www.tg-me.com Open in urlscan Pro
2606:4700:3034::ac43:9b89  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://www.tg-me.com/tg-me.com/joinchat-VYlQ8nY8s0WuNPDo/ HTTP 301
   https://www.tg-me.com/tg-me.com/joinchat-VYlQ8nY8s0WuNPDo/ HTTP 302
   https://www.tg-me.com/us/tg-me.com/joinchat-VYlQ8nY8s0WuNPDo/ HTTP 302
   https://www.tg-me.com/us/telegram/com.tg-me.com Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

• https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
• https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp1FcDO0MBGdkQgKc3ZnblkvtHEM95Oh7j7CWJExYZKBVWo2QSRGQ_swJc3kj-g7P8ZTIisFGw HTTP 302
• https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2ZMZYCVGk5KNt4q0xGX7c0cV5RQJqbSjQ9na_36kPO8w4DsWFO7bZwL5Li2_Ls69YGINP4KQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1727976308%3A1701290838705926&theme=glif

Request Chain 46

• https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
• https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp2hXvUrH5tg37i5Vkx7A3WDm5XMJFg3lo1uwhIn5PTzozPl86K1EuL1K1w42JiQus8a2EiLFA HTTP 302
• https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp24oKoqYoe1zd-glPe7-stsABKy6MssiJP6WehzPZ7Wxpd6975iUo5LJxie-y9yiYOeYhcQ6Q&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1779344930%3A1701290838702069&theme=glif

Request Chain 49

• https://www.tg-me.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
• https://www.tg-me.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Request Chain 53

• https://avd.innity.com/uidsync/getuid/?idsr=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fssp%3Dinnity%26user_id%3D%24UID&itmcb=1701290838609 HTTP 302
• https://x.bidswitch.net/sync?ssp=innity&user_id=0810b29c8cf5c76ab7f2e20e4c6807d8 HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=innity&user_id=0810b29c8cf5c76ab7f2e20e4c6807d8 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=innity&bsw_param=400885c6-fe0d-455c-8cf6-383039db8067&google_hm=NDAwODg1YzYtZmUwZC00NTVjLThjZjYtMzgzMDM5ZGI4MDY3 HTTP 302
• https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEOA9SJlKvS787uKwyAF3dM4&google_cver=1&ssp=innity&bsw_param=400885c6-fe0d-455c-8cf6-383039db8067 HTTP 302
• https://avd.innity.com/uidsync/mapuid/?pid=689&puuid=400885c6-fe0d-455c-8cf6-383039db8067

Request Chain 55

• https://www.facebook.com/v8.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25d9b88c0b7c8%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff3135e196b45908%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2Ftelegram%2Fcom.tg-me&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width= HTTP 302
• https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25d9b88c0b7c8%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff3135e196b45908%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2Ftelegram%2Fcom.tg-me&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width HTTP 302
• https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25d9b88c0b7c8%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff3135e196b45908%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2Ftelegram%2Fcom.tg-me&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width

Request Chain 65

• https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=08F22C7D-6023-42AE-B585-CA3228394270&redir=true&gdpr=0&gdpr_consent= HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=08F22C7D-6023-42AE-B585-CA3228394270&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 66

• https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1973242037642465263&gdpr=0&gdpr_consent=

Request Chain 68

• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CPIsfWAjQq61hcoyKDlCcA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CPIsfWAjQq61hcoyKDlCcA%3D%3D&gdpr=0&gdpr_consent=&google_tc= HTTP 302
• https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 69

• https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=08F22C7D-6023-42AE-B585-CA3228394270 HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=08F22C7D-6023-42AE-B585-CA3228394270 HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b0f3ac8e-602d-486f-95b9-757782b8966c%252C%252C&gdpr=0&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=acdbf148-cae7-43c1-bb40-4dc7c28a7c45&ttd_puid=b0f3ac8e-602d-486f-95b9-757782b8966c%2C%2C

Request Chain 71

• https://eb2.3lift.com/xuid?mid=7976&xuid=08F22C7D-6023-42AE-B585-CA3228394270&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
• https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=08F22C7D-6023-42AE-B585-CA3228394270&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=

Request Chain 72

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDhGMjJDN0QtNjAyMy00MkFFLUI1ODUtQ0EzMjI4Mzk0Mjcw&gdpr=0&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDhGMjJDN0QtNjAyMy00MkFFLUI1ODUtQ0EzMjI4Mzk0Mjcw&gdpr=0&gdpr_consent=&google_tc= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 73

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAwftBYLcXcdeB3oVc-eSlc&google_cver=1

Request Chain 74

• https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3A86891AC801496694DEF2017FF24846

Request Chain 75

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=acdbf148-cae7-43c1-bb40-4dc7c28a7c45&gdpr=0&gdpr_consent=

Request Chain 76

• https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=08F22C7D-6023-42AE-B585-CA3228394270&redir=true&gdpr=0&gdpr_consent= HTTP 302
• https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=08F22C7D-6023-42AE-B585-CA3228394270&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
• https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ALQ9Kn5E2uWNORKDaxiwD57xFlMyqwU-~A&gdpr=0

Request Chain 78

• https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=08F22C7D-6023-42AE-B585-CA3228394270&gdpr=0&gdpr_consent= HTTP 302
• https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=12f98d80672b14f2&is_secure=true&networkId=17100&version=1&nuid=08F22C7D-6023-42AE-B585-CA3228394270&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGHVoIX5OLNANsn8ShAAAAAAA&expiration=1701377239&nuid=08F22C7D-6023-42AE-B585-CA3228394270&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 79

• https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=d2b09803-a7e3-409a-bf53-6ef66d15ee01&gdpr=0&gdpr_consent=

Request Chain 97

• https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
• https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
• https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCQXQwN0t6MGNBQUJQTmpERnZrQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
• https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
• https://rtb-csync.smartadserver.com/redir?partneruserid=AABAt07Kz0cAABPNjDFvkA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
• https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8122505038185979884&gdpr=0&gdpr_consent= HTTP 303
• https://bh.contextweb.com/bh/rtset?ev=AABAt07Kz0cAABPNjDFvkA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8122505038185979884%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
• https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8122505038185979884&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABAt07Kz0cAABPNjDFvkA&pid=558502&do=add&gdpr=0 HTTP 303
• https://sync.technoratimedia.com/services?uid=AABAt07Kz0cAABPNjDFvkA&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8122505038185979884%26gdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
• https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8122505038185979884&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABAt07Kz0cAABPNjDFvkA&gdpr=0

Request Chain 99

• https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-1ZnKqxQZHzgUTQrqwV8KfRSNS7gU2Z5qFKAQ_PF

Request Chain 100

• https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZWejWgADT8arTgBH

Request Chain 101

• https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
• https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=400885c6-fe0d-455c-8cf6-383039db8067&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy= HTTP 302
• https://x.bidswitch.net/sync?dsp_id=445&user_id=b9b440dc-f9ba-3234-8c7e-0e2d69c447a6&ssp=pubmatic&bsw_param=400885c6-fe0d-455c-8cf6-383039db8067 HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=400885c6-fe0d-455c-8cf6-383039db8067&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 102

• https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
• https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7e90bece-8ef8-11ee-9f05-3aa38ca1a72f

Request Chain 104

• https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=08F22C7D-6023-42AE-B585-CA3228394270&gdpr=0&gdpr_consent= HTTP 302
• https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=08F22C7D-6023-42AE-B585-CA3228394270&vxii_pid=12&vxii_pid1=10067&vxii_rcid=ba2d491a-2fd0-421c-8362-610b349b14e0

Request Chain 105

• https://us-u.openx.net/w/1.0/sd?id=540245193&val=08F22C7D-6023-42AE-B585-CA3228394270&gdpr=0&gdpr_consent= HTTP 302
• https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=08F22C7D-6023-42AE-B585-CA3228394270&gdpr=0&gdpr_consent=

Request Chain 109

• https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA5_10CECA6DE_7D9595EA&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
• https://pmp.mxptint.net/sn.ashx?ak=1

Request Chain 110

• https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8481447460135059593&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 111

• https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
• https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e96c4945-0edc-4b72-a310-fd3ac36259b2-6567a35a-5553&gdpr=0&gdpr_consent=

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request com.tg-me.com Show response www.tg-me.com/us/telegram/ Redirect Chain http://www.tg-me.com/tg-me.com/joinchat-VYlQ8nY8s0WuNPDo/ https://www.tg-me.com/tg-me.com/joinchat-VYlQ8nY8s0WuNPDo/ https://www.tg-me.com/us/tg-me.com/joinchat-VYlQ8nY8s0WuNPDo/ https://www.tg-me.com/us/telegram/com.tg-me.com	22 KB 7 KB	530ms 529ms	Document text/html	2606:4700:3034::ac43:9b89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9b89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 920ef67a481ad0a0ffc06918f578b3ed22d1b2246056d406224d8e725e66123d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=31536000 cf-cache-status MISS cf-ray 82ddb4688d824bc1-BUF content-encoding br content-type text/html; charset=UTF-8 date Wed, 29 Nov 2023 20:47:15 GMT last-modified Wed, 29 Nov 2023 20:47:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6uV3iUMLrpbNizdFH00%2BJwYP0lI5OtgagdW%2FU3qAUuF%2Bpg7cW5SlhKVZe2nZrIFHoSqDz%2FTYijLJFXv6zLLcp4RoouSUqRF2tT0YhaGVW8r3fUUJ0YmF%2F9XDJTIubja4Zxs0kwwlLctnQMYZ"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status BYPASS cf-ray 82ddb466cd694bc1-BUF content-type text/html; charset=UTF-8 date Wed, 29 Nov 2023 20:47:15 GMT location https://www.tg-me.com/us/telegram/com.tg-me.com nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRTngQyLMkJ71L2oZZAslpupA%2Ff3%2BgNIRTqH1NdolZKnee65NumrZMOj6Rpx9hHO4XuXgASdGRfN0ei0%2F7JH92krHR3FGKHmjF0%2FRMVeB1B4zG4NuanEHVFGlo45gLX9BdKACS5vCm0IjQHf"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	GKNcrQjoAp6Z98cDDrrto_NSSHU.js Show response www.tg-me.com/cdn-cgi/apps/head/	5 KB 2 KB	252ms 250ms	Script application/javascript	2606:4700:3034::ac43:9b89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.tg-me.com/cdn-cgi/apps/head/GKNcrQjoAp6Z98cDDrrto_NSSHU.js Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9b89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1564de76f12335b86790a0aa52846be066e1945090183589e762537fe9464cfe Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/us/telegram/com.tg-me.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:16 GMT x-amz-version-id E1E3JGNyYHVXxbWCxajU5xVZDdmc_Ir2 content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id CJHP80CB3T13R3XK alt-svc h3=":443"; ma=86400 x-amz-id-2 FK/kitAsWQZdCEisaScUDPDh4l2ZOeTfpcF4bIy+gG9iytNvONinJDEYWaonvW8o7awlYnFz9k4= last-modified Thu, 06 May 2021 08:34:07 GMT server cloudflare etag W/"8cbe5fbd6b1a135e178b1a76bcee5724" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyCb%2BcMyPpyMtkSZmrUP6pohO1UtmT6WFSutPbjhNO8qyZGIlZI2eubqc7MAnRVwVFIUfE8Ynm4sOawFlsoQERt0J0vT5gBq%2FnIIq0n6mbgM2K2Dusacjkrb%2Fr6yk865LVA0jBr0HjDbaRtV"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 82ddb46bfdc14bc1-BUF
GET H/1.1	200 OK	admanager.js Show response cdn.innity.net/	12 KB 4 KB	228ms 27ms	Script application/javascript	23.209.54.115 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.innity.net/admanager.js Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 23.209.54.115 Piscataway, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-209-54-115.deploy.static.akamaitechnologies.com Software Apache / Resource Hash e9d627b37bb2437e38e178e2c5776d50a3163be9b0976526b4ab133922a34963 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Wed, 29 Nov 2023 20:47:16 GMT Content-Encoding gzip Last-Modified Mon, 06 Nov 2023 09:17:20 GMT Server Apache ETag "2e2f-6097852320800-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 3929 Expires Thu, 30 Nov 2023 20:47:16 GMT
GET H3	200	style.css www.tg-me.com/	2 KB 1 KB	527ms 525ms	Stylesheet text/css	2606:4700:3034::ac43:9b89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.tg-me.com/style.css?v1 Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9b89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82f589cf1a985a611daedeba8a08c76026637131a63c57cc910b9284292d0eee Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/us/telegram/com.tg-me.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:16 GMT content-encoding br cf-cache-status MISS last-modified Thu, 01 Jun 2023 05:19:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64782a56-946" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ev0O1ogGbGRU4R1B55L2JilomTbVLNI3gWn75PFxI88oyKKC2tIZE0GKQJr08f%2BsRdNKsQSB7BsJztg59AD0YyAyHKGHRzxq4G3WQgtgG14kDE8ug0xYCZduzE9Gw9jHLiOMa5FNIMBH6zyX"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=691200 cf-ray 82ddb46bfdc24bc1-BUF alt-svc h3=":443"; ma=86400
GET H2	200	tg-me.jpg img.tg-me.com/icon/tg/	12 KB 13 KB	1045ms 1021ms	Image image/jpeg	2606:4700:3034::ac43:9b89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.tg-me.com/icon/tg/tg-me.jpg Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:9b89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66d7a374f4708c93064c50e8d2f37103fd9e891a90d0d0f63682a8b0df18ab93 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:16 GMT cf-cache-status HIT last-modified Wed, 29 Nov 2023 20:00:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SRDmAKJm85QQjzFKP%2BcoX75jKsUP3wVVeo6SLynTQ6HcNXrO4dN4ckdSMUDQlviQYzs%2Bf5thAfq2SGa8%2FPVHSndUc9ptXVobWbyCe9MeBXRak%2BgFMGIRP4czyxdJyBhD8Alw4t1lcz5AwLP2"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=691200 cf-ray 82ddb46c1dc64bc1-BUF alt-svc h3=":443"; ma=86400
GET H3	200	cm.svg www.tg-me.com/img/	893 B 943 B	523ms 521ms	Image image/svg+xml	2606:4700:3034::ac43:9b89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.tg-me.com/img/cm.svg Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9b89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd21af8d422403bd8e42df9da7cda432c81c76da81e830d3571e17c5d0edbd8c Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/us/telegram/com.tg-me.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:17 GMT content-encoding br cf-cache-status MISS last-modified Wed, 26 Oct 2022 11:10:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"635915b7-37d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9HXErsSDBcO2bNj1BkCwOBLXjJmM%2FiEYtKWa39uPCv3gjToZUqf9mMwh43KFtkvdIKitAO2O3YG9Wz1vPbKsLQcKS2%2FKRT0eKOfW7uQxl3U1xfP6xssRzvSUIgyDnj2F949l2ULwzgWiKa1"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=691200 cf-ray 82ddb475de3c4bc1-BUF alt-svc h3=":443"; ma=86400
GET H2	200	addthis_widget.js Show response s7.addthis.com/js/300/	56 B 361 B	258ms 40ms	Script text/javascript	23.73.233.5 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/js/300/addthis_widget.js Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.73.233.5 Edison, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-73-233-5.deploy.static.akamaitechnologies.com Software Oracle API Gateway / Resource Hash f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff date Wed, 29 Nov 2023 20:47:16 GMT server Oracle API Gateway opc-request-id /B39EE0BF38C6FC94070531F27D75F0D3/2F0C1254C631C9EA0D1B930BEDCECC44 x-frame-options sameorigin vary Accept-Encoding content-type text/javascript x-distribution 99 x-host s7.addthis.com content-length 76 x-xss-protection 1; mode=block
GET H2	200	sdk.js Show response connect.facebook.net/en_GB/	3 KB 2 KB	90ms 30ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_GB/sdk.js Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 30ba798bd32d15f9406134f7386b37fec22b2b336d298992f05323ecf6270580 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.tg-me.com/ Origin https://www.tg-me.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Wed, 29 Nov 2023 20:47:17 GMT content-md5 hBl4jDLt9z0hWpIYuKvHIA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1685 reporting-endpoints x-fb-debug YL7ztKTazSvVZZJeHjRMgOEkcAjW+aA05eW+SorzwAg7gsBnJ6KVI0SM3yb5D/K/vmlJOcpyY0PegJ4yQqgO7w== x-fb-content-md5 1e1f9735ce8d0594d8646f509b24147c cross-origin-opener-policy same-origin-allow-popups etag "00037ded99358549cba6449af6c497a8" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Wed, 29 Nov 2023 20:57:30 GMT
GET H3	200	widget-frame.css www.tg-me.com/	37 KB 7 KB	760ms 759ms	Stylesheet text/css	2606:4700:3034::ac43:9b89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.tg-me.com/widget-frame.css Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9b89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c2db81cdfb6147e0a8c0375840633c3e2072f01b15a062e7a2f216a678853ef Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/us/telegram/com.tg-me.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:16 GMT content-encoding br cf-cache-status MISS last-modified Thu, 01 Jun 2023 05:19:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64782a56-939a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVMuZ18KoPGJ2NEwIeQCHWQyDz%2Bgd6FeRRcd1fVpCDgKZcvH39RaHNbYj19cIxOXuGzxxE5HB2%2Bw5mvNIi0tZwzg43RlssevCv1vqWiHRgAifS8%2BNqAfAZlJrDQaFZA1MiW%2Fe%2BdblyfW7Sgz"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=691200 cf-ray 82ddb46d9dd94bc1-BUF alt-svc h3=":443"; ma=86400
GET H3	200	web.css www.tg-me.com/	20 KB 4 KB	764ms 763ms	Stylesheet text/css	2606:4700:3034::ac43:9b89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.tg-me.com/web.css Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9b89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 825979cea089e2a556e1982de6fe5983118a78b78c85e2dfe620c61deac82bb9 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/us/telegram/com.tg-me.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:17 GMT content-encoding br cf-cache-status MISS last-modified Thu, 01 Jun 2023 05:19:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64782a56-51a1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mev45hRSRa3AQnZcbpYB9gTE0FsRCIXHqo0%2FxomuJPT86h7yNDXYiJewH0gMprps%2BYquqrzebBNcJaKdnvnVZnWBjDTml1Fwg70pmmKQGJIACu64a9WGaGWwRi4WSIQsoJDPNNnOq5RKCi53"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=691200 cf-ray 82ddb4725e194bc1-BUF alt-svc h3=":443"; ma=86400
GET H2	200	/ Show response d37tb4r0t9g99j.cloudfront.net/	354 KB 115 KB	566ms 303ms	Script text/plain	2600:9000:2021:600:9:81e3:f9c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291 Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2021:600:9:81e3:f9c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 8364b972da2634091109abc25203e1081cbd64879e06b94cde8eff6207a1b8af Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 29 Nov 2023 20:47:17 GMT content-encoding gzip via 1.1 1a399aaac982834d0360b244b67da7a4.cloudfront.net (CloudFront) x-amz-cf-pop CPH50-C2 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-length 117365 x-amz-cf-id zWFAtXXzx0I7yU95Kw6bNtZVKF7sdDImITqQUwKZDRR-YXZP5FjNFA==
GET H3	200	mttil_w5gfRQoMK9J5wSEV0yOJQ.js Show response www.tg-me.com/cdn-cgi/apps/body/	4 KB 2 KB	290ms 288ms	Script application/javascript	2606:4700:3034::ac43:9b89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.tg-me.com/cdn-cgi/apps/body/mttil_w5gfRQoMK9J5wSEV0yOJQ.js Requested by Host: www.tg-me.com URL: https://www.tg-me.com/cdn-cgi/apps/head/GKNcrQjoAp6Z98cDDrrto_NSSHU.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9b89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f0c8ae28caaea979ac1a1b6c668726fe721704bc34bf50d882cb35a212516cf7 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/us/telegram/com.tg-me.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:17 GMT x-amz-version-id yTUDbCChusb22oEAAiuOhIKs2DMdoM2X content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id RNQAEHH4SSF7HJ59 alt-svc h3=":443"; ma=86400 x-amz-id-2 k/eo8GiTKnOfs1FVzJ9bh/Qf5Q71IAAisImVWICM+9lP3z/4HISR796BWxsFZpjm2VwzQxahK5o= last-modified Thu, 06 May 2021 08:34:06 GMT server cloudflare etag W/"906771a682327b7ef80896da1bda8167" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lw62FWEEAvr%2B%2Bg%2BFXky4mSysBDmWrVfUAIssHDdwdFKESag4e%2BuAF%2FUkj0FrJzICBtsRjFquIpvLFn4rD%2FdIzrnQi%2B%2F9gIL%2B48%2FkM2rg37ygfVmFkBrVvqdZynRE5DWP1JGQ2BcJvmweEzTh"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 82ddb475de3d4bc1-BUF
GET H/1.1	200 OK	/ Show response as.innity.com/synd/	463 B 1 KB	1299ms 251ms	Script text/javascript	119.81.192.141 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://as.innity.com/synd/?cb=1701290836081&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93378&output=js&flash=0&url=www.tg-me.com&width=*&height=*&vpw=1600&vph=1200&auction=5fb08cd-142e873&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL3RlbGVncmFtL2NvbS50Zy1tZS5jb20%3D Requested by Host: cdn.innity.net URL: https://cdn.innity.net/admanager.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 119.81.192.141 Singapore, Singapore, ASN36351 (SOFTLAYER, US), Reverse DNS 8d.c0.5177.ip4.static.sl-reverse.com Software Apache / Resource Hash 18cd488606a97044df4aecbd880631bc2a482209da3c662376eb87291ff4ea18 Request headers Referer https://www.tg-me.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Pragma no-cache Date Wed, 29 Nov 2023 20:47:17 GMT Content-Encoding gzip Last-Modified Wed, 29 Nov 2023 20:47:17 GMT Server Apache Vary Accept-Encoding P3P policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT" Content-Type text/javascript; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Content-Length 296 Expires Sat, 03 Sep 1983 02:00:00 GMT
GET H/1.1	200 OK	/ Show response as.innity.com/synd/	463 B 1 KB	1312ms 266ms	Script text/javascript	119.81.192.141 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://as.innity.com/synd/?cb=1701290836084&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93380&output=js&flash=0&url=www.tg-me.com&width=*&height=*&vpw=1600&vph=1200&auction=5fb08cd-142e873&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL3RlbGVncmFtL2NvbS50Zy1tZS5jb20%3D Requested by Host: cdn.innity.net URL: https://cdn.innity.net/admanager.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 119.81.192.141 Singapore, Singapore, ASN36351 (SOFTLAYER, US), Reverse DNS 8d.c0.5177.ip4.static.sl-reverse.com Software Apache / Resource Hash da0293f070b9b1b1fec965cf3050ca1a365d6c78f5b22c8eb1efd060945f2c2d Request headers Referer https://www.tg-me.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Pragma no-cache Date Wed, 29 Nov 2023 20:47:17 GMT Content-Encoding gzip Last-Modified Wed, 29 Nov 2023 20:47:17 GMT Server Apache Vary Accept-Encoding P3P policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT" Content-Type text/javascript; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Content-Length 296 Expires Sat, 03 Sep 1983 02:00:00 GMT
GET H/1.1	200 OK	analytics.js Show response cdn.innity.net/	301 B 547 B	28ms 26ms	Script application/javascript	23.209.54.115 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.innity.net/analytics.js Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 23.209.54.115 Piscataway, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-209-54-115.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 03d0e8a81b76b97330c387401f890774b9d88750ea2d7b7d85da4851ca2ef3ac Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Wed, 29 Nov 2023 20:47:17 GMT Content-Encoding gzip Last-Modified Wed, 04 Oct 2023 08:05:30 GMT Server Apache ETag "12d-606df78894680-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 175 Expires Thu, 30 Nov 2023 20:47:17 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	157 KB 57 KB	101ms 43ms	Script application/javascript	2607:f8b0:4006:824::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TS87BVL Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f33cff9e136a2166375be071adf81b0e2717f3a41c73027a0dc8c9bb1170197a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:17 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 58466 x-xss-protection 0 last-modified Wed, 29 Nov 2023 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 29 Nov 2023 20:47:17 GMT
GET H/1.1	200 OK	/ Show response as.innity.com/synd/	2 KB 1 KB	249ms 248ms	Script text/javascript	119.81.192.141 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://as.innity.com/synd/?cb=1701290837408&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98811&output=js&flash=0&url=www.tg-me.com&width=300&height=250&vpw=1600&vph=1200&auction=5fb08cd-142e873&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL3RlbGVncmFtL2NvbS50Zy1tZS5jb20%3D Requested by Host: cdn.innity.net URL: https://cdn.innity.net/admanager.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 119.81.192.141 Singapore, Singapore, ASN36351 (SOFTLAYER, US), Reverse DNS 8d.c0.5177.ip4.static.sl-reverse.com Software Apache / Resource Hash 58eb7faadc676f2e869c5fbd840f7c9f6c5884f19409357dfb09ab36a52356b4 Request headers Referer https://www.tg-me.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Pragma no-cache Date Wed, 29 Nov 2023 20:47:17 GMT Content-Encoding gzip Last-Modified Wed, 29 Nov 2023 20:47:17 GMT Server Apache Vary Accept-Encoding P3P policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT" Content-Type text/javascript; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Content-Length 566 Expires Sat, 03 Sep 1983 02:00:00 GMT
GET H/1.1	200 OK	/ optimize.innity.com/	43 B 452 B	1138ms 258ms	Image image/gif	8.218.26.252 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL https://optimize.innity.com/?pubid=3686&zoneid=93380&cb=1701290837432 Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 8.218.26.252 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Apache / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Pragma no-cache Date Wed, 29 Nov 2023 20:47:18 GMT Last-Modified Wed, 29 Nov 2023 20:47:18 GMT Server Apache P3P policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT" Content-Type image/gif Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Length 43 Expires Sat, 03 Sep 1983 02:00:00 GMT
GET H2	200	/ optimize2.innity.com/	43 B 348 B	1349ms 274ms	Image image/gif	47.250.11.143 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL https://optimize2.innity.com/?pubid=3686&zoneid=93380&cb=1701290837432 Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.250.11.143 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software / PHP/8.2.5 Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 29 Nov 2023 20:47:18 GMT last-modified Wed, 29 Nov 2023 20:47:18 GMT x-powered-by PHP/8.2.5 content-type image/gif p3p policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT" cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-length 43 expires Sat, 03 Sep 1983 02:00:00 GMT
GET H/1.1	200 OK	/ optimize.innity.com/	43 B 452 B	1131ms 255ms	Image image/gif	8.218.26.252 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL https://optimize.innity.com/?pubid=3686&zoneid=93378&cb=1701290837432 Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 8.218.26.252 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Apache / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Pragma no-cache Date Wed, 29 Nov 2023 20:47:18 GMT Last-Modified Wed, 29 Nov 2023 20:47:18 GMT Server Apache P3P policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT" Content-Type image/gif Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Length 43 Expires Sat, 03 Sep 1983 02:00:00 GMT
GET H2	200	/ optimize2.innity.com/	43 B 347 B	1355ms 280ms	Image image/gif	47.250.11.143 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL https://optimize2.innity.com/?pubid=3686&zoneid=93378&cb=1701290837432 Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.250.11.143 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software / PHP/8.2.5 Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 29 Nov 2023 20:47:18 GMT last-modified Wed, 29 Nov 2023 20:47:18 GMT x-powered-by PHP/8.2.5 content-type image/gif p3p policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT" cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-length 43 expires Sat, 03 Sep 1983 02:00:00 GMT
GET H/1.1	200 OK	adj Show response grid.bidswitch.net/	22 B 235 B	296ms 192ms	Script text/javascript	35.211.137.220 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://grid.bidswitch.net/adj?auid=373595 Requested by Host: as.innity.com URL: https://as.innity.com/synd/?cb=1701290837408&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98811&output=js&flash=0&url=www.tg-me.com&width=300&height=250&vpw=1600&vph=1200&auction=5fb08cd-142e873&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL3RlbGVncmFtL2NvbS50Zy1tZS5jb20%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.211.137.220 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 220.137.211.35.bc.googleusercontent.com Software nginx / Resource Hash 18c983c761fdf75fb946aa47edc930cbf2f88bc7948ebc7bc6f699aa19628eb8 Request headers Referer https://www.tg-me.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Wed, 29 Nov 2023 20:47:17 GMT cache-control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 22 Content-Type text/javascript; charset=UTF-8
GET H2	200	js Show response www.googletagmanager.com/gtag/	240 KB 83 KB	47ms 47ms	Script application/javascript	2607:f8b0:4006:824::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-H9DDVMTLKY Requested by Host: www.tg-me.com URL: https://www.tg-me.com/cdn-cgi/apps/body/mttil_w5gfRQoMK9J5wSEV0yOJQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9f55aca92de083b569f296c83fafcff1a80e722d5f821e824760043ab653ea0d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:17 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85212 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 29 Nov 2023 20:47:17 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	240 KB 83 KB	64ms 64ms	Script application/javascript	2607:f8b0:4006:824::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-H9DDVMTLKY&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS87BVL Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 04a18ebf73edbaa81205d144e4cda51188d4ffe31f560cf663ceb81976a3243f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:17 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85207 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 29 Nov 2023 20:47:17 GMT
POST H2	204	collect www.google-analytics.com/g/	0 253 B	251ms 37ms	Ping text/plain	2607:f8b0:4006:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-H9DDVMTLKY&gtm=45je3b81v882766043&_p=1701290837399&gcd=11l1l1l1l1&dma=0&cid=1625276325.1701290838&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701290837&sct=1&seg=0&dl=https%3A%2F%2Fwww.tg-me.com%2Fus%2Ftelegram%2Fcom.tg-me.com&dt=Telegram&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3520 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-H9DDVMTLKY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 29 Nov 2023 20:47:18 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.tg-me.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	container_576b5a051c51b1c0244bca09.js Show response ssl-avd.innity.net/1/ Frame F4A5	11 KB 4 KB	528ms 27ms	Script application/javascript	23.209.54.115 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 23.209.54.115 Piscataway, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-209-54-115.deploy.static.akamaitechnologies.com Software nginx/1.24.0 / Resource Hash fcbfe3701531c9c0a1cdf0f9adaf43370498a8a46185ec0639f844a14f1f5541 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Wed, 29 Nov 2023 20:47:18 GMT Content-Encoding gzip Last-Modified Fri, 13 Oct 2023 07:45:31 GMT Server nginx/1.24.0 ETag "6528f59b-2aa5-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=1996525 Connection keep-alive Accept-Ranges bytes Content-Length 3678 Expires Fri, 22 Dec 2023 23:22:43 GMT
GET H/1.1	200 OK	container_549927e79bd1fa1a040041a9.js Show response ssl-avd.innity.net/1/ Frame 5635	7 KB 3 KB	520ms 28ms	Script application/javascript	23.209.54.115 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ssl-avd.innity.net/1/container_549927e79bd1fa1a040041a9.js Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 23.209.54.115 Piscataway, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-209-54-115.deploy.static.akamaitechnologies.com Software nginx/1.20.1 / Resource Hash 6d82e21331aeb7b154ce45f18bc4a76893c17b1e2db85c4b40397fabfc0b023e Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Wed, 29 Nov 2023 20:47:18 GMT Content-Encoding gzip Last-Modified Wed, 26 Aug 2020 05:09:27 GMT Server nginx/1.20.1 ETag "5f45ee87-1dd4-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=1676924 Connection keep-alive Accept-Ranges bytes Content-Length 2863 Expires Tue, 19 Dec 2023 06:36:02 GMT
GET H3	200	stars.svg www.tg-me.com/img/	901 B 977 B	521ms 520ms	Image image/svg+xml	2606:4700:3034::ac43:9b89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.tg-me.com/img/stars.svg Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9b89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc60e6f6e60e1cc56e2ebfc8d51811b55fc04a29e0a383dfceba765c2e870ba6 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/us/telegram/com.tg-me.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:18 GMT content-encoding br cf-cache-status MISS last-modified Wed, 26 Oct 2022 11:10:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"635915b7-385" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnEfrDnl06h2sO4Yf7r3pI9NbW396lDr7XEkyfetyWfPHq3jRP5JHud%2F%2BLIpUIbdl9xq9P%2BYaRxwHcLgigR8nhCWc69GuwSW2cAvzwTbQ8EDCKyI0bH%2Fam16S2C3FsSmkVEA%2BrRGZkVEWeOi"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=691200 cf-ray 82ddb4797e594bc1-BUF alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	/ Show response as.innity.com/synd/	916 B 1009 B	249ms 249ms	Script text/javascript	119.81.192.141 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://as.innity.com/synd/?cb=1701290837987&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98815&output=js&flash=0&url=www.tg-me.com&width=300&height=250&vpw=1600&vph=1200&auction=5fb08cd-142e873&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL3RlbGVncmFtL2NvbS50Zy1tZS5jb20%3D Requested by Host: cdn.innity.net URL: https://cdn.innity.net/admanager.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 119.81.192.141 Singapore, Singapore, ASN36351 (SOFTLAYER, US), Reverse DNS 8d.c0.5177.ip4.static.sl-reverse.com Software Apache / Resource Hash f0cebbe787a998cc2014f61aec23f13a615516896d7a2ce41028bc6a0acecf49 Request headers Referer https://www.tg-me.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Pragma no-cache Date Wed, 29 Nov 2023 20:47:18 GMT Content-Encoding gzip Last-Modified Wed, 29 Nov 2023 20:47:18 GMT Server Apache Vary Accept-Encoding P3P policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT" Content-Type text/javascript; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Content-Length 520 Expires Sat, 03 Sep 1983 02:00:00 GMT
GET H/1.1	200 OK	adj Show response grid.bidswitch.net/	22 B 235 B	107ms 107ms	Script text/javascript	35.211.137.220 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://grid.bidswitch.net/adj?auid=373596 Requested by Host: as.innity.com URL: https://as.innity.com/synd/?cb=1701290837987&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98815&output=js&flash=0&url=www.tg-me.com&width=300&height=250&vpw=1600&vph=1200&auction=5fb08cd-142e873&u=aHR0cHM6Ly93d3cudGctbWUuY29tL3VzL3RlbGVncmFtL2NvbS50Zy1tZS5jb20%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.211.137.220 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 220.137.211.35.bc.googleusercontent.com Software nginx / Resource Hash 18c983c761fdf75fb946aa47edc930cbf2f88bc7948ebc7bc6f699aa19628eb8 Request headers Referer https://www.tg-me.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Wed, 29 Nov 2023 20:47:18 GMT cache-control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 22 Content-Type text/javascript; charset=UTF-8
GET H/1.1	200 OK	container_576b5a051c51b1c0244bca09.js Show response ssl-avd.innity.net/1/ Frame 3685	11 KB 4 KB	145ms 26ms	Script application/javascript	23.209.54.115 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 23.209.54.115 Piscataway, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-209-54-115.deploy.static.akamaitechnologies.com Software nginx/1.24.0 / Resource Hash fcbfe3701531c9c0a1cdf0f9adaf43370498a8a46185ec0639f844a14f1f5541 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Wed, 29 Nov 2023 20:47:18 GMT Content-Encoding gzip Last-Modified Fri, 13 Oct 2023 07:45:31 GMT Server nginx/1.24.0 ETag "6528f59b-2aa5-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=1996525 Connection keep-alive Accept-Ranges bytes Content-Length 3678 Expires Fri, 22 Dec 2023 23:22:43 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_GB/	302 KB 87 KB	33ms 29ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_GB/sdk.js?hash=058ee42f5cfe548f033d3d7ee20ae378 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_GB/sdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3d60b34a8b73b9168676cae54d46b773b7d6146e8028ba463950f31eb4540b0c Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.tg-me.com/ Origin https://www.tg-me.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Wed, 29 Nov 2023 20:47:18 GMT content-md5 Vg5V7nZMt1AJgxC+lr+cVQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 88328 reporting-endpoints x-fb-debug Pyxy5+WX5E9P+20Zk7inZ6mypqY8k0jJ7ZS9K46RqrFnxpmUQ3gEfUzHZZognHEoMdhXZb5oiTQhL9CRxYMyhw== x-fb-content-md5 7c7513f56b356711c4711b0c0d154ea0 cross-origin-opener-policy same-origin-allow-popups etag "781dfea2ad19a0b8ae9a3c3928f93476" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Thu, 28 Nov 2024 19:11:50 GMT
GET H2	200	2161124 Show response acceptable.a-ads.com/ Frame 1C59	24 KB 6 KB	558ms 130ms	Document text/html	213.239.205.245 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://acceptable.a-ads.com/2161124 Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.239.205.245.clients.your-server.de Software nginx / Phusion Passenger(R) Resource Hash d986f61e4f13f061197848b1421592f12063cb0a916c76b600bff2809fc77b34 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.tg-me.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding gzip content-type text/html;charset=utf-8 date Wed, 29 Nov 2023 20:47:18 GMT server nginx status 200 OK vary Accept-Encoding Accept-Encoding x-content-type-options nosniff x-original-referer https://www.tg-me.com/ x-powered-by Phusion Passenger(R) x-robots-tag noindex, nofollow, nosnippet, noarchive x-xss-protection 1; mode=block
GET H3	200	tg-me.jpg img.tg-me.com/icon/tg/	12 KB 13 KB	36ms 36ms	Image image/jpeg	2606:4700:3034::ac43:9b89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.tg-me.com/icon/tg/tg-me.jpg Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9b89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66d7a374f4708c93064c50e8d2f37103fd9e891a90d0d0f63682a8b0df18ab93 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:18 GMT cf-cache-status HIT last-modified Wed, 29 Nov 2023 20:00:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxmSNvIR9khCPvAR4KRp2DLGN2IAa0VoPKnIr%2FC9uxCybR0nw6t1Ggrsqo0sxHIPt0R%2BOocdf4rkqT6zuYCGflxsa%2BHQZwIc%2F4a6BpMG1Rz0hJC%2B%2BIgRAQoq5EmrUJ5s2PnD5%2Bap0EtD7bkn"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=691200 cf-ray 82ddb47bde8f4bc1-BUF alt-svc h3=":443"; ma=86400
GET H2	200	addthis_widget.js Show response s7.addthis.com/js/300/	56 B 361 B	56ms 55ms	Script text/javascript	23.73.233.5 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/js/300/addthis_widget.js Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.73.233.5 Edison, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-73-233-5.deploy.static.akamaitechnologies.com Software Oracle API Gateway / Resource Hash f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff date Wed, 29 Nov 2023 20:47:18 GMT server Oracle API Gateway opc-request-id /B39EE0BF38C6FC94070531F27D75F0D3/2F0C1254C631C9EA0D1B930BEDCECC44 x-frame-options sameorigin vary Accept-Encoding content-type text/javascript x-distribution 99 x-host s7.addthis.com content-length 76 x-xss-protection 1; mode=block
GET H2	200	asd100.bin Show response pogothere.xyz/	100 KB 100 KB	188ms 107ms	Fetch binary/octet-stream	172.64.167.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/asd100.bin Requested by Host: d37tb4r0t9g99j.cloudfront.net URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.167.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:18 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3103 alt-svc h3=":443"; ma=86400 last-modified Wed, 29 Nov 2023 19:55:35 GMT server cloudflare vary Accept-Encoding access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin https://www.tg-me.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1HdLUo1V0XIZ5lR79Q0xmz5gbqYZXrCNGflCndXXWRIXNGeZmwHJLrWjdxM%2BOmTAZuM7uFBk%2FplwWvgiIP%2BKdufAPLqQ3im0n9k04qtfVStYW4t5tKbRh9YGMkZbgVrn"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 access-control-allow-credentials true cf-ray 82ddb47cdeaf43c5-EWR access-control-allow-headers X-Requested-With, content-type
GET H2	200	/ Show response pogothere.xyz/	26 B 372 B	160ms 78ms	Fetch text/plain	172.64.167.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/ Requested by Host: d37tb4r0t9g99j.cloudfront.net URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.167.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1da0f979f48fe1ff025af96b848c0fc3ee4f33bce67c2c6f8e7e8ca1281497c3 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:18 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hA%2BDq50l3HIet8i%2BGD704RSAEzqyDyq1z%2BvZ00Gwo4pSJ%2BS7U%2Bkn6DKGoNHnH5X5i08viiCJwEaOGmFU%2BSJT3hV4HWand0Ff1NITIukH90WtiJpV4OEos1UrpgmOZ2DE"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET access-control-allow-origin https://www.tg-me.com content-type text/plain access-control-allow-credentials true cf-ray 82ddb47cdeae43c5-EWR access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400
GET H2	204	utx Show response ketiverdisof.com/	0 537 B	112ms 37ms	XHR text/plain	54.230.163.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ketiverdisof.com/utx?cb=IyAWVOl7QTei&top=www.tg-me.com&tid=994291 Requested by Host: d37tb4r0t9g99j.cloudfront.net URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.163.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-163-40.ewr53.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 29 Nov 2023 20:47:18 GMT via 1.1 366ff516a3e74c5fb4d4d2286497d924.cloudfront.net (CloudFront) server openresty/1.17.8.2 accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List x-amz-cf-pop EWR53-C3 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www.tg-me.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true x-amz-cf-id o4_b-A0GIDPZY2f9DPgZ2ZpBL1TY7t-gsj_Rakr4R6tC7oDRvL9giQ==
GET H2	200	Cxc0UBUNNy8CLRcwPQ Show response ketiverdisof.com/RG1MZHklDy8JRiVQLkIMNgFxQUsCSH4iHXdaOAZNNl04XR59VCZKGigCOQAfNgIiEFcqCDhBSwIIGCFMKDoKAw8NPD9BSwY3NgMXBToaDB0cHRQ9LigcBiYgdyMmHAMUKQkzMz0oCS8BAVwtJjwtPQQiExIqJEFLBiQPXDUUXxoVMjMeez4h... Frame 4CFE	3 KB 2 KB	76ms 40ms	Document text/html	54.230.163.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ketiverdisof.com/RG1MZHklDy8JRiVQLkIMNgFxQUsCSH4iHXdaOAZNNl04XR59VCZKGigCOQAfNgIiEFcqCDhBSwIIGCFMKDoKAw8NPD9BSwY3NgMXBToaDB0cHRQ9LigcBiYgdyMmHAMUKQkzMz0oCS8BAVwtJjwtPQQiExIqJEFLBiQPXDUUXxoVMjMeez4hdQIOIA5yDhQUPQguKw4zEgp9NDoBSH4iPT4kfCoTHSQqDUkwDjsDSg0EGQ06EAF1Ah4sPCgJETQLCjIOCBQZAzgQDjo0SzA1LSAgcAx9ABYlNTQDLxxcPiAUMDUtJ0EoJAoqCiI1dCkoAx0jKjEsPy88SGFfDgIeaTwjLzoFHwkOSXInNQcrIjojLxx1NzoAF31ZHSMJKzcPMTcIKRkDGHUOLgIhcUh+JjoQKDYvLjA1LSBBNCEdUEonOiBcLxAeOzQQASQcPEhhXw4nPxYdFTMzYV8ON0txAiksDQgMGyJIJVwoCzI9XSMmOisVLTwOLg8bEE4dKxYRHy4BNjI4Ygc/Cxc0UBUNNy8CLRcwPQ Requested by Host: d37tb4r0t9g99j.cloudfront.net URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.163.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-163-40.ewr53.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash ca95709ec5afafb06f47d129df6a59039317a6da406dd1966b2f68112ceadf26 Request headers Referer https://www.tg-me.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List cache-control no-store, no-cache, must-revalidate, no-transform content-encoding gzip content-length 1234 content-type text/html date Wed, 29 Nov 2023 20:47:18 GMT p3p CP="NID DSP ALL COR" pragma no-cache server openresty/1.17.8.2 via 1.1 366ff516a3e74c5fb4d4d2286497d924.cloudfront.net (CloudFront) x-amz-cf-id Bkf-JG0nxZUmHlWVgKzWgJ21uqv9IXMjS--v4Sol7poUOQhyAZ_xeQ== x-amz-cf-pop EWR53-C3 x-cache Miss from cloudfront
GET H2	200	asd100.bin Show response pogothere.xyz/	100 KB 101 KB	103ms 68ms	Fetch binary/octet-stream	172.64.167.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/asd100.bin Requested by Host: d37tb4r0t9g99j.cloudfront.net URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.167.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:18 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3103 alt-svc h3=":443"; ma=86400 last-modified Wed, 29 Nov 2023 19:55:35 GMT server cloudflare vary Accept-Encoding access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin https://www.tg-me.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihb1%2BXEU79wAN9T6E0H49qcoEjzzqa7DL9Gd%2BrAwfAmIZ9ZnMT5iN4zXHlOWV%2BAjUeMcUoHP%2BP9y%2FdZ7OFHvBbjvXA27Xhwp5qIOv05hTub%2FsYVw0XYcKpi2Y0%2Fsq3BH"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 access-control-allow-credentials true cf-ray 82ddb47cdeb343c5-EWR access-control-allow-headers X-Requested-With, content-type
GET H2	200	/ Show response pogothere.xyz/	26 B 359 B	142ms 107ms	Fetch text/plain	172.64.167.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/ Requested by Host: d37tb4r0t9g99j.cloudfront.net URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.167.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ca5dcdb9cb2fcdb778d260851e81c08801d66fe375764946c2923025b9ef7ab Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:18 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XG0KkJyerbTg7awiU%2B%2BML5BR6JSRvn%2BIfFr3KzmMFta9UEVJurkuNSS6tQnyVpFKx%2BBUh2K%2BO%2FS7PmUH%2BWwheSN%2BuYT%2BiMbJYv85Jx9K2sH2HbWOq12pE2ZfMj65otIh"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET access-control-allow-origin https://www.tg-me.com content-type text/plain access-control-allow-credentials true cf-ray 82ddb47cdeb543c5-EWR access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400
GET H2	204	utx Show response ketiverdisof.com/	0 537 B	66ms 38ms	XHR text/plain	54.230.163.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ketiverdisof.com/utx?cb=b2vDWuWo9Yyb&top=www.tg-me.com&tid=997292 Requested by Host: d37tb4r0t9g99j.cloudfront.net URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.163.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-163-40.ewr53.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 29 Nov 2023 20:47:18 GMT via 1.1 366ff516a3e74c5fb4d4d2286497d924.cloudfront.net (CloudFront) server openresty/1.17.8.2 accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List x-amz-cf-pop EWR53-C3 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www.tg-me.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true x-amz-cf-id EbLpe4FhjHYrJnSeNfksaEfDYikwXpnHyw8_8bIEI2UrUW85kGf_Uw==
GET H2	200	HzceZ2wtMi5pOQoABGQLPlI6cjMyKxp3bC0yIQgQIjYUaAA+Vxx1aS4uEF5oKzQ6ATsNVntTDCsmH0UJOT43cgsiJARbNwcBMWYNPgtnCR1ZIR9iMSoCEEgNKwUxYT8wMS4HDw8IAnNqXCIDSGAkLBAAFT0yIgUaDyYHeBs6BRRcaQsjB1QLOTIUBx8uMR9nNlw+A... Show response ketiverdisof.com/aGdWMFgJBTVdZwlaNBYtGgtrFWouQmR2PFtQIlJsGlciCT9RXjweOwQII1Q+Ggg4RHYGAiIVai4XNFsrWj5lVxYiITF2ChAIP2U0XSUAAy8tMD1AESEyA30eAFJkaS9dKxpKYR4uMXU6CjIfahAuKTtyaSYCF1koMSUTZhEkCzFxCj5eImYv... Frame C4AA	3 KB 2 KB	44ms 39ms	Document text/html	54.230.163.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ketiverdisof.com/aGdWMFgJBTVdZwlaNBYtGgtrFWouQmR2PFtQIlJsGlciCT9RXjweOwQII1Q+Ggg4RHYGAiIVai4XNFsrWj5lVxYiITF2ChAIP2U0XSUAAy8tMD1AESEyA30eAFJkaS9dKxpKYR4uMXU6CjIfahAuKTtyaSYCF1koMSUTZhEkCzFxCj5eImYvCwYDA2A5ISFXGiEmJX8QKSpgaBkDMhB0Fgo1BwAIDAslfRkPBDhnPyIDDnFoLDMDWBQNNgx8HB8EOmU/HzceZ2wtMi5pOQoABGQLPlI6cjMyKxp3bC0yIQgQIjYUaAA+Vxx1aS4uEF5oKzQ6ATsNVntTDCsmH0UJOT43cgsiJARbNwcBMWYNPgtnCR1ZIR9iMSoCEEgNKwUxYT8wMS4HDw8IAnNqXCIDSGAkLBAAFT0yIgUaDyYHeBs6BRRcaQsjB1QLOTIUBx8uMR9nNlw+A1seMAUxYgwrEG5EDhAiBGNrBBAAWywyPQdmDjAPIgIaH0E8QzcGF2tlNVsmImkZERI Requested by Host: d37tb4r0t9g99j.cloudfront.net URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.163.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-163-40.ewr53.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash 24c4846e9b0e1925909f487971f271b287d188b057e41e4065d0f88f433772af Request headers Referer https://www.tg-me.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List cache-control no-store, no-cache, must-revalidate, no-transform content-encoding gzip content-length 1233 content-type text/html date Wed, 29 Nov 2023 20:47:18 GMT p3p CP="NID DSP ALL COR" pragma no-cache server openresty/1.17.8.2 via 1.1 366ff516a3e74c5fb4d4d2286497d924.cloudfront.net (CloudFront) x-amz-cf-id OETL0hyUnZgYdFL4D_JNwWpR9PMLW4w7nYjXNIbbdC8vCWfV_0WNgQ== x-amz-cf-pop EWR53-C3 x-cache Miss from cloudfront
GET H2	200	cDE3AAh6DhQ9dzsT Show response ketiverdisof.com/elFpT00bMwoichtsC2k4CD1Uan88dFsJKUlmHS15CGEddipDaANhLhY+HCsrCD4HO2MUNB1qfzxiPAkMDQM8JDcqYF0lKRMAXBkFEiYIGBw5NyE7fzU6JD4HAxMdKjQ3Ni99KT8QK34iMD0FJR0pPlkLGhJlMAcXGRsqLH4YAzAoBwAfHQ4a... Frame C993	3 KB 2 KB	38ms 37ms	Document text/html	54.230.163.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ketiverdisof.com/elFpT00bMwoichtsC2k4CD1Uan88dFsJKUlmHS15CGEddipDaANhLhY+HCsrCD4HO2MUNB1qfzxiPAkMDQM8JDcqYF0lKRMAXBkFEiYIGBw5NyE7fzU6JD4HAxMdKjQ3Ni99KT8QK34iMD0FJR0pPlkLGhJlMAcXGRsqLH4YAzAoBwAfHQ4aNz4nCwQ0Mj53ITcAWSAHEz5cFw4RPg0YB0gyLisqHgAjfhQpMlwXJD88IzYALDVaJGhIEyMNG0k0PgkqMj8/PBQCGD8rfhE/Jhl4ADcxGScZPCt4FDk2LiwaOGAwKAwRHjoOdSwFIDwAECUzAhoCOC8oYCxjDyF4EBMEDXojGQEtAS5hUB8PLGIqIRsTECokKjUrPBkpSTpaARs3JCMhIUsQBxo8NRIjKQY5KVgWIyBhDAghX2MrDgoOdFsJFD0ALy5+EiEIHRtJNDoCNSw4OHgCIgQqDn4COzM3eEg3WhYhPgk4aScJPgc/cDE3AAh6DhQ9dzsT Requested by Host: d37tb4r0t9g99j.cloudfront.net URL: https://d37tb4r0t9g99j.cloudfront.net/?trbtd=994291 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.163.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-163-40.ewr53.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash 9ca343d23f0fddbd9b7ff919943d46dcf3a99e6811099324236df785fed22ac1 Request headers Referer https://www.tg-me.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List cache-control no-store, no-cache, must-revalidate, no-transform content-encoding gzip content-length 1219 content-type text/html date Wed, 29 Nov 2023 20:47:18 GMT p3p CP="NID DSP ALL COR" pragma no-cache server openresty/1.17.8.2 via 1.1 366ff516a3e74c5fb4d4d2286497d924.cloudfront.net (CloudFront) x-amz-cf-id m9BslGVDYaDzTrLsBvZ9wHvTzM6PO7A734A1jm__aUoItPDhsfOiCQ== x-amz-cf-pop EWR53-C3 x-cache Miss from cloudfront
GET H2	204	WVQ2QXB2a1UyTTwSVXM9HxZ4GxcMF28qSTUWQSkfCAMOCTI0ARA1GT1pD3hEa20HZwAwMAtwViogVzUFKmkHZxk3Mll8Vi9pB29DbXoFdV5pckN8QX8gRiAXZGUQMQQtOAtwR2llBHhAYWcOdUNv onverforrinho.com/	0 402 B	98ms 47ms	Image text/plain	172.67.155.90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onverforrinho.com/WVQ2QXB2a1UyTTwSVXM9HxZ4GxcMF28qSTUWQSkfCAMOCTI0ARA1GT1pD3hEa20HZwAwMAtwViogVzUFKmkHZxk3Mll8Vi9pB29DbXoFdV5pckN8QX8gRiAXZGUQMQQtOAtwR2llBHhAYWcOdUNv Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.155.90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:18 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRBQKi7CUVyuLQRPO7bbPRRiXLiMPU%2FNYl29ykiipOcJwATCE78S8BWhe6X%2BKPc9TCywtnM%2F8TDwXkn8gzY%2FZBurhjGUtQodiJTYiXug9Kpk%2FQ9RWXD60WkpgA%2FVZ%2BtYKHQWCg%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 82ddb47d38f97115-YYZ alt-svc h3=":443"; ma=86400
GET H2	200	login.php www.facebook.com/	0 0	237ms 178ms	Image text/html	2a03:2880:f112:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers
GET H3	403	identifier accounts.google.com/v3/signin/ Redirect Chain https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp1FcDO0MBGdkQgKc3ZnblkvtHEM95Oh7j7CWJExYZKBVWo2QSRGQ_swJc3... https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2ZMZYCVGk5KNt4q0xGX7c0cV5RQJqbSjQ9na_36kPO8w4DsWFO7bZwL5Li2_Ls69YGINP4KQ&passiv...	0 0	60ms 59ms	Image text/html	2607:f8b0:4006:81c::200d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2ZMZYCVGk5KNt4q0xGX7c0cV5RQJqbSjQ9na_36kPO8w4DsWFO7bZwL5Li2_Ls69YGINP4KQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1727976308%3A1701290838705926&theme=glif Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H3 Server 2607:f8b0:4006:81c::200d , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Redirect headers date Wed, 29 Nov 2023 20:47:18 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip content-security-policy require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-f2zeBUMeA24TOOnrwk7WMA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 408 x-xss-protection 1; mode=block pragma no-cache server GSE x-frame-options DENY report-to {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} content-type text/html; charset=UTF-8 location https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp2ZMZYCVGk5KNt4q0xGX7c0cV5RQJqbSjQ9na_36kPO8w4DsWFO7bZwL5Li2_Ls69YGINP4KQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1727976308%3A1701290838705926&theme=glif cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy-report-only same-origin; report-to="coop_gse_qebhlk" expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	403	identifier accounts.google.com/v3/signin/ Redirect Chain https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp2hXvUrH5tg37i5Vkx7A3WDm5XMJFg3lo1uwhIn5PTzozPl86K1EuL... https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp24oKoqYoe1zd-glPe7-stsABKy6MssiJP6WehzPZ7Wxpd6975iUo5LJxie-y9yiYOeYhcQ6Q&passi...	0 0	61ms 60ms	Image text/html	2607:f8b0:4006:81c::200d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp24oKoqYoe1zd-glPe7-stsABKy6MssiJP6WehzPZ7Wxpd6975iUo5LJxie-y9yiYOeYhcQ6Q&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1779344930%3A1701290838702069&theme=glif Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H3 Server 2607:f8b0:4006:81c::200d , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Redirect headers date Wed, 29 Nov 2023 20:47:18 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-PTrLhwfit9zhdMlv3FSazw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 402 x-xss-protection 1; mode=block pragma no-cache server GSE x-frame-options DENY report-to {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} content-type text/html; charset=UTF-8 location https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp24oKoqYoe1zd-glPe7-stsABKy6MssiJP6WehzPZ7Wxpd6975iUo5LJxie-y9yiYOeYhcQ6Q&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1779344930%3A1701290838702069&theme=glif cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy-report-only same-origin; report-to="coop_gse_qebhlk" expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	204	UyIgcDpwD1JtM1MFAHFpcSVQAX5DHgYEYQ5AUABqEQcLXWUGURFNOUMCEQRpER4MXzcKURQEaRlEVhdrA1lSHy0KRkRNKFYQXwh+RwMWVWUGQFIIag5HWgpgA09Q onverforrinho.com/YjlYN3dNBjtESjRsaQUUNEk/	0 249 B	99ms 50ms	Image text/plain	172.67.155.90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onverforrinho.com/YjlYN3dNBjtESjRsaQUUNEk/UyIgcDpwD1JtM1MFAHFpcSVQAX5DHgYEYQ5AUABqEQcLXWUGURFNOUMCEQRpER4MXzcKURQEaRlEVhdrA1lSHy0KRkRNKFYQXwh+RwMWVWUGQFIIag5HWgpgA09Q Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.155.90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:18 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJz5qTml1nmcVylaldx4IzMPiNth8mq6AXueDmuQboFfwXaBWY8oG8DvMxv5mJhSaQjzk6F1l%2FTfakcDQtvmRqFDRco9ONMPwEjaCzzNGSH3zEofezooDpuGwr4qjaDnncn%2BJQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 82ddb47d38f77115-YYZ alt-svc h3=":443"; ma=86400
GET H2	204	dzd5Q3VYCBowSDpjKDQhG2Y4ByQxASAkPDV2F3oSNkA8BxEacl83HBMKQHpBRQ5LZQUeU0RyTVFEDSIBAkREclMeWR8sSFFBRHJbRxlLbUFRQkRyUwNHGCRIRhEJNwEbCkh0RUYFQHNNRA9Mckc onverforrinho.com/	0 251 B	97ms 48ms	Image text/plain	172.67.155.90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onverforrinho.com/dzd5Q3VYCBowSDpjKDQhG2Y4ByQxASAkPDV2F3oSNkA8BxEacl83HBMKQHpBRQ5LZQUeU0RyTVFEDSIBAkREclMeWR8sSFFBRHJbRxlLbUFRQkRyUwNHGCRIRhEJNwEbCkh0RUYFQHNNRA9Mckc Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.155.90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:18 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pV23vg513U9WMQdrVCCxgwAiQb4y1m2cty27NaG4wFqCuu7yzVF8fp49Umr%2BJ9tPCX2L7qGzKT7vgLUk0r5TL3dYDGbotc4phqTIep3wYrY%2FUHFksvtyhYE3%2FVwb%2BdPyOOjoPw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 82ddb47d38fa7115-YYZ alt-svc h3=":443"; ma=86400
GET H3	200	main.js Show response www.tg-me.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 5999 Redirect Chain https://www.tg-me.com/cdn-cgi/challenge-platform/scripts/jsd/main.js https://www.tg-me.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js	7 KB 4 KB	35ms 35ms	Script application/javascript	2606:4700:3034::ac43:9b89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.tg-me.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H3 Server 2606:4700:3034::ac43:9b89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26eb44b40e8b809ff09bdacdf73312f603163a4e1b5bd4bee8821e1d61c43b16 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:18 GMT content-encoding br x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgHtH88Xm6Z3XM8n2xJnftRTssfwuchkFRc02G9U5%2FJlqKHJs3Y1UrRhavp48OJlB7LbpHnYoJWImfYL90%2BBcRkFbgimFEvBjn1mOuOoAINaz3difeB0boMkR3yd4rEg4PxgJGlqIRkGGvbg"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public cf-ray 82ddb47dceaf4bc1-BUF alt-svc h3=":443"; ma=86400 Redirect headers date Wed, 29 Nov 2023 20:47:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ln2ySoc6OpMn1oSyDkpvxa1pg4Y%2BaxLvVTEY1juTdSan%2B2SGYSb9OcZ9dwssU1lHPWpWlnhYNXyO63Sv%2FYcJt%2BWQmizmux8P4%2BUIog3RmjKkke7E0ZvFdLXX8%2BX9%2F0Kw7ayzIxKu7O7OnwbG"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * location /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js cache-control max-age=300, public cf-ray 82ddb47d1ea94bc1-BUF alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	dc.js Show response avd.innity.net/lib/ Frame 3685	20 KB 7 KB	252ms 26ms	Script application/javascript	23.209.54.115 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://avd.innity.net/lib/dc.js Requested by Host: ssl-avd.innity.net URL: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 23.209.54.115 Piscataway, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-209-54-115.deploy.static.akamaitechnologies.com Software nginx/1.20.2 / Resource Hash 0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Wed, 29 Nov 2023 20:47:18 GMT Content-Encoding gzip Last-Modified Fri, 22 Oct 2021 06:40:46 GMT Server nginx/1.20.2 ETag "61725cee-5149-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=2000396 Connection keep-alive Accept-Ranges bytes Content-Length 6412 Expires Sat, 23 Dec 2023 00:27:14 GMT
GET H2	200	userSync.js Show response ads.pubmatic.com/AdServer/js/ Frame 3685	7 KB 3 KB	116ms 28ms	Script application/javascript	23.217.173.13 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/userSync.js Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.217.173.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-217-173-13.deploy.static.akamaitechnologies.com Software Apache / Resource Hash bbfd11be8ef21e1c20fcbb1a97d6e90e07784a8b824d4ff3e76b2600527388f9 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:18 GMT content-encoding gzip last-modified Thu, 16 Nov 2023 09:12:08 GMT server Apache vary Accept-Encoding content-type application/javascript p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control max-age=98353 accept-ranges bytes content-length 2416 expires Fri, 01 Dec 2023 00:06:31 GMT
GET H/1.1	200 OK	/ avd.innity.com/uidsync/init/ Frame F77E	43 B 589 B	1022ms 253ms	Image image/gif	47.243.203.231 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL https://avd.innity.com/uidsync/init/?idsr=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D1381%26g%3D204%26j%3D0&c=HK&itmcb=1701290838609 Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Apache / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Pragma no-cache Date Wed, 29 Nov 2023 20:47:19 GMT Last-Modified Wed, 29 Nov 2023 20:47:19 GMT Server Apache P3P policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT" Content-Type image/gif Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Length 43 Expires Wed, 04 Aug 1985 12:59:00 GMT
GET H/1.1	200 OK	/ avd.innity.com/uidsync/mapuid/ Frame F77E Redirect Chain https://avd.innity.com/uidsync/getuid/?idsr=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fssp%3Dinnity%26user_id%3D%24UID&itmcb=1701290838609 https://x.bidswitch.net/sync?ssp=innity&user_id=0810b29c8cf5c76ab7f2e20e4c6807d8 https://x.bidswitch.net/ul_cb/sync?ssp=innity&user_id=0810b29c8cf5c76ab7f2e20e4c6807d8 https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=innity&bsw_param=400885c6-fe0d-455c-8cf6-383039db8067&google_hm=NDAwODg1YzYtZmUwZC00NTVjLThjZjYtMzgzMDM5ZGI4MDY3 https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEOA9SJlKvS787uKwyAF3dM4&google_cver=1&ssp=innity&bsw_param=400885c6-fe0d-455c-8cf6-383039db8067 https://avd.innity.com/uidsync/mapuid/?pid=689&puuid=400885c6-fe0d-455c-8cf6-383039db8067	43 B 452 B	240ms 239ms	Image image/gif	47.243.203.231 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL https://avd.innity.com/uidsync/mapuid/?pid=689&puuid=400885c6-fe0d-455c-8cf6-383039db8067 Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol HTTP/1.1 Server 47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Apache / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Pragma no-cache Date Wed, 29 Nov 2023 20:47:20 GMT Last-Modified Wed, 29 Nov 2023 20:47:20 GMT Server Apache P3P policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT" Content-Type image/gif Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Length 43 Expires Wed, 04 Aug 1985 12:59:00 GMT Redirect headers Location //avd.innity.com/uidsync/mapuid/?pid=689&puuid=400885c6-fe0d-455c-8cf6-383039db8067 Date Wed, 29 Nov 2023 20:47:20 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 0
GET H/1.1	200 OK	dc.js Show response avd.innity.net/lib/ Frame F4A5	20 KB 7 KB	222ms 27ms	Script application/javascript	23.209.54.115 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://avd.innity.net/lib/dc.js Requested by Host: ssl-avd.innity.net URL: https://ssl-avd.innity.net/1/container_576b5a051c51b1c0244bca09.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 23.209.54.115 Piscataway, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-209-54-115.deploy.static.akamaitechnologies.com Software nginx/1.20.2 / Resource Hash 0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Wed, 29 Nov 2023 20:47:18 GMT Content-Encoding gzip Last-Modified Fri, 22 Oct 2021 06:40:46 GMT Server nginx/1.20.2 ETag "61725cee-5149-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=2000396 Connection keep-alive Accept-Ranges bytes Content-Length 6412 Expires Sat, 23 Dec 2023 00:27:14 GMT
GET H3	200	feedback.php Show response www.facebook.com/plugins/ Frame BA67 Redirect Chain https://www.facebook.com/v8.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25d9b88c0b7c8%26domain%3Dwww.tg-me.com%26... https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25d9b88c0b7c8%26domain%3Dwww.tg-me.com%26is_can... https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25d9b88c0b7c8%26domain%3Dwww.tg-me.com%26is_can...	310 KB 61 KB	383ms 383ms	Document text/html	2a03:2880:f112:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25d9b88c0b7c8%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff3135e196b45908%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2Ftelegram%2Fcom.tg-me&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_GB/sdk.js?hash=058ee42f5cfe548f033d3d7ee20ae378 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b50f90e304fc7acc7cf9f5bb0b532a961cffc7833a5a688588161c1470c0068b Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tg-me.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-encoding br content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-type text/html; charset="utf-8" cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy same-origin date Wed, 29 Nov 2023 20:47:19 GMT document-policy force-load-at-top expires Sat, 01 Jan 2000 00:00:00 GMT origin-agent-cluster ?0 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=() pragma no-cache priority u=0,i report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} reporting-endpoints default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown" strict-transport-security max-age=15552000; preload vary Accept-Encoding x-content-type-options nosniff x-fb-debug kk+zx3sRIQ4KdoxknvQJYc9y5xxZx7AgCUMiXNcBLfMiXOkC0+sowF49wpvshZZUGwIS3gIgSawm7B+W1UtzWQ== x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=86400 content-length 0 content-type text/html; charset="utf-8" cross-origin-opener-policy same-origin-allow-popups date Wed, 29 Nov 2023 20:47:18 GMT location https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25d9b88c0b7c8%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff3135e196b45908%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2Ftelegram%2Fcom.tg-me&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width origin-agent-cluster ?0 reporting-endpoints strict-transport-security max-age=15552000; preload x-fb-debug h9oxPWrIjgU1h14tuQNwa4uoq5xMem04eSOcSCPP+4YOb58DvNTTJI6tQPOxVuedU5LA2bf7wUncpcCPCdGjNg==
GET H2	200	pbks2Y3gNJFgFRxoiUl5BV3wEWkpIIUUMFh52Yw5LLz9vIgEbbUIZHFNmB1NeAipYBEVILlgARV9tVwcaU38QFwgBIAsOHAM6XAkUFDNbRQ0PdlsMAgcnWgJdXA0DTUhLeQZLDwclUgwPHW4EUxYabgRTSV5lBkZLLG4EUw8HJQBXXV0JE1FIFn0CSl1ce1-cTCAI... Show response d37tb4r0t9g99j.cloudfront.net/ Frame C4AA	725 B 805 B	275ms 273ms	Script text/plain	2600:9000:2021:600:9:81e3:f9c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d37tb4r0t9g99j.cloudfront.net/pbks2Y3gNJFgFRxoiUl5BV3wEWkpIIUUMFh52Yw5LLz9vIgEbbUIZHFNmB1NeAipYBEVILlgARV9tVwcaU38QFwgBIAsOHAM6XAkUFDNbRQ0PdlsMAgcnWgJdXA0DTUhLeQZLDwclUgwPHW4EUxYabgRTSV5lBkZLLG4EUw8HJQBXXV0JE1FIFn0CSl1ce1-cTCAIuQQYaBSJCRkoofgVUVl19E1FIRiBeFxUCbgQgXVx7WgoTC24EUx8LKF0MUUt5BgAQHCRbBl1cDQdSQUB7GFVIWn4YUkFXbgRTCw8tVxERS3lwVktZZQVVXht2Bw Requested by Host: ketiverdisof.com URL: https://ketiverdisof.com/aGdWMFgJBTVdZwlaNBYtGgtrFWouQmR2PFtQIlJsGlciCT9RXjweOwQII1Q+Ggg4RHYGAiIVai4XNFsrWj5lVxYiITF2ChAIP2U0XSUAAy8tMD1AESEyA30eAFJkaS9dKxpKYR4uMXU6CjIfahAuKTtyaSYCF1koMSUTZhEkCzFxCj5eImYvCwYDA2A5ISFXGiEmJX8QKSpgaBkDMhB0Fgo1BwAIDAslfRkPBDhnPyIDDnFoLDMDWBQNNgx8HB8EOmU/HzceZ2wtMi5pOQoABGQLPlI6cjMyKxp3bC0yIQgQIjYUaAA+Vxx1aS4uEF5oKzQ6ATsNVntTDCsmH0UJOT43cgsiJARbNwcBMWYNPgtnCR1ZIR9iMSoCEEgNKwUxYT8wMS4HDw8IAnNqXCIDSGAkLBAAFT0yIgUaDyYHeBs6BRRcaQsjB1QLOTIUBx8uMR9nNlw+A1seMAUxYgwrEG5EDhAiBGNrBBAAWywyPQdmDjAPIgIaH0E8QzcGF2tlNVsmImkZERI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2021:600:9:81e3:f9c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash b00ae0e9d3783253076f5968b01d7e91a080b2e9592219de983da98f4d9767d1 Request headers accept-language en-US,en;q=0.9 Referer https://ketiverdisof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:18 GMT content-encoding gzip via 1.1 1a399aaac982834d0360b244b67da7a4.cloudfront.net (CloudFront) x-amz-cf-pop CPH50-C2 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 527 x-amz-cf-id hYup2VTq-81zJaPemRdsQkH3TYGZLiwOgBhDMWc6W5jfB8DV4qL8vw==
GET H2	200	DzI0NjYIfi0tcwg3IiUiCTl9fghQdmhpfFVwLyUgATcvP2tXaDY4a1doaXxgVX1rDmtXaC8lIFNsfX8MQGpoNHhRcX1+fg-QoKCArEj06JycRfWoKe1Zvdn94QGpoZCUNLDUga1cbfX5+CTEzKWtXaD8pLQ43cWl8VTswPiEIPX1+CFRpYWJ+S25oeHtLaWF1a1do... Show response d37tb4r0t9g99j.cloudfront.net/eTE5lWFgvIQs+ZzgnAWVhdXpXYWlqJBY3NjxzPDEWJyEEKxE1aBEiPHFjVGh+IC8LP2VqKws7ZX1oBDw6cXpDLCgjJVg1PCE/ Frame 4CFE	721 B 803 B	433ms 433ms	Script text/plain	2600:9000:2021:600:9:81e3:f9c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d37tb4r0t9g99j.cloudfront.net/eTE5lWFgvIQs+ZzgnAWVhdXpXYWlqJBY3NjxzPDEWJyEEKxE1aBEiPHFjVGh+IC8LP2VqKws7ZX1oBDw6cXpDLCgjJVg1PCE/DzI0NjYIfi0tcwg3IiUiCTl9fghQdmhpfFVwLyUgATcvP2tXaDY4a1doaXxgVX1rDmtXaC8lIFNsfX8MQGpoNHhRcX1+fg-QoKCArEj06JycRfWoKe1Zvdn94QGpoZCUNLDUga1cbfX5+CTEzKWtXaD8pLQ43cWl8VTswPiEIPX1+CFRpYWJ+S25oeHtLaWF1a1doKy0oBCoxaXwjbWt7YFZufjlzVA Requested by Host: ketiverdisof.com URL: https://ketiverdisof.com/RG1MZHklDy8JRiVQLkIMNgFxQUsCSH4iHXdaOAZNNl04XR59VCZKGigCOQAfNgIiEFcqCDhBSwIIGCFMKDoKAw8NPD9BSwY3NgMXBToaDB0cHRQ9LigcBiYgdyMmHAMUKQkzMz0oCS8BAVwtJjwtPQQiExIqJEFLBiQPXDUUXxoVMjMeez4hdQIOIA5yDhQUPQguKw4zEgp9NDoBSH4iPT4kfCoTHSQqDUkwDjsDSg0EGQ06EAF1Ah4sPCgJETQLCjIOCBQZAzgQDjo0SzA1LSAgcAx9ABYlNTQDLxxcPiAUMDUtJ0EoJAoqCiI1dCkoAx0jKjEsPy88SGFfDgIeaTwjLzoFHwkOSXInNQcrIjojLxx1NzoAF31ZHSMJKzcPMTcIKRkDGHUOLgIhcUh+JjoQKDYvLjA1LSBBNCEdUEonOiBcLxAeOzQQASQcPEhhXw4nPxYdFTMzYV8ON0txAiksDQgMGyJIJVwoCzI9XSMmOisVLTwOLg8bEE4dKxYRHy4BNjI4Ygc/Cxc0UBUNNy8CLRcwPQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2021:600:9:81e3:f9c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 8df4afc68e314ce305499e6f5a4b914c11cae45456bd97c7ff315804e5c517a1 Request headers accept-language en-US,en;q=0.9 Referer https://ketiverdisof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:19 GMT content-encoding gzip via 1.1 1a399aaac982834d0360b244b67da7a4.cloudfront.net (CloudFront) x-amz-cf-pop CPH50-C2 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 527 x-amz-cf-id 3nAfuS8ZZxn5nxwFHcoaed4DpNirmbsB4hu1Vh-0sfs7MmlIpNATCg==
GET H2	200	YGQFa3hpaRV3eSMxViQ7OXUCA3xjZx52f3YlDXQ Show response d37tb4r0t9g99j.cloudfront.net/3UFAwRUkzP14jdiQ5VHhwaWQCfHt2OkMqJyBteyMgF2dEAB1oJlljPSo0DWh4YHZcJCc3bRYgJzNtAWMoNDINcW8lMQ0oJio5XCkodWJ2cGdgdQJ1YSc5XiEmJyMVd3k+JBV3eWFgHnVsYxIVd3knOV5zfXVjcmB7YCgGcW... Frame C993	195 B 463 B	265ms 265ms	Script text/plain	2600:9000:2021:600:9:81e3:f9c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d37tb4r0t9g99j.cloudfront.net/3UFAwRUkzP14jdiQ5VHhwaWQCfHt2OkMqJyBteyMgF2dEAB1oJlljPSo0DWh4YHZcJCc3bRYgJzNtAWMoNDINcW8lMQ0oJio5XCkodWJ2cGdgdQJ1YSc5XiEmJyMVd3k+JBV3eWFgHnVsYxIVd3knOV5zfXVjcmB7YCgGcWB1YgAkOSA8VTIsMjtZMWxiFg-V2fn5jBmB7YHhbLT09PBV3CnViACkgOzUVd3k3NVMuJnl1AnUqOCJfKCx1YnZ0eGl+AGt/YGQFa3hpaRV3eSMxViQ7OXUCA3xjZx52f3YlDXQ Requested by Host: ketiverdisof.com URL: https://ketiverdisof.com/elFpT00bMwoichtsC2k4CD1Uan88dFsJKUlmHS15CGEddipDaANhLhY+HCsrCD4HO2MUNB1qfzxiPAkMDQM8JDcqYF0lKRMAXBkFEiYIGBw5NyE7fzU6JD4HAxMdKjQ3Ni99KT8QK34iMD0FJR0pPlkLGhJlMAcXGRsqLH4YAzAoBwAfHQ4aNz4nCwQ0Mj53ITcAWSAHEz5cFw4RPg0YB0gyLisqHgAjfhQpMlwXJD88IzYALDVaJGhIEyMNG0k0PgkqMj8/PBQCGD8rfhE/Jhl4ADcxGScZPCt4FDk2LiwaOGAwKAwRHjoOdSwFIDwAECUzAhoCOC8oYCxjDyF4EBMEDXojGQEtAS5hUB8PLGIqIRsTECokKjUrPBkpSTpaARs3JCMhIUsQBxo8NRIjKQY5KVgWIyBhDAghX2MrDgoOdFsJFD0ALy5+EiEIHRtJNDoCNSw4OHgCIgQqDn4COzM3eEg3WhYhPgk4aScJPgc/cDE3AAh6DhQ9dzsT Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2021:600:9:81e3:f9c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash d7e447635122cd4f78733075129dc5b14c9318476cd3059a18ac6b0730334c9b Request headers accept-language en-US,en;q=0.9 Referer https://ketiverdisof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:18 GMT content-encoding gzip via 1.1 1a399aaac982834d0360b244b67da7a4.cloudfront.net (CloudFront) x-amz-cf-pop CPH50-C2 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 187 x-amz-cf-id sot4LAiqnCUzYw080UttmT1G5zdcJDxKzLlU-U81VBscCIc_XCvBhQ==
POST H3	200	82ddb4688d824bc1 Show response www.tg-me.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 5999	0 551 B	46ms 45ms	XHR text/plain	2606:4700:3034::ac43:9b89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.tg-me.com/cdn-cgi/challenge-platform/h/g/jsd/r/82ddb4688d824bc1 Requested by Host: www.tg-me.com URL: https://www.tg-me.com/cdn-cgi/challenge-platform/scripts/jsd/main.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:9b89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type application/json Response headers date Wed, 29 Nov 2023 20:47:18 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1TMmhq4FVUTehR3c3gnPjFKgoajft6%2Fp%2FydkTWlLYLIaETDSXMnfspr3nDfhMczH0fqEWfxV57VKgL4NZP%2BvfU8wcReYcV0W29uDSqNTR4xQuEI0%2F21QJt68dHmEBeDE%2BNQj2MLV8c1b2i7"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 82ddb47eaeb84bc1-BUF alt-svc h3=":443"; ma=86400
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame 4421	16 KB 6 KB	83ms 83ms	Document text/html	23.217.173.13 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/userSync.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.217.173.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-217-173-13.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652 Request headers Referer https://www.tg-me.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes cache-control max-age=97152 content-encoding gzip content-length 5622 content-type text/html date Wed, 29 Nov 2023 20:47:18 GMT expires Thu, 30 Nov 2023 23:46:30 GMT last-modified Thu, 16 Nov 2023 09:11:44 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache vary Accept-Encoding
GET H/1.1	200 OK	/ Show response avd.innity.com/dc/cb/ Frame 3685	59 B 548 B	987ms 240ms	Script application/javascript	47.243.203.231 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://avd.innity.com/dc/cb/?mt=_iampt._cbUC Requested by Host: avd.innity.net URL: https://avd.innity.net/lib/dc.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Apache / Resource Hash 057e20c6b28a4e2bc7bfe6129f47ab216fe63fb272ceaec8605f869ce51e5994 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Pragma no-cache Date Wed, 29 Nov 2023 20:47:19 GMT Content-Encoding gzip Last-Modified Wed, 29 Nov 2023 20:47:19 GMT Server Apache Vary Accept-Encoding P3P policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT" Content-Type application/javascript Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Length 79 Expires Wed, 04 Aug 1985 12:59:00 GMT
GET H/1.1	200 OK	/ Show response avd.innity.com/dc/cb/ Frame F4A5	59 B 548 B	1039ms 259ms	Script application/javascript	47.243.203.231 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://avd.innity.com/dc/cb/?mt=_iampt._cbUC Requested by Host: avd.innity.net URL: https://avd.innity.net/lib/dc.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Apache / Resource Hash 057e20c6b28a4e2bc7bfe6129f47ab216fe63fb272ceaec8605f869ce51e5994 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Pragma no-cache Date Wed, 29 Nov 2023 20:47:19 GMT Content-Encoding gzip Last-Modified Wed, 29 Nov 2023 20:47:19 GMT Server Apache Vary Accept-Encoding P3P policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT" Content-Type application/javascript Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Length 79 Expires Wed, 04 Aug 1985 12:59:00 GMT
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame 4421	2 KB 3 KB	103ms 28ms	Script text/html	8.28.7.81 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=10862209&p=163515&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash 2e9aa0b2e942fd976eee9f52a9defbf125212a13dd45fc4d0987da6584124d31 Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-type text/html; charset=UTF-8 date Wed, 29 Nov 2023 20:47:17 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET DATA	200 OK	truncated / Frame 1C59	68 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/gif
GET H/1.1	200 OK	dcm Show response s.amazon-adsystem.com/ Frame 61AB Redirect Chain https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=08F22C7D-6023-42AE-B585-CA3228394270&redir=true&gdpr=0&gdpr_consent= https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=08F22C7D-6023-42AE-B585-CA3228394270&redir=true&gdpr=0&gdpr_consent=&dcc=t	43 B 855 B	65ms 65ms	Document image/gif	209.54.182.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=08F22C7D-6023-42AE-B585-CA3228394270&redir=true&gdpr=0&gdpr_consent=&dcc=t Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Content-Type image/gif Date Wed, 29 Nov 2023 20:47:19 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" x-amz-rid T2Q0TS45KM2FC1RYBEYB Redirect headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Date Wed, 29 Nov 2023 20:47:19 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Location https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=08F22C7D-6023-42AE-B585-CA3228394270&redir=true&gdpr=0&gdpr_consent=&dcc=t Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" x-amz-rid PZA8965F8QTY2JEJEWWP
GET H2	200	Pug Show response simage2.pubmatic.com/AdServer/ Frame 68D6 Redirect Chain https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1973242037642465263&gdpr=0&gdpr_consent=	42 B 297 B	78ms 29ms	Document image/gif	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1973242037642465263&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control no-store, no-cache, private content-length 42 content-type image/gif; charset=utf-8 date Wed, 29 Nov 2023 20:47:17 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server nginx Redirect headers accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness access-control-allow-credentials true access-control-allow-origin * an-x-request-uuid 5351f243-ec06-4793-a6cb-c4783fb4f20a cache-control no-store, no-cache, private content-length 0 content-type text/html; charset=utf-8 date Wed, 29 Nov 2023 20:47:19 GMT expires Sat, 15 Nov 2008 16:00:00 GMT location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1973242037642465263&gdpr=0&gdpr_consent= p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" pragma no-cache server nginx/1.21.3 x-proxy-origin 96.9.249.36; 96.9.249.36; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com x-xss-protection 0
GET H/1.1	200 OK	/ Show response avd.innity.com/uidsync/mapuid/ Frame 4963	43 B 452 B	573ms 240ms	Document image/gif	47.243.203.231 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://avd.innity.com/uidsync/mapuid/?pid=1056&puuid=08F22C7D-6023-42AE-B585-CA3228394270 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Apache / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate post-check=0, pre-check=0 Content-Length 43 Content-Type image/gif Date Wed, 29 Nov 2023 20:47:19 GMT Expires Wed, 04 Aug 1985 12:59:00 GMT Last-Modified Wed, 29 Nov 2023 20:47:19 GMT P3P policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT" Pragma no-cache Server Apache
GET H2	200	user_sync.html ads.pubmatic.com/AdServer/js/ Frame 4421 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CPIsfWAjQq61hcoyKDlCcA%3D%3D&gdpr=0&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CPIsfWAjQq61hcoyKDlCcA%3D%3D&gdpr=0&gdpr_consent=&google_tc= https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=	16 KB 16 KB	30ms 26ms	Image text/html	23.217.173.13 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Server 23.217.173.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-217-173-13.deploy.static.akamaitechnologies.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:19 GMT content-encoding gzip last-modified Thu, 16 Nov 2023 09:11:44 GMT server Apache vary Accept-Encoding content-type text/html p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control max-age=97151 accept-ranges bytes content-length 5622 expires Thu, 30 Nov 2023 23:46:30 GMT Redirect headers pragma no-cache date Wed, 29 Nov 2023 20:47:19 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 301 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	receive pixel.tapad.com/idsync/ex/ Frame 4421 Redirect Chain https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=08F22C7D-6023-42AE-B585-CA3228394270 https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=08F22C7D-6023-42AE-B585-CA3228394270 https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b0f3ac8e-602d-486f-95b9-757782b8966c%252C%252C&gdpr=0&gdpr_consent= https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=acdbf148-cae7-43c1-bb40-4dc7c28a7c45&ttd_puid=b0f3ac8e-602d-486f-95b9-757782b8966c%2C%2C	95 B 124 B	50ms 48ms	Image image/png	34.111.113.62 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=acdbf148-cae7-43c1-bb40-4dc7c28a7c45&ttd_puid=b0f3ac8e-602d-486f-95b9-757782b8966c%2C%2C Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H3 Server 34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 62.113.111.34.bc.googleusercontent.com Software Jetty(11.0.13) / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:19 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) content-type image/png access-control-allow-origin * p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 Redirect headers location https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=acdbf148-cae7-43c1-bb40-4dc7c28a7c45&ttd_puid=b0f3ac8e-602d-486f-95b9-757782b8966c%2C%2C date Wed, 29 Nov 2023 20:47:19 GMT server Kestrel content-length 359
GET H2	403	FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A... us01.z.antigena.com/l/ Frame 4421	0 0	104ms 36ms	Image text/html	40.76.134.238 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2008F22C7D-6023-42AE-B585-CA3228394270&rnd=RND Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers
GET H2	200	xuid eb2.3lift.com/ Frame 4421 Redirect Chain https://eb2.3lift.com/xuid?mid=7976&xuid=08F22C7D-6023-42AE-B585-CA3228394270&dongle=u6nf&gdpr=0&gdpr_consent= https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=08F22C7D-6023-42AE-B585-CA3228394270&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=	37 B 354 B	53ms 52ms	Image image/gif	35.71.139.29 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=08F22C7D-6023-42AE-B585-CA3228394270&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Server 35.71.139.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afb83dd09526a6517.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-type image/gif date Wed, 29 Nov 2023 20:47:19 GMT cache-control no-cache, no-store, must-revalidate content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location /xuid?ld=1&mid=7976&xuid=08F22C7D-6023-42AE-B585-CA3228394270&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy= date Wed, 29 Nov 2023 20:47:19 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 4421 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDhGMjJDN0QtNjAyMy00MkFFLUI1ODUtQ0EzMjI4Mzk0Mjcw&gdpr=0&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDhGMjJDN0QtNjAyMy00MkFFLUI1ODUtQ0EzMjI4Mzk0Mjcw&gdpr=0&gdpr_consent=&google_tc= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=	42 B 95 B	33ms 27ms	Image image/gif	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Wed, 29 Nov 2023 11:47:42 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Wed, 29 Nov 2023 20:47:19 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 4421 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAwftBYLcXcdeB3oVc-eSlc&google_cver=1	42 B 343 B	29ms 29ms	Image image/gif	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAwftBYLcXcdeB3oVc-eSlc&google_cver=1 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Wed, 29 Nov 2023 20:47:18 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Wed, 29 Nov 2023 20:47:19 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAwftBYLcXcdeB3oVc-eSlc&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 379 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 4421 Redirect Chain https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3A86891AC801496694DEF2017FF24846	42 B 549 B	112ms 29ms	Image image/gif	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3A86891AC801496694DEF2017FF24846 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Wed, 29 Nov 2023 11:47:08 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers date Wed, 29 Nov 2023 20:47:19 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3A86891AC801496694DEF2017FF24846 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 28 Nov 2023 20:47:19 GMT
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame 4421 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=acdbf148-cae7-43c1-bb40-4dc7c28a7c45&gdpr=0&gdpr_consent=	42 B 391 B	32ms 31ms	Image image/gif	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=acdbf148-cae7-43c1-bb40-4dc7c28a7c45&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Wed, 29 Nov 2023 20:47:19 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=acdbf148-cae7-43c1-bb40-4dc7c28a7c45&gdpr=0&gdpr_consent= date Wed, 29 Nov 2023 20:47:19 GMT server Kestrel content-length 355
GET H2	200	SPug image4.pubmatic.com/AdServer/ Frame 4421 Redirect Chain https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=08F22C7D-6023-42AE-B585-CA3228394270&redir=true&gdpr=0&gdpr_consent= https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=08F22C7D-6023-42AE-B585-CA3228394270&redir=true&gdpr=0&gdpr_consent=&verify=true https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ALQ9Kn5E2uWNORKDaxiwD57xFlMyqwU-~A&gdpr=0	0 260 B	98ms 33ms	Image text/plain	8.28.7.84 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ALQ9Kn5E2uWNORKDaxiwD57xFlMyqwU-~A&gdpr=0 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Server 8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:49:22 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers location https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ALQ9Kn5E2uWNORKDaxiwD57xFlMyqwU-~A&gdpr=0 date Wed, 29 Nov 2023 20:47:19 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.87 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	08F22C7D-6023-42AE-B585-CA3228394270 pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 4421	43 B 603 B	98ms 33ms	Image image/gif	2600:1f18:4e9:5a02:cc56:db7b:f3ce:62f6 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pr-bh.ybp.yahoo.com/sync/pubmatic/08F22C7D-6023-42AE-B585-CA3228394270?gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:4e9:5a02:cc56:db7b:f3ce:62f6 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software ATS / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Security Headers Name Value Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:19 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY content-type image/gif content-length 43
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame 4421 Redirect Chain https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=08F22C7D-6023-42AE-B585-CA3228394270&gdpr=0&gdpr_consent= https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=12f98d80672b14f2&is_secure=true&networkId=17100&version=1&nuid=08F22C7D-6023-42AE-B585-CA3228394270&gdpr=0&gdpr_consent= https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGHVoIX5OLNANsn8ShAAAAAAA&expiration=1701377239&nuid=08F22C7D-6023-42AE-B585-CA3228394270&...	42 B 296 B	29ms 29ms	Image image/gif	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGHVoIX5OLNANsn8ShAAAAAAA&expiration=1701377239&nuid=08F22C7D-6023-42AE-B585-CA3228394270&is_secure=true&gdpr_consent=&gdpr=0 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Wed, 29 Nov 2023 20:47:17 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Wed, 29 Nov 2023 20:47:19 GMT server nginx p3p policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP" location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGHVoIX5OLNANsn8ShAAAAAAA&expiration=1701377239&nuid=08F22C7D-6023-42AE-B585-CA3228394270&is_secure=true&gdpr_consent=&gdpr=0 cache-control no-cache, private, max-age=0, no-store content-length 0 expires 0
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame 4421 Redirect Chain https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=d2b09803-a7e3-409a-bf53-6ef66d15ee01&gdpr=0&gdpr_consent=	1 B 255 B	30ms 29ms	Image text/html	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=d2b09803-a7e3-409a-bf53-6ef66d15ee01&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-type text/html; charset=utf-8 date Wed, 29 Nov 2023 20:47:18 GMT cache-control no-store, no-cache, private server nginx content-length 1 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=d2b09803-a7e3-409a-bf53-6ef66d15ee01&gdpr=0&gdpr_consent= Date Wed, 29 Nov 2023 20:47:19 GMT Connection keep-alive X-CI-RTID 7b9c8f61-1cdc-4c4c-9c7c-70dd7cbb467e Content-Length 205 Content-Type text/html; charset=utf-8
GET H2	200	popunder.gif onverforrinho.com/	35 B 425 B	34ms 33ms	Image image/gif	172.67.155.90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onverforrinho.com/popunder.gif Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.155.90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma public date Wed, 29 Nov 2023 20:47:19 GMT cf-cache-status HIT last-modified Wed, 29 Nov 2023 19:12:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5665 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRLAV5EgSusCfveAqGNR1CCV7LDCpW%2B209qNIj%2BNkDmEiLTs%2BpR4VHJDsRPPVe1vAFy0lWUzOC2DYU5C%2BqKCgqrw2fcSsRZNMhj%2FxKJ4MxJ5GaRtL8MuzxL83oXk05vI1f7Vtw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable cf-ray 82ddb4805dbd7115-YYZ alt-svc h3=":443"; ma=86400
GET H2	200	Mk94vMMnE0_.css static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/ Frame BA67	721 B 685 B	49ms 30ms	Stylesheet text/css	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/Mk94vMMnE0_.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25d9b88c0b7c8%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff3135e196b45908%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2Ftelegram%2Fcom.tg-me&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:19 GMT content-encoding br x-content-type-options nosniff content-md5 8PXgZwd+47LIQZAIO7K6FA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 393 reporting-endpoints x-fb-debug slpgwYObEI5E2gEoerfnBc/3G/aiJ16cXeSD1HQipk453hq5sxaSRm/dMvbeY+CUu2RCVjjMkmhiRjmrnyXJpw== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type text/css; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Thu, 21 Nov 2024 07:37:00 GMT
GET H2	200	OkQEuDSv139.css static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/ Frame BA67	110 KB 19 KB	50ms 33ms	Stylesheet text/css	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/OkQEuDSv139.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25d9b88c0b7c8%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff3135e196b45908%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2Ftelegram%2Fcom.tg-me&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 077ba19da8900544b2adaca3f2da24093b15b172bdd262cb65dde9eb84f3188a Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:19 GMT content-encoding br x-content-type-options nosniff content-md5 2DOqnFPPeWyHmYcrdmZmcg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 18936 reporting-endpoints x-fb-debug qfy41Zf+ANsrdp3SkYOp6mUQsCERwIq6KSMzmMrnHZqkHvr42Qdw1Bm6eTQEHCjCBRTZSdUbC4REIKFP1/+ZxQ== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type text/css; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable x-fb-optimizer 0 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Thu, 21 Nov 2024 18:56:27 GMT
GET H2	200	cH_K1_w2EdK.js Show response static.xx.fbcdn.net/rsrc.php/v3/yW/r/ Frame BA67	354 KB 92 KB	50ms 32ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/cH_K1_w2EdK.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25d9b88c0b7c8%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff3135e196b45908%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2Ftelegram%2Fcom.tg-me&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e6bc44b365258db3749115c394eb2793bcb8ebaa55c10e8ff8dce79751e4c669 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:19 GMT content-encoding br x-content-type-options nosniff content-md5 7aKf4CiyT4d8pqHnl4MdLA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 93675 reporting-endpoints x-fb-debug KF/PuFqO5JSwWnLBi2SVVmjDE8SLtzaVMrCD3UaaN1jMkZRcvQ6oLavNO3xvUo127/QIcGhJJdkXlgU/qGfqqg== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Wed, 27 Nov 2024 21:48:55 GMT
GET H2	200	l1tx9di44jq.js Show response static.xx.fbcdn.net/rsrc.php/v3ij9m4/yz/l/en_GB/ Frame BA67	149 KB 42 KB	80ms 64ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3ij9m4/yz/l/en_GB/l1tx9di44jq.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25d9b88c0b7c8%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff3135e196b45908%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2Ftelegram%2Fcom.tg-me&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 66c60ee19036ccc7a370aa4e7c124900bd40a1154d177a0c365f56174255d057 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:19 GMT content-encoding br x-content-type-options nosniff content-md5 Yrxiqib9YXG+kGPW/T0wsQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 42861 reporting-endpoints x-fb-debug Rc8r1UjpceA9+1yByCM7R3BY9/7/kWpNcY5lRfGGHuZ43/pWVfcM2P5uiAgZQHMEdiKnTBIyVRc7v/yxe40rFA== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Fri, 15 Nov 2024 07:49:36 GMT
GET H2	200	63Kf_EXo1SU.js Show response static.xx.fbcdn.net/rsrc.php/v3idN44/yM/l/en_GB/ Frame BA67	1 MB 282 KB	79ms 63ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3idN44/yM/l/en_GB/63Kf_EXo1SU.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25d9b88c0b7c8%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff3135e196b45908%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2Ftelegram%2Fcom.tg-me&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 1fe8259a6bd51076a1ba16ea08e8edf6f04d67cc1f1908ef1b9c5d44db672d03 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:19 GMT content-encoding br x-content-type-options nosniff content-md5 HaA+HLjc6bhpgJ4441h6aw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 288604 reporting-endpoints x-fb-debug nKgV2Z0De1841/NYUD4mvyK68flLuWkObEZozz9bXpeAOaXiiw+LxGL9Ft/Jsh98mivwiZ731ogkHv2c+vjXqw== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Thu, 28 Nov 2024 18:20:12 GMT
GET H2	200	p55HfXW__mM.js Show response static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame BA67	507 B 487 B	47ms 31ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25d9b88c0b7c8%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff3135e196b45908%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2Ftelegram%2Fcom.tg-me&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:19 GMT content-encoding br x-content-type-options nosniff content-md5 L5E9gSgR735vyjAzTFly4g== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 293 reporting-endpoints x-fb-debug IZRWJrylOfxn+dm2JWkcx4RlV/B/9N0OcPqQSDr0ZrYazmz/8E9F4WO2VCs9wPROnlfUtk/O88NYTd7/zHvz6w== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Thu, 21 Nov 2024 19:57:13 GMT
GET H2	200	kzVsgSOK4D7.js Show response static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame BA67	31 KB 9 KB	49ms 33ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/kzVsgSOK4D7.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25d9b88c0b7c8%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff3135e196b45908%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2Ftelegram%2Fcom.tg-me&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 537f5994d00f15b70dcdfed11425583ea4128befa3884131def7918fda96a382 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:19 GMT content-encoding br x-content-type-options nosniff content-md5 dEwrOJVbh7hbgf4FQQmYkQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 9453 reporting-endpoints x-fb-debug /CZz7q8Om2LrTK3JJmsjVTm1rYWuvxA1vtCKiIFkgGw6mN0MRD+g/1Emju7CL4BEPSBzn1q92isJMe7v09nZXw== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Thu, 28 Nov 2024 18:08:14 GMT
GET H2	200	A26OeqL15Mp.js Show response static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ Frame BA67	58 KB 16 KB	77ms 62ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yJ/r/A26OeqL15Mp.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25d9b88c0b7c8%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff3135e196b45908%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2Ftelegram%2Fcom.tg-me&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d6cddb0acb8765d10d69cd416b80ae7c8a9cb35333f4569c4aac932c2e396ea9 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:19 GMT content-encoding br x-content-type-options nosniff content-md5 hAHu/efVQlxvbPr8YcLnNg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 16011 reporting-endpoints x-fb-debug +NJCaDpb6s5eEWmRw0pPS6SAaMBWKaSDD8Rxu+NyH/AKZ6WtyKw5+2pAEqLFSeWJnWWX8Ve/ybGazgabvlaiHw== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Thu, 21 Nov 2024 20:29:48 GMT
GET H2	200	Y4exLntgXRS.js Show response static.xx.fbcdn.net/rsrc.php/v3iCwx4/yN/l/en_GB/ Frame BA67	44 KB 13 KB	77ms 63ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3iCwx4/yN/l/en_GB/Y4exLntgXRS.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25d9b88c0b7c8%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff3135e196b45908%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2Ftelegram%2Fcom.tg-me&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash be38d5982649a890c014ce831d3fe21bd392966ab27066292213792310f98899 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:19 GMT content-encoding br x-content-type-options nosniff content-md5 gU9HOtr9D1O177GqBKUhXA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 13379 reporting-endpoints x-fb-debug 8h7hwieHWiPjwqEY+iwgUtBLnPZC5sBAWlREgPtGMaF2RcC5B1717HYaX2q2IvJK24QHf+Gsh1GUQhr5vNr+ow== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable x-fb-optimizer 0 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Thu, 21 Nov 2024 08:09:34 GMT
GET H3	200	JZUNEvdo8io.png static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame BA67	57 KB 57 KB	68ms 35ms	Image image/png	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/JZUNEvdo8io.png Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/OkQEuDSv139.css?_nc_x=Ij3Wp8lg5Kz Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b55a9e4a8ee877aedcffb5e76f6d1fded8260177ae8f72b5bbc3cde8a7ddcd10 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/OkQEuDSv139.css?_nc_x=Ij3Wp8lg5Kz User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:19 GMT x-content-type-options nosniff content-md5 8KvuQoZujxOjzxw3/WYnxQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58367 reporting-endpoints x-fb-debug mDd6yFJMgw18+kZdjllo5SkhqS6ZK2I7YSX5IX7fTSLtZ9L8F5A69FXTMsDy5pXSgMWQ2WKKhCO1J5jKTdVQAg== last-modified Mon, 01 Jan 2001 08:00:00 GMT content-type image/png access-control-allow-origin * cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * priority u=1,i expires Wed, 20 Nov 2024 11:02:21 GMT
GET H3	200	odA9sNLrE86.jpg static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame BA67	1 KB 1 KB	63ms 35ms	Image image/jpeg	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25d9b88c0b7c8%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff3135e196b45908%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2Ftelegram%2Fcom.tg-me&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.facebook.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:19 GMT x-content-type-options nosniff content-md5 8E8V7SJfv5OQxsrCIaL7hQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1131 reporting-endpoints x-fb-debug ZVrvsqlNNxqlJWB6Z0Wto3jfBPyIMRP628DeSzaO6PbuckTQhrHIlFyDaI8jTeIyQxaJ4u5iWa3Kj8EyWB3gOQ== last-modified Mon, 01 Jan 2001 08:00:00 GMT content-type image/jpeg access-control-allow-origin * cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * priority u=1,i expires Thu, 21 Nov 2024 08:10:35 GMT
GET H/1.0	204 No Content	/ avd.innity.com/dc/ Frame 3685	0 91 B	240ms 240ms	Image text/html	47.243.203.231 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL https://avd.innity.com/dc/?cl=0&cuid=0810b29c8cf5c76ab7f2e20e4c6807d8&cb=1701290839851&douid=&sess=242703235.0.1701290839847&dur=0&ref=https%3A%2F%2Fwww.tg-me.com%2Fus%2Ftelegram%2Fcom.tg-me.com&srf=&pk=&pt=Telegram&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200 Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol HTTP/1.0 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Connection close Cache-Control no-cache Content-Type text/html
GET H/1.1	200 OK	/ avd.innity.com/sync/ Frame 3685	43 B 452 B	241ms 240ms	Image image/gif	47.243.203.231 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL https://avd.innity.com/sync/?partner=innity&token=0810b29c8cf5c76ab7f2e20e4c6807d8&type=cookie&itmcb=1701290839851 Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Apache / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Pragma no-cache Date Wed, 29 Nov 2023 20:47:19 GMT Last-Modified Wed, 29 Nov 2023 20:47:19 GMT Server Apache P3P policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT" Content-Type image/gif Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Length 43 Expires Wed, 04 Aug 1985 12:59:00 GMT
GET H/1.0	204 No Content	/ avd.innity.com/dc/ Frame F4A5	0 91 B	259ms 259ms	Image text/html	47.243.203.231 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL https://avd.innity.com/dc/?cl=0&cuid=0810b29c8cf5c76ab7f2e20e4c6807d8&cb=1701290839902&douid=&sess=242703235.0.1701290839847&dur=0&ref=https%3A%2F%2Fwww.tg-me.com%2Fus%2Ftelegram%2Fcom.tg-me.com&srf=&pk=&pt=Telegram&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200 Requested by Host: www.tg-me.com URL: https://www.tg-me.com/us/telegram/com.tg-me.com Protocol HTTP/1.0 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Connection close Cache-Control no-cache Content-Type text/html
GET H2	200	SPug Show response simage4.pubmatic.com/AdServer/ Frame 4421	0 128 B	41ms 29ms	Script text/plain	8.28.7.84 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://simage4.pubmatic.com/AdServer/SPug?partnerID=163515&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:21 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame 4421	2 KB 2 KB	29ms 28ms	Script text/html	8.28.7.81 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=68783497&p=163515&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash c92e54f88c63c996fa0b186ab672f83f4479f25a5a9d72ae075e978b157f5806 Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" date Wed, 29 Nov 2023 20:47:21 GMT content-length 1741 content-type text/html; charset=UTF-8
GET H2	200	Pug Show response image2.pubmatic.com/AdServer/ Frame 4E93 Redirect Chain https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCQXQwN0t6MGNBQUJQTmpERnZrQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&b... https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 https://rtb-csync.smartadserver.com/redir?partneruserid=AABAt07Kz0cAABPNjDFvkA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252C... https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8122505038185979884&gdpr=0&gdpr_consent= https://bh.contextweb.com/bh/rtset?ev=AABAt07Kz0cAABPNjDFvkA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8122505038185979884%26gdpr%3D0%26gdpr_consen... https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8122505038185979884&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=A... https://sync.technoratimedia.com/services?uid=AABAt07Kz0cAABPNjDFvkA&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8122505038185979884%26gdpr%3D0%26gdpr%3D0%... https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8122505038185979884&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABAt07Kz0cAABPNjDFvkA&gdpr=0	42 B 297 B	30ms 29ms	Document image/gif	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABAt07Kz0cAABPNjDFvkA&gdpr=0 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control no-store, no-cache, private content-length 42 content-type image/gif; charset=utf-8 date Wed, 29 Nov 2023 20:47:23 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server nginx Redirect headers Connection keep-alive Content-Length 0 Date Wed, 29 Nov 2023 20:47:23 GMT Server gunicorn location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABAt07Kz0cAABPNjDFvkA&gdpr=0 strict-transport-security max-age=2592000; includeSubDomains
GET H2	200	141 Show response match.deepintent.com/usersync/ Frame 32D5	0 339 B	114ms 32ms	Document image/gif	169.197.150.8 DEEPINTENT
General Check archive.org Show headers Download Go to Full URL https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US), Reverse DNS g.deepintent.com Software a / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-length 0 content-type image/gif date Wed, 29 Nov 2023 20:47:22 GMT p3p policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI' server a
GET H2	200	Pug Show response image2.pubmatic.com/AdServer/ Frame FDCC Redirect Chain https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-1ZnKqxQZHzgUTQrqwV8KfRSNS7gU2Z5qFKAQ_PF	42 B 424 B	31ms 31ms	Document image/gif	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-1ZnKqxQZHzgUTQrqwV8KfRSNS7gU2Z5qFKAQ_PF Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control no-store, no-cache, private content-length 42 content-type image/gif; charset=utf-8 date Wed, 29 Nov 2023 20:47:21 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server nginx Redirect headers access-control-allow-credentials true access-control-allow-origin * cache-control private, no-cache, no-store, proxy-revalidate content-length 0 date Wed, 29 Nov 2023 20:47:22 GMT expires Fri, 04 Aug 1978 12:00:00 GMT location https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-1ZnKqxQZHzgUTQrqwV8KfRSNS7gU2Z5qFKAQ_PF p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" pragma no-cache strict-transport-security max-age=86400
GET H2	200	b9pj45k4 Show response sync-tm.everesttech.net/ct/upi/pid/ Frame 0F40 Redirect Chain https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con... https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...	85 B 235 B	40ms 38ms	Document image/png	151.101.130.49 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZWejWgADT8arTgBH Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.49 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Jetty(9.4.35.v20201120) / Resource Hash acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * cache-control no-cache content-length 85 content-type image/png date Wed, 29 Nov 2023 20:47:22 GMT p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" pragma no-cache server Jetty(9.4.35.v20201120) via 1.1 varnish x-cache MISS x-cache-hits 0 x-served-by cache-yyz4574-YYZ x-timer S1701290842.175098,VS0,VE20 Redirect headers accept-ranges bytes access-control-allow-origin * cache-control no-cache content-length 0 date Wed, 29 Nov 2023 20:47:22 GMT location https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZWejWgADT8arTgBH p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" pragma no-cache server Jetty(9.4.35.v20201120) via 1.1 varnish x-cache MISS x-cache-hits 0 x-served-by cache-yyz4574-YYZ x-timer S1701290842.130132,VS0,VE21
GET H2	200	Pug Show response simage2.pubmatic.com/AdServer/ Frame 4B35 Redirect Chain https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=400885c6-fe0d-455c-8cf6-383039db8067&gdpr=0&gdpr_consent=&gdp... https://x.bidswitch.net/sync?dsp_id=445&user_id=b9b440dc-f9ba-3234-8c7e-0e2d69c447a6&ssp=pubmatic&bsw_param=400885c6-fe0d-455c-8cf6-383039db8067 https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=400885c6-fe0d-455c-8cf6-383039db8067&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=	1 B 290 B	30ms 30ms	Document text/html	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=400885c6-fe0d-455c-8cf6-383039db8067&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control no-store, no-cache, private content-length 1 content-type text/html; charset=utf-8 date Wed, 29 Nov 2023 20:47:22 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server nginx Redirect headers Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0 Date Wed, 29 Nov 2023 20:47:22 GMT Location //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=400885c6-fe0d-455c-8cf6-383039db8067&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= Server nginx
GET H2	200	Pug Show response simage2.pubmatic.com/AdServer/ Frame C093 Redirect Chain https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7e90bece-8ef8-11ee-9f05-3aa38ca1a72f	42 B 321 B	30ms 30ms	Document image/gif	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7e90bece-8ef8-11ee-9f05-3aa38ca1a72f Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control no-store, no-cache, private content-length 42 content-type image/gif; charset=utf-8 date Wed, 29 Nov 2023 20:47:22 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server nginx Redirect headers access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, proxy-revalidate content-length 0 content-type image/gif date Wed, 29 Nov 2023 20:47:22 GMT expires Thu, 23 Sep 2004 17:42:04 GMT location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7e90bece-8ef8-11ee-9f05-3aa38ca1a72f p3p CP="NOI OTC OTP OUR NOR" pragma no-cache server Cowboy x-realserver-nx lga-delivery-3
GET H/1.1	200 OK	/ Show response avd.innity.com/uidsync/mapuid/ Frame B535	43 B 452 B	259ms 258ms	Document image/gif	47.243.203.231 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://avd.innity.com/uidsync/mapuid/?pid=1056&puuid=08F22C7D-6023-42AE-B585-CA3228394270 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 47.243.203.231 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Apache / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate post-check=0, pre-check=0 Content-Length 43 Content-Type image/gif Date Wed, 29 Nov 2023 20:47:22 GMT Expires Wed, 04 Aug 1985 12:59:00 GMT Last-Modified Wed, 29 Nov 2023 20:47:22 GMT P3P policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT" Pragma no-cache Server Apache
GET H2	200	insync thrtle.com/ Frame 4421 Redirect Chain https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=08F22C7D-6023-42AE-B585-CA3228394270&gdpr=0&gdpr_consent= https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=08F22C7D-6023-42AE-B585-CA3228394270&vxii_pid=12&vxii_pid1=10067&vxii_rcid=ba2d491a-2fd0-421c-8362-610b349b14e0	43 B 295 B	42ms 41ms	Image image/gif	52.70.29.196 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=08F22C7D-6023-42AE-B585-CA3228394270&vxii_pid=12&vxii_pid1=10067&vxii_rcid=ba2d491a-2fd0-421c-8362-610b349b14e0 Protocol H2 Server 52.70.29.196 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-70-29-196.compute-1.amazonaws.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers p3p CP="NOI OUR BUS UNI COM NAV" date Wed, 29 Nov 2023 20:47:22 GMT content-length 43 content-type image/gif Redirect headers location https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=08F22C7D-6023-42AE-B585-CA3228394270&vxii_pid=12&vxii_pid1=10067&vxii_rcid=ba2d491a-2fd0-421c-8362-610b349b14e0 date Wed, 29 Nov 2023 20:47:22 GMT content-type text/html; charset=utf-8 content-length 211 p3p CP="NOI OUR BUS UNI COM NAV"
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 4421 Redirect Chain https://us-u.openx.net/w/1.0/sd?id=540245193&val=08F22C7D-6023-42AE-B585-CA3228394270&gdpr=0&gdpr_consent= https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=08F22C7D-6023-42AE-B585-CA3228394270&gdpr=0&gdpr_consent=	43 B 171 B	47ms 47ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=08F22C7D-6023-42AE-B585-CA3228394270&gdpr=0&gdpr_consent= Protocol H2 Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 29 Nov 2023 20:47:22 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=08F22C7D-6023-42AE-B585-CA3228394270&gdpr=0&gdpr_consent= date Wed, 29 Nov 2023 20:47:22 GMT via 1.1 google server OXGW/0.0.0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 p3p CP="CUR ADM OUR NOR STA NID"
GET H2	200	Martin crb.kargo.com/api/v1/dsync/ Frame 4421	43 B 359 B	150ms 37ms	Image image/gif	44.209.50.245 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://crb.kargo.com/api/v1/dsync/Martin?exid=08F22C7D-6023-42AE-B585-CA3228394270&gdpr=0&gdpr_consent= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.209.50.245 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-209-50-245.compute-1.amazonaws.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 29 Nov 2023 20:47:22 GMT x-accel-expires 0 vary Origin content-type image/gif cache-control no-cache, no-store, must-revalidate, private, max-age=0 content-length 43 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	204	sync sync.bfmio.com/ Frame 4421	0 425 B	183ms 36ms	Image text/plain	52.45.125.152 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.bfmio.com/sync?pid=187&uid=08F22C7D-6023-42AE-B585-CA3228394270&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.45.125.152 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-45-125-152.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Connection keep-alive Date Wed, 29 Nov 2023 20:47:21 GMT
GET H2	204	CookieSyncPubMatic&gdpr=0&gdpr_consent= rtb.adentifi.com/ Frame 4421	0 35 B	156ms 38ms	Image text/plain	3.228.144.86 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.228.144.86 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-228-144-86.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:22 GMT
GET H/1.1	200 OK	sn.ashx pmp.mxptint.net/ Frame 4421 Redirect Chain https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA5_10CECA6DE_7D9595EA&r=https://pmp.mxptint.net/sn.ashx?ak=1 https://pmp.mxptint.net/sn.ashx?ak=1	43 B 266 B	33ms 33ms	Image image/gif	38.68.201.140 COGENT-174
General Check archive.org Show headers Download Go to Show image Full URL https://pmp.mxptint.net/sn.ashx?ak=1 Protocol HTTP/1.1 Server 38.68.201.140 Ashburn, United States, ASN174 (COGENT-174, US), Reverse DNS Software / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Security Headers Name Value Strict-Transport-Security max-age=-384295642; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Expires -1 Pragma no-cache Date Wed, 29 Nov 2023 20:47:21 GMT Cache-Control no-cache Strict-Transport-Security max-age=-384295642; includeSubDomains Content-Length 43 Content-Type image/gif Redirect headers location https://pmp.mxptint.net/sn.ashx?ak=1 date Wed, 29 Nov 2023 20:47:20 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame 4421 Redirect Chain https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8481447460135059593&gdpr=0&gdpr_consent=&us_privacy=	1 B 284 B	29ms 29ms	Image text/html	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8481447460135059593&gdpr=0&gdpr_consent=&us_privacy= Protocol H2 Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-type text/html; charset=utf-8 date Wed, 29 Nov 2023 11:48:09 GMT cache-control no-store, no-cache, private server nginx content-length 1 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8481447460135059593&gdpr=0&gdpr_consent=&us_privacy= pragma no-cache date Wed, 29 Nov 2023 20:47:21 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 0 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 4421 Redirect Chain https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e96c4945-0edc-4b72-a310-fd3ac36259b2-6567a35a-5553&gdpr=0&gdpr_consent=	42 B 263 B	30ms 29ms	Image image/gif	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e96c4945-0edc-4b72-a310-fd3ac36259b2-6567a35a-5553&gdpr=0&gdpr_consent= Protocol H2 Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Wed, 29 Nov 2023 20:47:21 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Wed, 29 Nov 2023 20:47:21 GMT server A p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e96c4945-0edc-4b72-a310-fd3ac36259b2-6567a35a-5553&gdpr=0&gdpr_consent= cache-control max-age=0,no-cache,no-store content-length 0 expires Tue, 11 Oct 1977 12:34:56 GMT
POST H2	204	collect www.google-analytics.com/g/	0 54 B	38ms 37ms	Ping text/plain	2607:f8b0:4006:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-H9DDVMTLKY&gtm=45je3b81v882766043&_p=1701290837399&gcd=11l1l1l1l1&dma=0&cid=1625276325.1701290838&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1701290837&sct=1&seg=0&dl=https%3A%2F%2Fwww.tg-me.com%2Fus%2Ftelegram%2Fcom.tg-me.com&dt=Telegram&en=scroll&epn.percent_scrolled=90&_et=5&tfd=8529 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-H9DDVMTLKY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.tg-me.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 29 Nov 2023 20:47:22 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.tg-me.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	SPug Show response simage4.pubmatic.com/AdServer/ Frame 4421	0 128 B	30ms 29ms	Script text/plain	8.28.7.84 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://simage4.pubmatic.com/AdServer/SPug?partnerID=163515&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=163515&s=&predirect=https%3A%2F%2Favd.innity.com%2Fuidsync%2Fmapuid%2F%3Fpid%3D1056%26puuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 20:47:24 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"