cver=1&google_push=AXcoOmSrseNCYAr5FahRCCfeZjHuC-EtMxZ5zCWsy0de8F9UGXxRCo0gOdUfh0_-F5lk2lCvp5aSK1capcW7UgIbf9aJVDFYk6MYOfU

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
via: HTTP/2.0 odnd
date: Sun, 01 Oct 2023 23:50:46 GMT
last-modified: Thu, 21 Sep 2023 04:14:34 GMT
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=Q-Kq1T4q7zNkyT_dn-ltMc&tap=gAds&google_gid=CAESEKzqcVHR2ZIDla9IjuD6SdA&google_cver=1&google_push=AXcoOmSrseNCYAr5FahRCCfeZjHuC-EtMxZ5zCWsy0de8F9UGXxRCo0gOdUfh0_-F5lk2lCvp5aSK1capcW7UgIbf9aJVDFYk6MYOfU
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-tb: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 019C
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBEImG2UC0e0oVO0xn9AuJw&google_cver=1&google_push=AXcoOmToMhwm6Ov9w6KqPC-Z4KFYvSUk8_YNMbQ6l0VYIXgEWcyQ3FSfej73q3n3vXjt-da9ne_iXe3I...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBEImG2UC0e0oVO0xn9AuJw&google_cver=1&google_push=AXcoOmToMhwm6Ov9w6KqPC-Z4KFYvSUk8_YNMbQ6l0VYIXgEWcyQ3FSfej73q3n3vXjt-da9ne_...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjEzOTU4MzU2MDczMjE1MDM5Mw&google_push=AXcoOmToMhwm6Ov9w6KqPC-Z4KFYvSUk8_YNMbQ6l0VYIXgEWcyQ3FSfej73q3n3vXjt-da9ne_iXe...

170 B
188 B

22ms
21ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjEzOTU4MzU2MDczMjE1MDM5Mw&google_push=AXcoOmToMhwm6Ov9w6KqPC-Z4KFYvSUk8_YNMbQ6l0VYIXgEWcyQ3FSfej73q3n3vXjt-da9ne_iXe3ICpskODZoQLSC59W_S8Jy_g

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjEzOTU4MzU2MDczMjE1MDM5Mw&google_push=AXcoOmToMhwm6Ov9w6KqPC-Z4KFYvSUk8_YNMbQ6l0VYIXgEWcyQ3FSfej73q3n3vXjt-da9ne_iXe3ICpskODZoQLSC59W_S8Jy_g
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 019C 43 B
363 B 51ms
10ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTZzcDq7pFq0vJoyM9Y6xYGpPT5pm3ZB1dAN9nXomGUmDzm0sRkgXyGarHROAp_hSw0glt3ph1eQGs2Ce50sWTZVK5TEF9WLfI&google_gid=CAESENw2_0ZSDXeyDB-llv9DYLA&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:45 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 172473
expires: Sun, 01 Oct 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 019C
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEBH-a8IZYLzhsXS8PXP_wSI&google_cver=1&google_push=AXcoOmSnIg9QT8qEYF9zgECSL0jIaqf0SwR67JfwBQA_ehsjT-LpKXTHz8WL9PgJqA8d1kvGs3hR3MmD7clGUhM...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=dISjD0srWlVGuKnQKPQfawW16oQ&google_push=AXcoOmSnIg9QT8qEYF9zgECSL0jIaqf0SwR67JfwBQA_ehsjT-LpKXTHz8WL9PgJqA8d1kvGs3hR3MmD7clGUh...

170 B
188 B

20ms
19ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=dISjD0srWlVGuKnQKPQfawW16oQ&google_push=AXcoOmSnIg9QT8qEYF9zgECSL0jIaqf0SwR67JfwBQA_ehsjT-LpKXTHz8WL9PgJqA8d1kvGs3hR3MmD7clGUhMEh4xHb93wOg0Iwls

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=dISjD0srWlVGuKnQKPQfawW16oQ&google_push=AXcoOmSnIg9QT8qEYF9zgECSL0jIaqf0SwR67JfwBQA_ehsjT-LpKXTHz8WL9PgJqA8d1kvGs3hR3MmD7clGUhMEh4xHb93wOg0Iwls
Date: Sun, 01 Oct 2023 23:50:45 GMT
Connection: keep-alive
Content-Length: 245
Content-Type: text/html; charset=utf-8

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 019C
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESECiqdgpCObnyfa50sIe_4i0?ext-param=AXcoOmSMaG8YWP81rXxHW5AjYMqb3GpX_gTHIw7tfqH7v677htcMn9jaYXalmqXLM-zNgOwZ8TJadxBl0FL9jKSl6RPRJy44EW7OAG8&partner-tag=yandex_a...
https://an.yandex.ru/mapuid/google/CAESECiqdgpCObnyfa50sIe_4i0?redir-setuniq=1&ext-param=AXcoOmSMaG8YWP81rXxHW5AjYMqb3GpX_gTHIw7tfqH7v677htcMn9jaYXalmqXLM-zNgOwZ8TJadxBl0FL9jKSl6RPRJy44EW7OAG8&part...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESECiqdgpCObnyfa50sIe_4i0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

151ms
151ms

Image
image/gif

87.250.250.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/

Protocol

Server

87.250.250.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 15 Sep 2024 23:50:46 GMT

Redirect headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 019C 0
49 B 65ms
20ms Image
text/html 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KXGdo1GIicswpjnwB7f_kn2acefkoBuJvOa0rkwYLZ8hrnCdka5b5wkacWzWZ2tOzSZLSL7g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A28D 12 KB
5 KB 20ms
9ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1956627
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdtZn5ENyiAYKkQujzwYVqIC7EgSdsyRL%2FTF4mT%2F7n2eeWGgItGj4WIGWw2tjZaq6ns8TN5vBwHV2lm5MjGnVuNT8TMXLrKpjK6VUkVIEk5TGmeurKvBY7UWy%2BKeIIicqW5r39kA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80f89c19395e41f8-EWR
expires: Fri, 20 Sep 2024 23:50:45 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame A28D 12 KB
6 KB 14ms
13ms Script
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9A29 12 KB
5 KB 10ms
10ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1956627
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yoZ5tp9jmr3iiiwK22Je9Ifd1NI1f97jh%2BsPCBWrMWZHvPId7WV3Wtcq0jvdIZda6lZZ1YceMxiTYjhEMk5rPnXEZgVfLkBmSvjOLRfaM8XhoA15y15R%2Bfap8z%2Fh8N7M7i6T5HQW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80f89c19396b41f8-EWR
expires: Fri, 20 Sep 2024 23:50:45 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 9A29 12 KB
6 KB 11ms
9ms Script
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:45 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D542 12 KB
5 KB 14ms
10ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1956628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cf6S0NuvbiOrRs2ynNXNLjitJ0G%2B%2FH4awwwAUYgUQk4GKWUZpFu6ZPI2FgE1xJGIvL3Jj%2FmgAdyZo2dyfQTeeMA8WcBHqpdSWPBL0HBaGbRsrXUgVX0JvJK0YpFoB%2BfAk5pM5ly0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80f89c199a1841f8-EWR
expires: Fri, 20 Sep 2024 23:50:46 GMT

GET
DATA 200
OK truncated
/ Frame 5886 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49dc12acf0f7998996e52b8a5c730d1e447860e20c70ec48a123738f5566ac5d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame E021
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEpN-ncXHThcOB1WzNLDukE&google_cver=1&google_push=AXcoOmR7P3TMzXB01y7Zm1sMrYbe59zvk9kn746jIAV739K26cJWGTG1SkZZc-StD5cgUGRu8tyPcAPlAbPFXxHtoyl4B0ZP5y9AaGw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NjkyMTY0Nzc4NDY4NjM4Njc1Mg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEpN-ncXHThcOB1WzNLDukE&google_cver=1

43 B
398 B

63ms
27ms

Image
image/gif

50.116.194.21
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEpN-ncXHThcOB1WzNLDukE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&h=280&adk=2550612135&adf=3020769239&pi=t.aa~a.245933387~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696240245&rafmt=1&to=qs&pwprc=1275318804&format=1200x280&url=https%3A%2F%2Ftelegram-downloads.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204245229&bpp=1&bdt=1162&idt=0&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48bcaa1e0f69cd79-2224e2fc76e40078%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_MaBpbUoeP6xV5wkmbX_vNyl2v1pAQ&gpic=UID%3D00000d96405a144e%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_Mb7-GVFS4k8qi62VqnuGOOxs0zQFA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=4&correlator=1200992134216&frm=20&pv=1&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=DmBTzvygR5&p=https%3A//telegram-downloads.ru&dtd=22
Protocol: H2
Server: 50.116.194.21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS: presentation-atl1.turn.com
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEpN-ncXHThcOB1WzNLDukE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E021
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMyywTmh639pLGcMqfTOppA&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMyywTmh639pLGcMqfTOppA&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bTc4eEtIY2gxUU42ZDA1&google_gid=CAESEMyywTmh639pLGcMqfTOppA&google_cver=1&google_push=AXcoOmQVfaj-eI3beiC7zYeF9Cl2GLeUvRhBOic-O05P94L...

170 B
188 B

22ms
20ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bTc4eEtIY2gxUU42ZDA1&google_gid=CAESEMyywTmh639pLGcMqfTOppA&google_cver=1&google_push=AXcoOmQVfaj-eI3beiC7zYeF9Cl2GLeUvRhBOic-O05P94Lwe_Is-nIAjwdL_KFlmBsU0a48Jr_eYdB6f8Z9qNji-xDknmu8L9OrzBM

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 01 Oct 2023 23:50:45 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-789-g976496f#rel-ec2-master i-04f592273d9bc5f89@us-east-1b@dxedge-app-us-east-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bTc4eEtIY2gxUU42ZDA1&google_gid=CAESEMyywTmh639pLGcMqfTOppA&google_cver=1&google_push=AXcoOmQVfaj-eI3beiC7zYeF9Cl2GLeUvRhBOic-O05P94Lwe_Is-nIAjwdL_KFlmBsU0a48Jr_eYdB6f8Z9qNji-xDknmu8L9OrzBM
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E021
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEIO4BTWKe2bDIxYhdWnhwKk&google_cver=1&google_push=AXcoOmRqrrHU0TUfYAHLuaMSkzyi7QTc6fJbfhLFQ_ZNnEewkgdpHCwG_EqR33bXP4BeZYkuBXU1C...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRqrrHU0TUfYAHLuaMSkzyi7QTc6fJbfhLFQ_ZNnEewkgdpHCwG_EqR33bXP4BeZYkuBXU1CNSzG16vG688-nSCIusaAi4myWQ

170 B
188 B

25ms
23ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRqrrHU0TUfYAHLuaMSkzyi7QTc6fJbfhLFQ_ZNnEewkgdpHCwG_EqR33bXP4BeZYkuBXU1CNSzG16vG688-nSCIusaAi4myWQ

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 01 Oct 2023 23:50:45 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F98D7B0D752349B99227E63C8FC32E46 Ref B: EWR30EDGE0419 Ref C: 2023-10-01T23:50:46Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRqrrHU0TUfYAHLuaMSkzyi7QTc6fJbfhLFQ_ZNnEewkgdpHCwG_EqR33bXP4BeZYkuBXU1CNSzG16vG688-nSCIusaAi4myWQ
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYGsFOQrXGPjhwtu48UxQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E021
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHkLfgitfsWX4pESDo6YWxc&google_cver=1&google_push=AXcoOmS2ofHF2r0fd-selcUjpYUMGQISPHUVaL9hOVlxHhJWZRTa1J196RPPVz5ihLBJAjgXH_wCJ-apVYe-kM3Ssa...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEHkLfgitfsWX4pESDo6YWxc&google_cver=1&google_push=AXcoOmS2ofHF2r0fd-selcUjpYUMGQISPHUVaL9hOVlxHhJWZRTa1J196RPPVz5ihLBJAjgXH_wCJ-apVYe-kM3Ssa...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDU1NGI0MDYtOGNhOS00YjZiLWI1MTEtYmYyNmEyYzgyM2E0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d554b406-8ca9-4b6b-b511-bf26a2c823a4

170 B
188 B

22ms
21ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDU1NGI0MDYtOGNhOS00YjZiLWI1MTEtYmYyNmEyYzgyM2E0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d554b406-8ca9-4b6b-b511-bf26a2c823a4

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDU1NGI0MDYtOGNhOS00YjZiLWI1MTEtYmYyNmEyYzgyM2E0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d554b406-8ca9-4b6b-b511-bf26a2c823a4
date: Sun, 01 Oct 2023 23:50:46 GMT
server: Kestrel
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E021
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEPDE1VqmCd8wRVMW0ckZ0f4&google_cver=1&google_push=AXcoOmS1ZEXHiirJaB-jChyp9xgn1--5f0AFJ-qTypIuoQ9uAzn2-M74224T-dqhWLgoOz_jLEka9k9QPP9Rw0sgOUAysBKgR...
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=835116527841&us_privacy=1---

170 B
188 B

21ms
20ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=835116527841&us_privacy=1---

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=835116527841&us_privacy=1---
Content-Length: 0

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/ Frame E021 43 B
641 B 543ms
171ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/asr?google_gid=CAESEF8jQ17z1q-Zzx_Xe8doQiA&google_cver=1&google_push=AXcoOmScWTs3sX4vqPvyAMcWkSALVCdAgmXmzlLbSae6QhUzybl7xKd16I_oWEcNrzr3Wu6uWL1z913qSmIfbffq7FX_2NlGaJ3T6dw

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sun, 01 Oct 2023 23:50:46 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E021
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQHgIDrGtxizKJ_eEpLFBfk8QkxaLwywKdVwjY_4kVQtBxUm9DReWbagn9ksiAfHh0jKog3P4dZ_RJqpRFI_PhKWeLu17OPcbhJ&google_gid=CAESEKi48oWOh...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKi48oWOhnZOcETllbHz_TE&google_hm=T1BVMjEwM2Y5MTk2YWY2NDVlZmI3MDNlZGYyMjA1NDIyN2I&google_nid=opera_norway_as&google_push=AXcoOmQHgIDr...

170 B
188 B

52ms
51ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKi48oWOhnZOcETllbHz_TE&google_hm=T1BVMjEwM2Y5MTk2YWY2NDVlZmI3MDNlZGYyMjA1NDIyN2I&google_nid=opera_norway_as&google_push=AXcoOmQHgIDrGtxizKJ_eEpLFBfk8QkxaLwywKdVwjY_4kVQtBxUm9DReWbagn9ksiAfHh0jKog3P4dZ_RJqpRFI_PhKWeLu17OPcbhJ

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:46 GMT
server: nginx
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKi48oWOhnZOcETllbHz_TE&google_hm=T1BVMjEwM2Y5MTk2YWY2NDVlZmI3MDNlZGYyMjA1NDIyN2I&google_nid=opera_norway_as&google_push=AXcoOmQHgIDrGtxizKJ_eEpLFBfk8QkxaLwywKdVwjY_4kVQtBxUm9DReWbagn9ksiAfHh0jKog3P4dZ_RJqpRFI_PhKWeLu17OPcbhJ
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 328
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E021 0
40 B 22ms
18ms Image
text/html 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LNjNVWa04d7IxBnhPgzBKQvvQ73HqIxpTTT4IOWvBy0hGpSA480yI0yFtcitPQjVt5cJNQ0w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame D614 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d13c93627a5515fcc6223d2224b4ded6bd84b494490e38945be34b30f850c96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame A28D 97 KB
97 KB 11ms
9ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1aa898a7d416aaa7f09cc1871426404841d168cf0d0c6eb93cf6efc2cdcaa4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 98938
expires: Mon, 26 Aug 2024 15:35:18 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame A28D 2 KB
2 KB 14ms
12ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F47%2F47350011LS_14_F.JPG&v=3&w=400&s=j00FynnJZ0-QY8ZkgwUvvbkS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

87c296933952b4969256a3ed7c9a3f7e50116ecbedbc7e27e1395012355aadab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 2096
expires: Sat, 14 Sep 2024 23:04:04 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame A28D 11 KB
11 KB 14ms
12ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F15%2F15117721GX_14_F.JPG&v=3&w=400&s=e-1TWXE4FX5OGH5ZpRJavcY8&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

18e160783c2d1e7d78c2c8d017244b253515f87fd05c86c541e74b4fc18b7f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 10956
expires: Tue, 03 Sep 2024 12:14:55 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame A28D 4 KB
4 KB 11ms
9ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F30%2F30114389GI_14_F.JPG&v=3&w=400&s=ECpiboMvizyLHlapOEm22Lvw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

9a4722a7cd0c22f78f28ee8a8cabbbe9beade0207ec4b0b2cde4ef443665584d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 3804
expires: Mon, 02 Sep 2024 02:17:50 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame A28D 5 KB
5 KB 14ms
13ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F17%2F17292205DE_14_F.JPG&v=3&w=400&s=BEMHmxxeqWG5LPcvGExK5LIw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f3b9348806bbe09b1e6c10499ab60c3807b6f07a46d9a60a652faab0f4dc508a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 4688
expires: Wed, 18 Sep 2024 03:55:41 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame A28D 6 KB
7 KB 12ms
11ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F12%2F12936265GB_14_F.JPG&v=3&w=400&s=DCck6t0ye5v2VmAIxFsRK1Cu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

108b201f90aa1fac41dc0277a8a8c79e1a6e8f1e63f9845dc2d7df156ad85b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 6522
expires: Fri, 13 Sep 2024 09:38:58 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame A28D 9 KB
9 KB 11ms
11ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F58%2F58069947DF_14_F.JPG&v=3&w=400&s=MXNcOdR042oBK-ckhkYCcvha&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

a1d1c9dafa628fe545e83f0012de7112dc82508df04e65deb72139cbd569c7da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 9418
expires: Fri, 13 Sep 2024 07:20:42 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame A28D 0
128 B 76ms
15ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=Pmj0Bj3WCRtG75aQMQH3_1Zo8UnUBDy5kWTGF54z9CUUKf7Cu9CgqAzi8d3VbaaA6i3D6e9h4NC6bUP-jeoObnWoDzrIfajO38R1cISQNmsieLpVqr-RaLEexNQbZVVujIFBJ1qOKeHL0HABVWppnqHTzmJO1OsPJuCnHtt9nTe3CTm63AjadOrOHrW8URTKM5P_K5MaOr81p8d8M6hD9EqwpgF8fEc3-YlVRQTSbKKL0ghoZWnEUmJdfmoSVLjTzJAmbg&sds=2&rev=88628&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A28D 2 KB
1 KB 11ms
11ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A28D 2 KB
1 KB 10ms
9ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
69 KB 336ms
336ms Script
application/javascript 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/share2/share.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

2bbdea1641907d8624ed5fff410ac82a57e6328332422a0118067115a0c92af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 28 Sep 2023 11:23:40 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6515380c-114b6"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70838
expires: Mon, 02 Oct 2023 00:50:46 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9A29 97 KB
97 KB 15ms
8ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1aa898a7d416aaa7f09cc1871426404841d168cf0d0c6eb93cf6efc2cdcaa4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 98938
expires: Mon, 26 Aug 2024 15:35:18 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9A29 2 KB
2 KB 20ms
12ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F47%2F47350011LS_14_F.JPG&v=3&w=400&s=j00FynnJZ0-QY8ZkgwUvvbkS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

87c296933952b4969256a3ed7c9a3f7e50116ecbedbc7e27e1395012355aadab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 2096
expires: Sat, 14 Sep 2024 23:04:04 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9A29 5 KB
5 KB 16ms
10ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F12%2F12990952IR_14_F.JPG&v=3&w=400&s=xl0slGvoKzN9dbX767DWpDY_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

a56a1e28a24ba018d8af6dff55c849eba2f36876b9abc667cdb41c74431d6217

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 4990
expires: Thu, 19 Sep 2024 22:57:09 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9A29 2 KB
2 KB 18ms
11ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F46%2F46924643EN_14_F.JPG&v=3&w=400&s=_7GUa14qcfdivJr_4J265Xzj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

5c1f86873ae4a57b120e9a74e292181644a570fb97c84cd2cd4ac29ed67bea02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 2254
expires: Wed, 18 Sep 2024 20:00:30 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9A29 5 KB
5 KB 19ms
13ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F17%2F17292205DE_14_F.JPG&v=3&w=400&s=BEMHmxxeqWG5LPcvGExK5LIw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f3b9348806bbe09b1e6c10499ab60c3807b6f07a46d9a60a652faab0f4dc508a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 4688
expires: Wed, 18 Sep 2024 03:55:41 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9A29 4 KB
4 KB 17ms
11ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F30%2F30114389GI_14_F.JPG&v=3&w=400&s=ECpiboMvizyLHlapOEm22Lvw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

9a4722a7cd0c22f78f28ee8a8cabbbe9beade0207ec4b0b2cde4ef443665584d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 3804
expires: Mon, 02 Sep 2024 02:17:50 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9A29 7 KB
7 KB 23ms
18ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F16%2F16246624AQ_14_F.JPG&v=3&w=400&s=sx7wN1X4KxruMmvyLNQNt1dr&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

0f252de0a65325111b4613508c20a74f1eaac2ba6d2b4cbc996ba21068a273d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 7406
expires: Mon, 09 Sep 2024 03:49:30 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 9A29 0
127 B 21ms
17ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=DEmuzT3WCRtG75aQJcZRHjS42mxCbXiw0ME04FBok6T-TFQgSen9NIFMA4IxPjGYGwlFtpOFkUQMn2NXzbEsGfUxva3KlxpOGLqycVzjMzMrbj9PyzMwr16xMzWZ-mgkxN0fbxSbH8bpOUAF0Kvcf2y5bvOURH6qEyRWtGCxcAeMLeZ39EafLLRwdZMyOxm35VZ2ZNmw4LSYqLoLlNt9O06M3YeiFVv0lj-roI4ThsDQDRSSquU_5Ml-oYgn-zxvbPfCzg&sds=2&rev=88628&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9A29 2 KB
1 KB 17ms
14ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9A29 2 KB
1 KB 15ms
13ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
DATA 200
OK truncated
/ Frame 647D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd535fb2f8e98a1170d153122fdc5f89623d28aab324a3cc8c38098b60e8311d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D542 12 KB
6 KB 16ms
15ms Script
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D542 97 KB
97 KB 13ms
11ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1aa898a7d416aaa7f09cc1871426404841d168cf0d0c6eb93cf6efc2cdcaa4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 98938
expires: Mon, 26 Aug 2024 15:35:18 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D542 6 KB
7 KB 16ms
13ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F12%2F12936265GB_14_F.JPG&v=3&w=400&s=DCck6t0ye5v2VmAIxFsRK1Cu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

108b201f90aa1fac41dc0277a8a8c79e1a6e8f1e63f9845dc2d7df156ad85b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 6522
expires: Fri, 13 Sep 2024 09:38:58 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D542 2 KB
2 KB 15ms
13ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F47%2F47350011LS_14_F.JPG&v=3&w=400&s=j00FynnJZ0-QY8ZkgwUvvbkS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

87c296933952b4969256a3ed7c9a3f7e50116ecbedbc7e27e1395012355aadab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 2096
expires: Sat, 14 Sep 2024 23:04:04 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D542 4 KB
4 KB 16ms
14ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F30%2F30114389GI_14_F.JPG&v=3&w=400&s=ECpiboMvizyLHlapOEm22Lvw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

9a4722a7cd0c22f78f28ee8a8cabbbe9beade0207ec4b0b2cde4ef443665584d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 3804
expires: Mon, 02 Sep 2024 02:17:50 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D542 2 KB
2 KB 17ms
16ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F46%2F46924643EN_14_F.JPG&v=3&w=400&s=_7GUa14qcfdivJr_4J265Xzj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

5c1f86873ae4a57b120e9a74e292181644a570fb97c84cd2cd4ac29ed67bea02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 2254
expires: Wed, 18 Sep 2024 20:00:30 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D542 5 KB
5 KB 16ms
15ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F17%2F17292205DE_14_F.JPG&v=3&w=400&s=BEMHmxxeqWG5LPcvGExK5LIw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f3b9348806bbe09b1e6c10499ab60c3807b6f07a46d9a60a652faab0f4dc508a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 4688
expires: Wed, 18 Sep 2024 03:55:41 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D542 1 KB
1 KB 14ms
13ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F12%2F12805473QJ_14_F.JPG&v=3&w=400&s=Jow6966kgXAg57429aYIn8pY&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

24bd34754ce623ce230e5271ae6366f26963fb1304a1dba6420ad92f0ea0abcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
time-allow-origin: *
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 1142
expires: Thu, 22 Aug 2024 16:11:26 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame D542 0
127 B 13ms
13ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=1xjabT3WCRtG75aQkexDXqW6Kma7vfAI-yFAZVmZd7ssMBMetCtJXzBhmygdb3mwv_FenrLGDuN6R88HqYS64tNGBq_XT9ojjTm9fbmq6VemnX-fJxiKG_Ofb0voSVSbrkJ1gE5SjVPl6_gz8vJ2ZtANUsYQ4bxWK5O1QFiTkRV35S8e5xYsPU-ziATT3N0nfT4MDD7m4Sj8pobS2yJsbXG7PfyxZft0LF0c6jDBfrB9Egul97bsHvKkEnDhM9lsLa4dvw&sds=2&rev=88628&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D542 2 KB
1 KB 13ms
13ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D542 2 KB
1 KB 12ms
12ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 montserrat-400.css
static.criteo.net/design/googlefont/montserrat/ Frame 13D1 2 KB
803 B 16ms
13ms Stylesheet
text/css 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 montserrat-700.css
static.criteo.net/design/googlefont/montserrat/ Frame 13D1 2 KB
803 B 17ms
15ms Stylesheet
text/css 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7f-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 montserrat-400.css
static.criteo.net/design/googlefont/montserrat/ Frame 5774 2 KB
803 B 18ms
16ms Stylesheet
text/css 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 montserrat-700.css
static.criteo.net/design/googlefont/montserrat/ Frame 5774 2 KB
803 B 17ms
16ms Stylesheet
text/css 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7f-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 montserrat-400.css
static.criteo.net/design/googlefont/montserrat/ Frame A28D 2 KB
803 B 13ms
10ms Stylesheet
text/css 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 montserrat-700.css
static.criteo.net/design/googlefont/montserrat/ Frame A28D 2 KB
803 B 11ms
8ms Stylesheet
text/css 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7f-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 montserrat-400.css
static.criteo.net/design/googlefont/montserrat/ Frame 9A29 2 KB
803 B 12ms
9ms Stylesheet
text/css 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 montserrat-700.css
static.criteo.net/design/googlefont/montserrat/ Frame 9A29 2 KB
803 B 13ms
11ms Stylesheet
text/css 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7f-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 montserrat-400.css
static.criteo.net/design/googlefont/montserrat/ Frame D542 2 KB
803 B 15ms
11ms Stylesheet
text/css 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 montserrat-700.css
static.criteo.net/design/googlefont/montserrat/ Frame D542 2 KB
803 B 12ms
8ms Stylesheet
text/css 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7f-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 montserrat-400-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame 13D1 12 KB
13 KB 344ms
25ms Font
application/octet-stream 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-31a4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 montserrat-400-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame 5774 12 KB
13 KB 325ms
11ms Font
application/octet-stream 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-31a4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 montserrat-400-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame A28D 12 KB
13 KB 269ms
20ms Font
application/octet-stream 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-31a4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 montserrat-700-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame A28D 13 KB
13 KB 273ms
26ms Font
application/octet-stream 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

28f403366c2c520bfff7d5a0883f1d53e1e87ba1c8202f3f29e6395a0b66806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7f-3230"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5886 0
133 B 33ms
31ms Image
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFjsH1QUaZby9EOf9zLUPw_KHmAacge-wXLLtt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE3MzA1MDA1OTg5MjIzMjbIAQmoAwHIAwKqBPwBT9AI-z_bEPSCRXAVmkeoOaA0V5Er0wDxuuTyyweShiho5VIQOfrmg3C5pAyibgxj7Kps6hnGw0gM-dy29PgFIbR_202XUOKu7sKz-UdSoShZZf5843ZKfonz1Go-b3zRtFnzDpvp-IYV47kNfiCqR_aEhgWX0NQenLe3fYnV3n4U_3sz3hoCQ_BmMr26Esc5fpvldJtMNeK9cD4rQBieOmyMm70-cRTfVdeOLF0Hj1z_0EvQ7vm9keRhsW_wQYP6GQPXHORnzQKM7DdnEEACqtffGmPDsRpKGE5kvVC3A0f4MHH2Dfo0z88DXYVulUpqfha4ORL9zKSRJXZtgAbH1fj0k56AvRSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTE3MzA1MDA1OTg5MjIzMjYYAA&sigh=loKj8Y16dqw&uach_m=[UACH]&cid=CAQSOwDICaaNvEZiixOz4ZL-NB4p2z5r32_EYgGliVlIVWTxtznBIxINOqx3DCYI94pSdjNi_y7hDdRCx7IZGAE&cbvp=2&vis=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1696240245&rafmt=1&to=qs&pwprc=1275318804&format=1200x280&url=https%3A%2F%2Ftelegram-downloads.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204245229&bpp=1&bdt=1162&idt=-M&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48bcaa1e0f69cd79-2224e2fc76e40078%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_MaBpbUoeP6xV5wkmbX_vNyl2v1pAQ&gpic=UID%3D00000d96405a144e%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_Mb7-GVFS4k8qi62VqnuGOOxs0zQFA&prev_fmts=0x0%2C1200x280&nras=2&correlator=1200992134216&frm=20&pv=1&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=kIa02h8WK1&p=https%3A//telegram-downloads.ru&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 01 Oct 2023 23:50:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 5886 0
125 B 334ms
10ms Image
text/plain 74.119.119.130
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kIfQEs36RLAJmALiIp0XAgAAAO5tnBEqPq5MENQFGmWYMfZyDUCaEf09AAASAAAKCkFRVUJDZ0VCQ2c&wp=ZRoF1QAEHrwAsz7nAAH5Q_kXokkULpPTeha6Dg&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.130 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 191136
server: Kestrel
content-length: 0

GET
H2 200 montserrat-400-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame 9A29 12 KB
13 KB 260ms
18ms Font
application/octet-stream 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-31a4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame D614 0
56 B 33ms
31ms Image
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ca0vV1QUaZbPDEPXP0_wP_bOe2Amcge-wXLLtt52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE3MzA1MDA1OTg5MjIzMjbIAQmoAwHIAwKqBPwBT9C0vJ9ZSzKdG3DCZtTNWhRdFWf-dZbQLEQ363b7S2T486aOS0uBSHJgCJ3EBWQlbmNaizTsDsRXcI93Bg3SceoxkkFLNqsFktAUmtG88z-aKYJRhEzWauie8IzMp2_HYv1_usFqZ2pG4Es0JGh0-WyU3Y1mFeprrlOZ-NARTgyuDJCKIdnwYg4Jikq7Hbzl9sQAl3hk-pvm7v9MHFnoUs0HR-15z7oxbGPwlCI-lVDR8h80DXFa7Cufw7wVaxMxhQpAVtuiABkaQSdBbIwSsuZh9sSwfDwtW87ftTv6XJe4stN3gXFm-dySOcV8Yske3qKUftqNatNa04jCgAbH1fj0k56AvRSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTE3MzA1MDA1OTg5MjIzMjYYAA&sigh=yZI0JT6rjJ0&uach_m=[UACH]&cid=CAQSOwDICaaNtQwhk5kNfOqQHwIxLQIl49tUK06MTfNzr-y_IvVXNrNJQ_9c11ofnezyV4FUUKk27BGwfOeoGAE&cbvp=2&vis=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&h=280&adk=997297033&adf=122919196&pi=t.aa~a.2586680255~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696240245&rafmt=1&to=qs&pwprc=1275318804&format=1200x280&url=https%3A%2F%2Ftelegram-downloads.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204245229&bpp=1&bdt=1162&idt=-M&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48bcaa1e0f69cd79-2224e2fc76e40078%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_MaBpbUoeP6xV5wkmbX_vNyl2v1pAQ&gpic=UID%3D00000d96405a144e%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_Mb7-GVFS4k8qi62VqnuGOOxs0zQFA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=1200992134216&frm=20&pv=1&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tqR6pKiqai&p=https%3A//telegram-downloads.ru&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 01 Oct 2023 23:50:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame D614 0
126 B 327ms
9ms Image
text/plain 74.119.119.130
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kIfQEs36RLAJmALiIp0XAgAAAO5tnBEqPq5MENUFGmXhdwW4OJWxeSfaAAASAAAKCkFRVUJDZ0VCQ2c&wp=ZRoF1QAEIbMJlOf1AAeZ_dJhJ3VLND5AkJMezw&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.130 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 133631
server: Kestrel
content-length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3752 42 B
404 B 643ms
24ms Fetch
image/gif 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOrwuHHl5mFtvPLDQaSJJPDw82pqUqbmWSKewRQ_QoPEbg4EP1MRU4hogiK5VbwYKl9mzTTUGPhCr45RBbMduhHOoCHU4whHGw9ps&sig=Cg0ArKJSzM2YahqlcjRzEAE&id=lidar2&mcvt=1054&p=0,0,280,1200&mtos=1054,1054,1054,1054,1054&tos=1054,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=421633162&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696204244771&rpt=684&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 montserrat-400-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame D542 12 KB
13 KB 256ms
34ms Font
application/octet-stream 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-31a4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 montserrat-700-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame D542 13 KB
13 KB 249ms
28ms Font
application/octet-stream 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

28f403366c2c520bfff7d5a0883f1d53e1e87ba1c8202f3f29e6395a0b66806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7f-3230"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 25 Sep 2024 23:50:46 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 647D 0
56 B 35ms
34ms Image
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cz8Oz1QUaZfX_ENXi0_wP1f-MyAucge-wXOLDuM6jAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE3MzA1MDA1OTg5MjIzMjbIAQmoAwHIAwKqBPwBT9CfPBRmG2G4v3aLkRsYGC8zhxtlic91lWUKzGrODNsxrTplawBn-kCCRUhdw2rFSaHk-TdpPf3a3q5j-qAfhoLN0jWIfu7EBO42h_Hd8g_2AsPslpQNyDqydjW_R4DN9Ps77Fo4PvqkGPz1hbQ1t8yXtQ4Rl0JGpFKGv7NIql7QuKFxIdzRkBna-oTX8XspRgjPVaJ3t-3LOU7ImDkT3luMy1gkA4D3iHOoM3dxwdBj-WanoWcT6dAhK6oP9RzLdOfDYdyH0YC0vaq4VwC__txj3Gz_R17m5TpAyg0w3NnmM2j470Q24MqUqdbD_Ce57TJZ-ZoVTOUn4sWCgAbH1fj0k56AvRSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTE3MzA1MDA1OTg5MjIzMjYYAA&sigh=nwV8bHMskh8&uach_m=[UACH]&cid=CAQSOwDICaaND1BHSDI8uNLE8EspnIjhUpLBYk_yWLVNZpOov937vPhiX1T3bzuBN71xyENgssxnYao04ghLGAE&cbvp=2&vis=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&h=280&adk=2550612135&adf=3020769239&pi=t.aa~a.245933387~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1696240245&rafmt=1&to=qs&pwprc=1275318804&format=1200x280&url=https%3A%2F%2Ftelegram-downloads.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204245229&bpp=1&bdt=1162&idt=0&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D48bcaa1e0f69cd79-2224e2fc76e40078%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_MaBpbUoeP6xV5wkmbX_vNyl2v1pAQ&gpic=UID%3D00000d96405a144e%3AT%3D1696204245%3ART%3D1696204245%3AS%3DALNI_Mb7-GVFS4k8qi62VqnuGOOxs0zQFA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=4&correlator=1200992134216&frm=20&pv=1&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=DmBTzvygR5&p=https%3A//telegram-downloads.ru&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 01 Oct 2023 23:50:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 647D 0
125 B 309ms
11ms Image
text/plain 74.119.119.130
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kIfQEs36RLAJmALiIp0XAgAAAO5tnBEqPq5MENUFGmUZQZrBXAIdVNo1AAASAAAKCkFRVUJDZ0VCQ2c&wp=ZRoF1QAEP_UJlPFVAAM_1SqQOg3-XMPjCxIFUg&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.130 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 275037
server: Kestrel
content-length: 0

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10143.3wK_sAltChnXHWN8AmMJp0YGDk5Dk2el7z821grDYrK1wtt6wdHxA_F7o4n9vtih.s-rvh2wWi05HaU4zztfzuAaSBFo%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10143.uzmyWKs2_k2gO6lVL8yfniycvBZqzpnj0zan3IAdvR0eteu8WAZkS7tW9bgxbhGrZTV9AsBIOgtrTqXWfxSHdUIflQksQJKtfkbr4a7wezejjJQcvH3LIgIsNLDiAp9d.uTlBZWmIM...

43 B
333 B

137ms
137ms

Image
image/gif

77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10143.uzmyWKs2_k2gO6lVL8yfniycvBZqzpnj0zan3IAdvR0eteu8WAZkS7tW9bgxbhGrZTV9AsBIOgtrTqXWfxSHdUIflQksQJKtfkbr4a7wezejjJQcvH3LIgIsNLDiAp9d.uTlBZWmIMXQRe4dlKw9aDSHun-s%2C

Requested by

Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/

Protocol

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10143.uzmyWKs2_k2gO6lVL8yfniycvBZqzpnj0zan3IAdvR0eteu8WAZkS7tW9bgxbhGrZTV9AsBIOgtrTqXWfxSHdUIflQksQJKtfkbr4a7wezejjJQcvH3LIgIsNLDiAp9d.uTlBZWmIMXQRe4dlKw9aDSHun-s%2C
date: Sun, 01 Oct 2023 23:50:46 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
114 B 142ms
140ms Image
image/gif 77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 28 Sep 2023 11:23:40 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6515380c-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 02 Oct 2023 00:50:46 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 252E 0
56 B 36ms
35ms Image
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2jIH1AUaZf62NqvntOUP2rWa8A-cge-wXNL4t52dAcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTE3MzA1MDA1OTg5MjIzMjbIAQmoAwHIAwKqBPYBT9DreJkluFC3XAtPtd6u9WJnkSvUS0U1Af1nc0-9_fLmouGkQ-ANLcJYY3dICfeRqpwGrq2MBVmwGnpFB78cs41bfTZvvsXYjCp4CAsWfu4A1X7QcdIQrhbWlPsou-D7rURkh1vESU1676OCNQVUW_a90nPeabkfi3gu7Y5dGCH_OHBlO3G9ZePR2KGWW5fN7msgyyzFh5PrPgMTt-YmCYSwEtApi3HjR7ifxjQ-gkZDY-yGKQrlJ5JL_cYAXNnTEBAWYn7IBaZ5V7gU1uuP6KBkTek0tTVEu5U-mtGMRQ7VeBDVAs5w4nWQYStN4wN5gkPChI_VgAbH1fj0k56AvRSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTE3MzA1MDA1OTg5MjIzMjYYAA&sigh=dWKZdXOCF1U&uach_m=[UACH]&cid=CAQSGwDICaaNjVv20lrhGQPQzPiZvP_obt6DRBgGchgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 01 Oct 2023 23:50:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.da.us.criteo.com/google/auction/ Frame 252E 0
126 B 426ms
44ms Image
text/plain 74.119.118.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.da.us.criteo.com/google/auction/notify?profile=14&payload=kIfQEs36RO0HfOIinRcCAAAA7m2cESo-rkwQ1AUaZfocScEPi9x5uZYAABIAAAoKQVFVQkRBRUJEQQ&wp=ZRoF1AANm34GrTOrAAaa2tvTxVTtarO-9c9Pcg&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.118.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 251741
server: Kestrel
content-length: 0

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3752 0
56 B 34ms
33ms Image
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJNdn1AUaZa6xNMP5zLUPyOyskAicge-wXKLKp6p0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMTczMDUwMDU5ODkyMjMyNsgBCagDAcgDAqoE9gFP0B6Gst4XT8l6L0DRjWwCPYkefApA5k2Hps4izYOh0ZQf6680-e1dE6gk3AblWB1MWN_04iIMzr5EfMyq_m9xBCVadt_OmkRqOEoIogFea8XmqoIjR921dXgUsgTkULoabUHx0rKkg9ApaMqQRsELt_erWf36NCYOpwC6e19N-9dBvElu3RHBazJV_jMX_RbQH7ahzkpHJjeMu4Aq2LDvSVnjOPEQZo-l4ucx2BR5tOpXvsZ83SWLVUkD5rSP1prx4iKHAlDYpcNqr8W306NINsQkP_Ixr0XDY0Lt6eXTbWns1cOaJiYI6umj1K1f57PETCA8pxOABsfV-PSTnoC9FKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTczMDUwMDU5ODkyMjMyNhgA&sigh=ndBoSWwMckg&uach_m=[UACH]&cid=CAQSGwDICaaN1Q5xBK-iQBOrExnuGsr8iinSmDi8aRgB&cbvp=2&vis=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&h=280&slotname=6381865431&adk=421633162&adf=33309763&pi=t.ma~as.6381865431&w=1200&fwrn=4&fwrnh=100&lmt=1696240244&rafmt=1&format=1200x280&url=https%3A%2F%2Ftelegram-downloads.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204244552&bpp=19&bdt=485&idt=209&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1200992134216&frm=20&pv=1&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vKtTsLttsA&p=https%3A//telegram-downloads.ru&dtd=217
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 01 Oct 2023 23:50:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 3752 0
125 B 45ms
10ms Image
text/plain 74.119.119.130
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kIfQEs36RLAJmALiIp0XAgAAAIenZR_fRz2AENQFGmUBM19ISsYmRn5xAAASAAAKCkFRVUJDZ0VCQ2c&wp=ZRoF1AANGK4AszzDAAs2SEuiRnEAjA6tmZuWIQ&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.130 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:46 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 278585
server: Kestrel
content-length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 252E 42 B
108 B 356ms
25ms Fetch
image/gif 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5cwBnZfmOsgpaXaogikUUldN8udY7sKPKfeTyNV_4udPT0muwWu9a6c2VPm7HG8rxTHN1yoLxZ5qfQPzqjvfpIyodsnxlneYXsIji&sig=Cg0ArKJSzDdLOLQzmoFfEAE&id=lidar2&mcvt=1029&p=0,0,124,1005&mtos=208,675,1029,1086,1086&tos=208,467,354,57,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696204245291&rpt=372&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 13D1 0
127 B 9ms
9ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 01 Oct 2023 23:50:45 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 all
csm.us.criteo.net/ Frame 5774 0
127 B 11ms
11ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 01 Oct 2023 23:50:46 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/32869030/
Redirect Chain

https://mc.yandex.com/watch/32869030?wmode=7&page-url=https%3A%2F%2Ftelegram-downloads.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3wcjej5lmwx5238tghrt8yj%3Afp%3A5811%3Afu%3A0%3Ae...
https://mc.yandex.com/watch/32869030/1?wmode=7&page-url=https%3A%2F%2Ftelegram-downloads.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3wcjej5lmwx5238tghrt8yj%3Afp%3A5811%3Afu%3A0%3...

466 B
558 B

141ms
140ms

XHR
application/json

77.88.21.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/32869030/1?wmode=7&page-url=https%3A%2F%2Ftelegram-downloads.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3wcjej5lmwx5238tghrt8yj%3Afp%3A5811%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1120%3Acn%3A1%3Adp%3A0%3Als%3A40811421284%3Ahid%3A681422274%3Az%3A-600%3Ai%3A20231001135046%3Aet%3A1696204247%3Ac%3A1%3Arn%3A833676961%3Arqn%3A1%3Au%3A1696204247270091362%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C1223%2C1%2C3608%2C0%2C%2C1478%2C11%2C%2C%2C%2C6676%3Aco%3A0%3Acpf%3A1%3Ans%3A1696204238861%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1696204247%3At%3A%D0%9C%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: telegram-downloads.ru
URL: https://telegram-downloads.ru/

Protocol

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

43f081361e5e42355e821f334c8713aa0025060848218283d8583163188b27fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:47 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 01-Oct-2023 23:50:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://telegram-downloads.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 466
x-xss-protection: 1; mode=block
expires: Sun, 01-Oct-2023 23:50:47 GMT

Redirect headers

pragma: no-cache
date: Sun, 01 Oct 2023 23:50:47 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 01-Oct-2023 23:50:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/32869030/1?wmode=7&page-url=https%3A%2F%2Ftelegram-downloads.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3wcjej5lmwx5238tghrt8yj%3Afp%3A5811%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1120%3Acn%3A1%3Adp%3A0%3Als%3A40811421284%3Ahid%3A681422274%3Az%3A-600%3Ai%3A20231001135046%3Aet%3A1696204247%3Ac%3A1%3Arn%3A833676961%3Arqn%3A1%3Au%3A1696204247270091362%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C1223%2C1%2C3608%2C0%2C%2C1478%2C11%2C%2C%2C%2C6676%3Aco%3A0%3Acpf%3A1%3Ans%3A1696204238861%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1696204247%3At%3A%D0%9C%D0%B5%D1%81%D1%81%D0%B5%D0%BD%D0%B4%D0%B6%D0%B5%D1%80%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://telegram-downloads.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 01-Oct-2023 23:50:47 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 30ms
29ms XHR
application/json 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230927&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

9a016385d75654b49db7fde6342560930f6e7ec70e255be03e3978057c7cc1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12044
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 24ms
23ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_fy2021.js?bust=31078272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 23:50:47 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 57B7 13 KB
5 KB 8ms
4ms Document
text/html 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegram-downloads.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 32153
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 01 Oct 2023 14:54:54 GMT
expires: Mon, 30 Sep 2024 14:54:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D17B 829 B
1 KB 26ms
24ms Document
text/html 142.250.176.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f4.1e100.net

Software

GSE /

Resource Hash

8fbc3abef30c4d83d0cf293bc66a70436d0f5d8a2468f6f17875c3d6abcb2717

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qh8FNqIIrRQBuCzpgHeG5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegram-downloads.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-qh8FNqIIrRQBuCzpgHeG5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 01 Oct 2023 23:50:47 GMT
expires: Sun, 01 Oct 2023 23:50:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame 57B7 37 KB
15 KB 5ms
4ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 20:02:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Sep 2024 20:02:54 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D17B 0
0 24ms
23ms Image
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230927&jk=1924437485354626&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s81-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 57B7 0
40 B 5ms
4ms Image
text/plain 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5NMS0A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.81.225 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s74-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 23:50:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 25ms
24ms Image
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230927&jk=1924437485354626&bg=!PD-lP3DNAAYEJRtnJCU7ADQBe5WfOE_aKlgt0EmpUSkz3uWjru5DJv3_Th0lAEaT74VmGjAJSjXSRAe_hDV7xfWoDb8uAgAAAKNSAAAALmgBB5kCx-umQVpouQ66OIO0utQDEU9DisbrB2yYTHR2sO8mTDUeHDf-kduJ63Nw8NBWeRSTFu3gw601C5V-yYx2aAdctayVlctjY2dJsizRP7lEvEeS8MD-Dgff0wsJKIBsnJmfOmWZeHEJ98_u8PKT4mAXGynTVFdu6VeDHjyGhFgOReUSp_u206JBNXzttsHtG6Pm9RZLcjadXHah3960O9KBaaZxKCKo7AHlv9Yjw4tCHlylWQTJgaLNaCeoybX_PzeeUncOKuaoOGLVGWv21jYMnY-Hc0tu-miaYit2VXGfO46IyDkwrahdV30nMbjFO8taFGp-8gC8Zc-WjWlg0EuwVOZVC5mp4o1ZaGI9Lzj8JCSBHUbhaOgp3ZXCWTcdC97SpqxrJ4PK4UBn4EFBU2RrnFSSoa5I_M_HIKrU9oPE4NeJRD_wgWTxxQFE73CQ8ZrDN28BtMI0bykSWkutiQWvRzQcGS8fjkoBcZ3ffJkYfkaKV2dxpKXITgCIZetBQBVwl9M5IbW7OvwgUvwArqN6HUCBbSElExdDI9g86Nfi8_zGC_Ajgau9dmGBu0r7zgHzNQV1d7Yr6I8XxeVYHqngNvbpVu0nxIADdyMJX8cOwV2syCrDigjy-jzRxUwiy-0EgUBpKlrn5CbX9EYWgbw2Uiu1r97eoNv_sZYXBhhvmXl67cmHj7KmyKSi5WNPoAd_M_UZIZBIKX2F60YbceRG16Q1AGq6eQrTsnPy4fbMUniolFo5S0QRbL33-9RXCjwvP_c8-467akoXCLIpIlai7gLD9CXsWhPGBrNxgl5CyLqxRzYRYidO7kXzAVUjR5gvEeTQd_nT58iV-mrJ1bBbtRbWcSqsaYEAfOq3qHI1VDmE55Dop8gAbVo1_FSfkT1ZjJYYXJ-7zpDzmFIAhwEEhJJlTfmYzwfkYEInnQDKFnZnr_FBYU4APg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s81-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://telegram-downloads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

POST
H2 200 all
csm.us.criteo.net/ Frame A28D 0
127 B 14ms
13ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 01 Oct 2023 23:50:47 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: telegram-downloads.ru
URL: http://telegram-downloads.ru/wp-content/plugins/fancy-box/jquery.fancybox.css?ver=1.2.6

Domain: telegram-downloads.ru
URL: http://telegram-downloads.ru/wp-content/plugins/fancy-box/jquery.fancybox.js?ver=1.2.6

Domain: telegram-downloads.ru
URL: http://telegram-downloads.ru/wp-content/plugins/fancy-box/jquery.easing.js?ver=1.3

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.telegram-downloads.ru/	1970-01-21 00:31:40	Name: __gads Value: ID=48bcaa1e0f69cd79-2224e2fc76e40078:T=1696204245:RT=1696204245:S=ALNI_MaBpbUoeP6xV5wkmbX_vNyl2v1pAQ
.telegram-downloads.ru/	1970-01-21 00:31:40	Name: __gpi Value: UID=00000d96405a144e:T=1696204245:RT=1696204245:S=ALNI_Mb7-GVFS4k8qi62VqnuGOOxs0zQFA
.doubleclick.net/	1970-01-21 00:46:04	Name: IDE Value: AHWqTUm7TqnYlW7H0PDQjzDuRXNQxJyc_AFtJFi_lClitK6ZGCwaDpLzvjuHicnUt3M
.mxptint.net/	1970-01-21 00:46:04	Name: mxpim Value: R33645_109E47FB3_EA60F99C.1.651A05D5
sync.srv.stackadapt.com/	1970-01-20 23:55:40	Name: sa-user-id Value: s%3A0-7484a30f-4b2b-5a55-46b8-a9d028f41f6b.nSsfzN5%2BYUA7uqxESVyd2uCe6jAiqoqVHC8b1ZLjwvk
.srv.stackadapt.com/	1970-01-20 23:55:40	Name: sa-user-id Value: s%3A0-7484a30f-4b2b-5a55-46b8-a9d028f41f6b.nSsfzN5%2BYUA7uqxESVyd2uCe6jAiqoqVHC8b1ZLjwvk
sync.srv.stackadapt.com/	1970-01-20 23:55:40	Name: sa-user-id-v2 Value: s%3AdISjD0srWlVGuKnQKPQfawW16oQ.nw%2BPpMmWOrzcOpYceuGHAMh7%2BHaz0j38kAjz3A30kiE
.srv.stackadapt.com/	1970-01-20 23:55:40	Name: sa-user-id-v2 Value: s%3AdISjD0srWlVGuKnQKPQfawW16oQ.nw%2BPpMmWOrzcOpYceuGHAMh7%2BHaz0j38kAjz3A30kiE
sync.srv.stackadapt.com/	1970-01-20 23:55:40	Name: sa-user-id-v3 Value: s%3AAQAKILSiotaG3ZUsNbieaTSkS6VQ7x-Z9q5FOkocBcJ1Y3L1EHwYBCDVi-ioBjABOgRLGKL4QgSm3jTF.CfQaWohc8%2B1R%2BarqadQ69AEwAADHdNohRN62oUnQRPk
.srv.stackadapt.com/	1970-01-20 23:55:40	Name: sa-user-id-v3 Value: s%3AAQAKILSiotaG3ZUsNbieaTSkS6VQ7x-Z9q5FOkocBcJ1Y3L1EHwYBCDVi-ioBjABOgRLGKL4QgSm3jTF.CfQaWohc8%2B1R%2BarqadQ69AEwAADHdNohRN62oUnQRPk
.bidswitch.net/	1970-01-20 23:55:40	Name: tuuid Value: a323e6fe-5d1a-4852-96bc-636e48db11da
.bidswitch.net/	1970-01-20 23:55:40	Name: c Value: 1696204246
.bidswitch.net/	1970-01-20 23:55:40	Name: tuuid_lu Value: 1696204246
.simpli.fi/	1970-01-20 23:57:06	Name: suid Value: 8E605A5C60A0435697265185CC160D3F
.travelaudience.com/	1970-01-21 00:41:45	Name: _tracker Value: %7B%22UUID%22%3A%22044FE694-E837-4D7B-3D06-CD592A834B0D%22%7D
.adsrvr.org/	1970-01-20 23:57:06	Name: TDID Value: d554b406-8ca9-4b6b-b511-bf26a2c823a4
.acuityplatform.com/	1970-01-20 23:55:40	Name: auid Value: 835116527841
.acuityplatform.com/	1970-01-20 23:55:40	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRTs0bGKomGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUU7NGxiqI90aGlyZFBhcnR5VXNlcklkWkNBRVNFUERFMVZxbUNkOHdSVk1XMGNrWjBmNPv7hnZlcnNpb27C+w=="
.w55c.net/	1970-01-21 00:41:45	Name: wfivefivec Value: m78xKHch1QN6d05
.bidswitch.net/	1970-01-20 15:10:04	Name: google_push Value: AXcoOmSGOQlQdcC_Mwx9FfJr_04Ns5ve62-pC6wObYQhg1H5PqJrX-LdvA5rm4QsiW-QFV9KYgs2BD6IWet6nk0YKVWD5hLqcDKS5w
.linkedin.com/	1970-01-20 15:11:30	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2976:u=1:x=1:i=1696204246:t=1696290646:v=2:sig=AQG6t4Qaew7-7sjcR8rput3xC94vG3CO"
.w55c.net/	1970-01-20 15:53:16	Name: matchgoogle Value: 5
.adsrvr.org/	1970-01-20 23:57:06	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIjsrwuui4oTwQBRgFIAEoAjILCPzF5OX-uKE8EAU4AQ..
.linkedin.com/	1970-01-20 23:55:40	Name: bcookie Value: "v=2&af4e046a-2537-44c8-840b-4f4a11411af9"
.adform.net/	1970-01-20 15:54:42	Name: C Value: 1
.adx.opera.com/	1970-01-20 23:55:40	Name: UID Value: OPU2103f9196af645efb703edf22054227b
.turn.com/	1970-01-20 19:29:16	Name: uid Value: 6921647784686386752
.adform.net/	1970-01-20 16:36:28	Name: uid Value: 2139583560732150393
.telegram-downloads.ru/	1970-01-20 23:55:40	Name: _ym_uid Value: 1696204247270091362
.telegram-downloads.ru/	1970-01-20 23:55:40	Name: _ym_d Value: 1696204247
.send.microad.jp/	1970-01-20 17:19:40	Name: TR Value: 45d05243a4c0b846377ab34d0e623fbe15407f9946e22044
beacon.lynx.cognitivlabs.com/	1970-01-20 23:57:06	Name: UID Value: f352bca0-781f-43b8-8c69-a0149c9c97cd
beacon.lynx.cognitivlabs.com/	1970-01-20 23:57:06	Name: ss Value: CPmFiK%2FB9ULsC5HeUDy2L3Frt8uPqGB60Mfh41cciQE6%2Fs2jLYXPZ%2Fd3uYyCJjmK7Q%2FCNWxaT1YHDDeK8kaE%2BA%3D%3D
.yandex.ru/	1970-01-21 00:46:04	Name: yuidss Value: 5541463281696204246
.yandex.ru/	1970-01-21 00:46:04	Name: yandexuid Value: 5541463281696204246
.mc.yandex.com/	1970-01-20 15:10:04	Name: sync_cookie_csrf Value: 2471417397fake
.telegram-downloads.ru/	1970-01-20 15:11:16	Name: _ym_isad Value: 2
.dotomi.com/	1970-01-20 15:10:04	Name: DotomiTest Value: 363a2f7a2f261132
.mc.yandex.ru/	1970-01-20 15:10:04	Name: sync_cookie_csrf Value: 968968722fake
.mc.yandex.com/	1970-01-20 15:11:30	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 425846541696204247
.yandex.com/	1970-01-21 00:46:04	Name: i Value: HFC4wnFQlL1lNSq3oTT8zdiCjqgksCmjNfiKZIdO+eUKks2UnlEdoQ68BbiSitAl5cQ3B2NLNCXQc2W1378hB7sh5Co=
.yandex.com/	1970-01-21 00:46:04	Name: yandexuid Value: 6616218621696204247
.yandex.com/	1970-01-20 23:55:40	Name: yuidss Value: 6616218621696204247
.yandex.com/	1970-01-20 23:55:40	Name: ymex Value: 1727740247.yrts.1696204247#1727740247.yrtsi.1696204247
.yandex.com/	1970-01-20 23:55:40	Name: bh Value: KgI/MA==

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://telegram-downloads.ru/ Message: Mixed Content: The page at 'https://telegram-downloads.ru/' was loaded over HTTPS, but requested an insecure element 'http://telegram-downloads.ru/wp-content/uploads/2015/11/telegram_logo_2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://telegram-downloads.ru/ Message: Mixed Content: The page at 'https://telegram-downloads.ru/' was loaded over HTTPS, but requested an insecure element 'http://telegram-downloads.ru/wp-content/uploads/2018/07/telegram-downloads.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://telegram-downloads.ru/(Line 79) Message: Mixed Content: The page at 'https://telegram-downloads.ru/' was loaded over HTTPS, but requested an insecure stylesheet 'http://telegram-downloads.ru/wp-content/plugins/fancy-box/jquery.fancybox.css?ver=1.2.6'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://telegram-downloads.ru/ Message: Mixed Content: The page at 'https://telegram-downloads.ru/' was loaded over HTTPS, but requested an insecure script 'http://telegram-downloads.ru/wp-content/plugins/fancy-box/jquery.fancybox.js?ver=1.2.6'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://telegram-downloads.ru/ Message: Mixed Content: The page at 'https://telegram-downloads.ru/' was loaded over HTTPS, but requested an insecure script 'http://telegram-downloads.ru/wp-content/plugins/fancy-box/jquery.easing.js?ver=1.3'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://telegram-downloads.ru/(Line 187) Message: Mixed Content: The page at 'https://telegram-downloads.ru/' was loaded over HTTPS, but requested an insecure element 'http://telegram-downloads.ru/wp-content/uploads/2015/11/telegram_logo_2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://telegram-downloads.ru/(Line 187) Message: Mixed Content: The page at 'https://telegram-downloads.ru/' was loaded over HTTPS, but requested an insecure element 'http://telegram-downloads.ru/wp-content/uploads/2018/07/telegram-downloads.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1730500598922326&output=html&h=280&slotname=6381865431&adk=421633162&adf=33309763&pi=t.ma~as.6381865431&w=1200&fwrn=4&fwrnh=100&lmt=1696240244&rafmt=1&format=1200x280&url=https%3A%2F%2Ftelegram-downloads.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696204244552&bpp=19&bdt=485&idt=209&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1200992134216&frm=20&pv=1&ga_vid=1953561565.1696204245&ga_sid=1696204245&ga_hid=1138077525&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31078257%2C44795922%2C31078272%2C21065725&oid=2&pvsid=1924437485354626&tmod=1176044992&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vKtTsLttsA&p=https%3A//telegram-downloads.ru&dtd=217 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ads.travelaudience.com
ads.us.criteo.com
aep.mxptint.net
aid.send.microad.jp
an.yandex.ru
analytics.pangle-ads.com
beacon.lynx.cognitivlabs.com
beacon.walmart.com
c1.adform.net
cat.va.us.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.us.criteo.net
dclk-match.dotomi.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.us.criteo.net
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
px.ads.linkedin.com
r.turn.com
rtb.da.us.criteo.com
rtb.va.us.criteo.com
static.criteo.net
sync.srv.stackadapt.com
t.adx.opera.com
telegram-downloads.ru
tpc.googlesyndication.com
um.simpli.fi
ums.acuityplatform.com
vk.com
www.google.com
www.googletagservices.com
www.telegram-downloads.ru
x.bidswitch.net
yastatic.net
telegram-downloads.ru
104.126.118.202
104.17.24.14
13.107.42.14
142.250.176.194
142.250.176.196
142.250.176.202
142.250.65.162
142.250.81.225
142.251.40.131
142.251.40.162
142.251.40.226
142.251.40.98
159.127.43.137
178.154.131.217
185.167.164.37
20.242.10.199
202.233.84.1
34.133.71.175
34.236.127.74
35.190.0.66
35.211.178.172
35.71.131.137
38.98.69.175
44.219.180.129
50.116.194.21
54.164.217.79
69.90.254.78
74.119.118.147
74.119.119.130
74.119.119.131
74.119.119.147
74.119.119.149
74.119.119.150
74.119.119.65
74.119.119.80
77.88.21.119
82.145.213.8
87.250.250.90
92.53.96.193
93.186.225.194
00c42eeabd263aba239521d57182501979f1c9cc4f76934aad84502ae56222d3
0349039c1463d4c9ff88fb49ad54b6d79817fd47d39b70d8d013dd08be0ff60f
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce4c7e332dbdd5b216860555987671ff4bce874a7b0bfc86cac97877ae27e86
0ced96ff4e9ca6e1e445292b4f1ea2fe27751ca9efab53e46c88bc0d991c1956
0f252de0a65325111b4613508c20a74f1eaac2ba6d2b4cbc996ba21068a273d8
108b201f90aa1fac41dc0277a8a8c79e1a6e8f1e63f9845dc2d7df156ad85b5f
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
18e160783c2d1e7d78c2c8d017244b253515f87fd05c86c541e74b4fc18b7f37
1aa898a7d416aaa7f09cc1871426404841d168cf0d0c6eb93cf6efc2cdcaa4e0
1ba867b6dbec8951255470dd4387487065424642581a2488c2c2489639c05812
1c403ddc0fc4b4c8b6f208fa48ed814982c0968003cbd748b4d5f83e8ef2618a
1c820892faeda85eee6d2fb3174dba0ac92dd428f483eba244f94879bf8f1f0e
20f2d6255fe749341e6543047782811c5977380c562e7163efa64594d88c6b3d
23dd2d1955758674e3fd92ee81b94a47e2988781f0a6d7763fdf7e2b906486bd
24bd34754ce623ce230e5271ae6366f26963fb1304a1dba6420ad92f0ea0abcc
28f403366c2c520bfff7d5a0883f1d53e1e87ba1c8202f3f29e6395a0b66806d
29002fccb9419eecb104bc8537d1e375f80cdc6b728bc7e6ce91e4e6d78f5add
2aa02ac1c62c12711602f08cbd1d35f2a2ec066b36361cd15d0ce705c64facb2
2bbdea1641907d8624ed5fff410ac82a57e6328332422a0118067115a0c92af7
2c7e4120346bae58e30b8b2a3a0c512422a0f52bab1a6b6117b3e8c98805cba7
2f7760ee2b81f4659c6f34ada0f7a7d263c2ce6035c2b5f4b082fac60802897e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32f9c09189248fc7081865c0e1b536205384f9d96c5a75e0ccb484e2a74a6f6a
35b6a2c1e1e5a59639fe8d6b833275d300c9471217f3e52551063bc6b058f909
376fd1eb7ae817a27cacf8d720f71050c406824a87f606c775beba4ef04795da
40f09dcdb226fb60428bfe107e02f6c50db1561694264b0144e0155f9f3e4140
41e8d373b9d97d2006ac7790c8962b71668574e1342cd834ee9e6f40302bc7e2
4247b30e612990c46ae14e850c4399a7d690791261b3fd5de64593b25854e49f
43f081361e5e42355e821f334c8713aa0025060848218283d8583163188b27fe
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4745a0a1480a887676caadda7bb94e3bcb5599d4c7fe30a5cb720ae26ab1cff9
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
47cd7f45a1fe9ae9be9aeb2fd4217525641a5e700e0385d611aaa3a62b4c3827
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
49dc12acf0f7998996e52b8a5c730d1e447860e20c70ec48a123738f5566ac5d
4dc77ee90dc2225b57b31d28fe06213cd6c491bdc7249a6e70ebd003b72c5702
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53ce1143e5a93c4c9528d1e604c59ac7aaaf635ddaeceb3e28e7de292fd0a4db
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
576536ae0277db245d4e8f215a974bed736813b838808f3b5cf68cbd4f849d9a
57df901ddd718ea67fc2c55f827e20fef7a5fae5145e9149e79eb065f9a097b9
5c1f86873ae4a57b120e9a74e292181644a570fb97c84cd2cd4ac29ed67bea02
5c5579542540957ffa4cdb8b5f16f77e748708cee95e81df5d7ca16a61a009be
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64ae7ca3ce2453c619a36968a7c29593e0aa4fcf3972d14655dadbe08fe8c71c
665f87fd4e9610c1ce7ceae8c034c75defb868b9c49f414e619d14cca8f24c21
66a2e73c881946fba831b0e9ecea9e6052b3cb1120c06f0878d33bc9aeccbb34
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6a4eb582f08a6dadd26fe22f3b4a94d6fbeafb2e9d09ffb477e5a1a784893d1e
6a64a4720bae4dd029bc72fc635193cbedc765e9b7753eb6c4ba901100f84720
6d13c93627a5515fcc6223d2224b4ded6bd84b494490e38945be34b30f850c96
6fd7726313f06325c0a4f6b51b2c927cc3c4d8ff168d11fe9683f1b767c5b05e
6ff80b76ab435969787816198f51f1096b75efb19b378f113ff37db5f7e172b4
711bc5b0b8c40e39b2560e65797d175e72a89b49ebbc266a7c7b581c4bec4b21
715d95401a0252ab3f290b8d318f8f6bfd0bf1163f025767fa065200c5e6f883
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
732c1e333b19eaba2000f7c99cc5160fab6e033f56f636ce7bcf300fba5f31e5
73f50f75f8e010529d7194189dcce691ffb68d79b50f089df97970684398f8c0
77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a
7d23a623cd2fe539453dda5d31bcea29bfaff024f454ad4d986a9c5e2ca2a7aa
7eeafdd20b0c8f377e06a1ea874c3487d4e0bcbe5219d445f8d38b134df985a4
7fbb7d0e3338e89ebead71b921eb04443793b56bbdd434e2e5cf58ecf5991b96
834392ea71cff2fca594054b8a0806ada053e28a53ed5f2854025a4105ffcf15
877744426cc787a9073f698304fda520feadcbe0e2b6884c5c45beb03855c3ed
87c296933952b4969256a3ed7c9a3f7e50116ecbedbc7e27e1395012355aadab
87d948f7ba0a81d921cd7a6d43af7ceb48de5728a7aaeb13259505174dff5585
8a80101c29f5cb363aaeecf76b1145d01252caf78a961fe3bba08e72ba5a97b7
8cf697447f26754c18211cb07a7d8d8d032d73f17d8fe756b623dbcde842f4e0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8fbc3abef30c4d83d0cf293bc66a70436d0f5d8a2468f6f17875c3d6abcb2717
91833ee761b2cd075c96ebe62806908ee00df62ba772155ba26b16839dbeded7
91ee720f3c25ec6b209d88019c20e2592340ff1fe1c94f3d5431e5fd1e77e5dc
9a016385d75654b49db7fde6342560930f6e7ec70e255be03e3978057c7cc1e9
9a4722a7cd0c22f78f28ee8a8cabbbe9beade0207ec4b0b2cde4ef443665584d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9f8f728203d523f922e384b77aca68da97b3184d65afd9589beb535913415289
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a1386d0fcba0554d59534a5e69db1aa587f4df42c8cadc24bb96dd12f7c93f6a
a1d1c9dafa628fe545e83f0012de7112dc82508df04e65deb72139cbd569c7da
a1f50e52a7fda97827e6e3d2cd3bb2788a68a78296728fa2592be8e89d54b5b8
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a563a87c4831f029434d9e02ba53bd242f9f545d9fcd34a357d14827ade187b2
a56a1e28a24ba018d8af6dff55c849eba2f36876b9abc667cdb41c74431d6217
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a798a341431a452e8a8fbae5dd65faab6478c5ffee1da5b70f4ab9e740ae15af
a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b
aa7172f296b0076148f1300f0118dda32861d0ed081fd24967330e22ef4f3422
acd4dcf96c8b5f8b2ff506897cbc8f07ba0d30248b6f19b58c66d5a70f132821
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6118b7facbae60d5f5f668041a9ffac4ef1c9ffdf34619b7237f94b0012f9a6
bbd18ec584cf2bc9039d97c29cfa58141f53cf65f0307c128d204fd06a081884
bd535fb2f8e98a1170d153122fdc5f89623d28aab324a3cc8c38098b60e8311d
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c5579ea3a0da7420e4b96ec3b03932a2798fe91f2fef3ff60c681f52a93a6beb
c5ec1d74e9960ddf0b8f42a7eb1bb25a865bb87055eca7baac378c8cba0a368a
cb2b18ff7b82cdbab0ba5f095448f16c159526ff504699042f8069f1a70ae7f4
d9f09cc8c4f98a6c6a1817ce27cdb2ce90ac239de55c8f2eebe0b04c70658c0a
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1c46ca7d8ee2e7bef2bd48531d1f41c8d52915cd7d89a83fdde2510119dfa5a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2407f1bbc3a354f70ae1f429f1201ad30a53fe4f2d80a5865226bc341f4ecdd
f38d19087fd49bfdb55baf5728fd95276da0ccd5cf5020dc16f4b186c3dc788b
f3b9348806bbe09b1e6c10499ab60c3807b6f07a46d9a60a652faab0f4dc508a
f48585b4945eec5c6e1453b2d3cf1395d3a261a140da38569230f74816e97955
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f73571ed70e049ed33e2040912a6e429f55b9b66d43a808b1cb5aed541f5e543
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f760260277e022bf9d6162bba0bdefe19125717e83ad68ff65c208f95710f1f5
f7ab77f82cc7f94d7e7f743b3a7f7e4a82168c2e22d97c9d01b502b7568f301c
fd24dd19e95655fe037d3b5a68d620e718de6ad1f330180239ebfa39840b33ec
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

telegram-downloads.ru Open in urlscan Pro 92.53.96.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

255 Requests

90 %HTTPS

0 %IPv6

32 Domains

43 Subdomains

26 IPs

6 Countries

2818 kBTransfer

5687 kBSize

46 Cookies

10 Outgoing links

Page URL History

Redirected requests

255 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

telegram-downloads.ru Open in urlscan Pro
92.53.96.193 Public Scan

Screenshot
Live screenshot

Full Image

255
Requests

90 %
HTTPS

0 %
IPv6

32
Domains

43
Subdomains

26
IPs

6
Countries

2818 kB
Transfer

5687 kB
Size

46
Cookies

255 HTTP transactions
9 data transactions