presaver.com Open in urlscan Pro
2606:4700:3031::6815:4b87 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://presaver.com/
Effective URL:
https://presaver.com/1/download
Submission: On January 05 via api (January 5th 2024, 10:47:08 am UTC) from US — Scanned from DE

Summary HTTP 58 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 13 domains to perform 58 HTTP transactions. The main IP is 2606:4700:3031::6815:4b87, located in United States and belongs to CLOUDFLARENET, US. The main domain is presaver.com.
TLS certificate: Issued by GTS CA 1P5 on December 29th 2023. Valid for: 3 months.

This is the only time presaver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::ac43:b14b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 9	2606:4700:303... 2606:4700:3031::6815:4b87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:6b8:a::a 2a02:6b8:a::a	13238 (YANDEX) (YANDEX)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
4	149.154.164.13 149.154.164.13	62041 (TELEGRAM) (TELEGRAM)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
4 12	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
15	149.154.167.99 149.154.167.99	62041 (TELEGRAM) (TELEGRAM)
3 4	95.161.64.99 95.161.64.99	62041 (TELEGRAM) (TELEGRAM)
3	149.154.164.24 149.154.164.24	62041 (TELEGRAM) (TELEGRAM)
7	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
58	15

1 2606:4700:3034::ac43:b14b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

presaver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3031::6815:4b87 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

presaver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8:a::a (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 149.154.164.13 (London, United Kingdom)

ASN62041 (TELEGRAM, VG)

comments.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 149.154.167.99 (London, United Kingdom)

ASN62041 (TELEGRAM, VG)

tg.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
oauth.tg.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.161.64.99 (Antigua And Barbuda) 3 redirects

ASN62041 (TELEGRAM, VG)

tx.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 149.154.164.24 (London, United Kingdom)

ASN62041 (TELEGRAM, VG)

cdn4.telesco.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	tg.dev tg.dev — Cisco Umbrella Rank: 62074 oauth.tg.dev — Cisco Umbrella Rank: 62703	209 KB
10	presaver.com 2 redirects presaver.com	133 KB
9	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 6227	4 KB
7	yastatic.net yastatic.net — Cisco Umbrella Rank: 3750	202 KB
5	yandex.ru 1 redirects yandex.ru — Cisco Umbrella Rank: 1186 mc.yandex.ru — Cisco Umbrella Rank: 2266	170 KB
4	tx.me 3 redirects tx.me — Cisco Umbrella Rank: 641217	2 KB
4	comments.app comments.app — Cisco Umbrella Rank: 340531	49 KB
3	telesco.pe cdn4.telesco.pe — Cisco Umbrella Rank: 262190	71 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1695	21 KB
2	gstatic.com fonts.gstatic.com	30 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 7553	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	149 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	2 KB
58	13

	Domain	Requested by
14	tg.dev	comments.app tg.dev
10	presaver.com	2 redirects presaver.com
9	mc.yandex.com	3 redirects presaver.com mc.yandex.ru
7	yastatic.net	yandex.ru
4	tx.me	3 redirects comments.app
4	comments.app	presaver.com comments.app
3	cdn4.telesco.pe	comments.app
3	mc.yandex.ru	1 redirects presaver.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	counter.yadro.ru	1 redirects presaver.com
2	www.googletagmanager.com	presaver.com www.googletagmanager.com
2	yandex.ru	presaver.com yandex.ru
1	oauth.tg.dev	comments.app
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	presaver.com
58	16

This site contains links to these domains. Also see Links.

Domain
220vk.com

Subject Issuer	Validity	Valid
presaver.com GTS CA 1P5	`2023-12-29` - `2024-03-28`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2023-10-26` - `2024-04-24`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.comments.app Go Daddy Secure Certificate Authority - G2	`2023-03-28` - `2024-04-28`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.tg.dev Go Daddy Secure Certificate Authority - G2	`2023-04-06` - `2024-05-07`	a year	crt.sh
*.tx.me Go Daddy Secure Certificate Authority - G2	`2023-09-05` - `2024-10-06`	a year	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-12-13` - `2024-06-11`	6 months	crt.sh

This page contains 2 frames:

Primary Page: https://presaver.com/1/download
Frame ID: EE4EC28604FC28B04528B9BEFEC5D36B
Requests: 35 HTTP requests in this frame

Frame: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Frame ID: 6CEA3F4AB3ED8DF359E90660C7D7CE30
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

220YouTube - Скачать видео с YouTube бесплатно на высокой скорости, без программ и регистрации

Page URL History Show full URLs

http://presaver.com/ HTTP 301
https://presaver.com/ HTTP 302
https://presaver.com/1/download Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

58
Requests

88 %
HTTPS

67 %
IPv6

13
Domains

16
Subdomains

15
IPs

5
Countries

1036 kB
Transfer

3230 kB
Size

30
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://220vk.com/
Title: 220vk

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://presaver.com/ HTTP 301
https://presaver.com/ HTTP 302
https://presaver.com/1/download Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//presaver.com/1/download;h220YouTube%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0432%u0438%u0434%u0435%u043E%20%u0441%20YouTube%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u043E%20%u043D%u0430%20%u0432%u044B%u0441%u043E%u043A%u043E%u0439%20%u0441%u043A%u043E%u0440%u043E%u0441%u0442%u0438%2C%20%u0431%u0435%u0437%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C%20%u0438%20%u0440%u0435%u0433%u0438%u0441%u0442%u0440%u0430%u0446%u0438%u0438;0.2647634301660706 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//presaver.com/1/download;h220YouTube%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0432%u0438%u0434%u0435%u043E%20%u0441%20YouTube%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u043E%20%u043D%u0430%20%u0432%u044B%u0441%u043E%u043A%u043E%u0439%20%u0441%u043A%u043E%u0440%u043E%u0441%u0442%u0438%2C%20%u0431%u0435%u0437%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C%20%u0438%20%u0440%u0435%u0433%u0438%u0441%u0442%u0440%u0430%u0446%u0438%u0438;0.2647634301660706

Request Chain 25

https://tx.me/i/userpic/320/MHGfygUlkh91yVtKiUC9lZYmXGy4oPzcgrwB9w75cfk.jpg HTTP 302
https://cdn4.telesco.pe/file/O-fCybcnF-vzH-roV5h5gQVvu1rDsPnBv1Wc028NVNzQvPh5QP_VhA5gVtLeag0bLcLvTQmymHi9QaAZkqS6LCGNI8mMGUEsGJHWWT2QDAXIe-xCP4nC1B8s8WBnrDtcowt9nnnUYiDC9eu0vrjA1hWdglr1bh3LEzLl0qcrOwPLeLnO4z18DOZiJB2BTl1cPmr607fPgaz5OthPsyUCXfrS-ZRpAaXaPkmZiNZM0QkDrZpag1U1GkISGrNNPuMYM9WpqlmIelfrQ1u3yMAvjc1w55prdbqAnX3SHc6F4r1AeBGO_HuYWvoUS07f-GPA53kF0kFJYb-1sd5tVgkqIA.jpg

Request Chain 26

https://tx.me/i/userpic/320/-gJ0Ziqb-gxeFFcxaUmZzO6Zh33M-aMkjLvbNDYTt60y4tDiE9_tCbpg44EN03Zo.jpg HTTP 302
https://cdn4.telesco.pe/file/qD-XBrU8h17zW8vlsN3-jSzhq_gexACQzH47SgY2apztXzgbx66CyPNvjXMj8vGaPSlg7VsNDtOfLNHvnmylDv9snXgEu_-87V688eabUTNi27tsImX8KQre_UBOYH2skxgAtIfHuLQhjSOsdJ-__Qq8nVRDD3A3FeyRgqbUog0htjoQzDgkvYaDifBEtqZmacjxTNHSu3y7-EeMQv20KI918LaB9NiNX7YzU9_QuXBEXkyZ15grJXva1dCYdlMp346KvLzwf-4Swc4Cq1JOin3pAxGm36-k_0dj-YKfTrbC6Zxg9Q_P0vAtHCOcIwq0ipsZ0uRcVD7YngwwVVxvOQ.jpg

Request Chain 29

https://tx.me/i/userpic/320/FO44pv-_D0irq4tePAjYSgHYMSRyY_012PO5Frh0z1gzTyxMmuy2hPv7VItAPVn3.jpg HTTP 302
https://cdn4.telesco.pe/file/qgKHrE23zncQAGrXXMmioZC2twuw2OhwyPpEaXyKvpTrersMLGItYFxjOh1mde6_qRpX4rE6P0ynPv-jQq4LM-Vai1DbdCYFktuGK3bILygJWqZB13WPzx2LJWASjBzEr-pcd-r8PfGxQx_yCzpWnDp4YRaP8jsnbUhqsoo1I1KmN542tCAtP5t101q16oob6KgQl5nz-J6W_0DL4RiA2NCy5TZthv8qx8I6MLCqjwF5YoQae7Y7nf5iZ7JwgAZseob0n7ZxWF9MR2xOXQu4bLzu0sK00ASNKen2IW45XVvXxDRfGfSV577BU_8-zKlotJSA-TW7R-_UuqrwrYox6g.jpg

Request Chain 38

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10239.jC4Bi987aOSH9iUmZ3ca2FJx_NtB67_tNMnzK4mEwG6HtbUxo4chpv4N9kcz0rG1.1oep8DUWXbLDA0Q4Sr1-nM6licI%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10239.mJojUo7lGiEnzNS0tjPtgX4iYxT5zkr2_vUjGkdXpfvNeODAqqGAwptMe80DkysdzotmbJPtGvKJOm7Q0WSQXlHFUIxjvJgtOS5wivnuv641kyANx_FTIxrVrw_q-0EjxyOyN6voNXqAZCcAuQCZBMPD570G1X7tmRXJu-_BWCkdg_GNk3z7geEaiDKv6PGeBTKwC8ghZw3BOd8NMPB9q4AWu0kbGWJ_yid1JA41sa0%2C.0U16P562MyG1yn9tKTql798PDww%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10239.aSPj6Cg8XUleDmq4NWbjbAr2DCtwxkamX6Mb2YmVBKzEeBikB0vWItWp4lCt4J77qwtPPXAbsl8KhgLIzTtdYVjDRLVLTmht73O4xTV3QanrGiWbRype6Mtr-CrY7XkLtmQbr-ABd_3-RVaHVTlYoSC8zHnYNB5TrLwgl3L60vmOFfqTSnR4hXydPi8f_1SD5Ztlmd1HiQFWuKcFml9_5Q%2C%2C.4sKbzClaOmqBLQ2yqnDAPvYxR1w%2C

Request Chain 56

https://mc.yandex.com/watch/49162435?wmode=7&page-url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A253743455139%3Ahid%3A867639300%3Az%3A60%3Ai%3A20240105114703%3Aet%3A1704451623%3Ac%3A1%3Arn%3A834135638%3Arqn%3A1%3Au%3A1704451623761283353%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C59%2C2%2C515%2C0%2C%2C212%2C0%2C%2C%2C%2C789%3Aco%3A0%3Acpf%3A1%3Ans%3A1704451622541%3Agi%3AR0ExLjEuMTkxMDg2MzM1LjE3MDQ0NTE2MjM%3D%3Afp%3A675%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704451624%3At%3A220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/49162435/1?wmode=7&page-url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A253743455139%3Ahid%3A867639300%3Az%3A60%3Ai%3A20240105114703%3Aet%3A1704451623%3Ac%3A1%3Arn%3A834135638%3Arqn%3A1%3Au%3A1704451623761283353%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C59%2C2%2C515%2C0%2C%2C212%2C0%2C%2C%2C%2C789%3Aco%3A0%3Acpf%3A1%3Ans%3A1704451622541%3Agi%3AR0ExLjEuMTkxMDg2MzM1LjE3MDQ0NTE2MjM%3D%3Afp%3A675%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704451624%3At%3A220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

58 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request download Show response
presaver.com/1/
Redirect Chain

http://presaver.com/
https://presaver.com/
https://presaver.com/1/download

7 KB
4 KB

60ms
59ms

Document
text/html

2606:4700:3031::6815:4b87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://presaver.com/1/download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:4b87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01ab56a285927f1b97b41819fb940131e528ca36d7f7d7f3e51464af1d5e6bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 840b24142928b8eb-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 05 Jan 2024 10:47:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=93LnJQsaa%2F0CPefKzIgEgUiwaAkYOTOgozhYs7yhCO0zBksyQbRhYDKuFe9sNdGt9NnqDoBW3xtkXoAAj9TnlgC7v9NNuwX%2FWiybknJFpPQBL9JRYo8Wmd%2FRd61tsU2h%2BYvLAffn6bEthC0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 840b24135813b8eb-AMS
content-type: text/html; charset=UTF-8
date: Fri, 05 Jan 2024 10:47:03 GMT
location: https://presaver.com/1/download
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Js24GCaColKLia734BEnUbryhMO9Zt2US7KNRN4UleD3hDvP67PRqhsNuhq%2B5Jkey95yhfpx4Ng2bd8VBvJcp4Ro4%2BlMlR0PeOqEWAFDnCV4kG5Lpab3DptQs5J9Mgb27UxPonfp8kVs3lU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 345 KB
98 KB 183ms
66ms Script
text/javascript 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: presaver.com
URL: https://presaver.com/1/download

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

a9b10312da937d73c94385843e514ddd20fed44653409aaba337fc786d2c7b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1704451623277885-8546912213504090507-balancer-l7leveler-kubr-yp-sas-33-BAL-6894
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 05 Jan 2024 11:47:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 50ms
24ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-139618482-1

Requested by

Host: presaver.com
URL: https://presaver.com/1/download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04681fed57fbd018ad9836275279337c96b8cf102dea6809d9d3a62150d9363a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69723
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Jan 2024 10:47:03 GMT

GET
H3 200 app.css
presaver.com/css/ 19 KB
5 KB 26ms
25ms Stylesheet
text/css 2606:4700:3031::6815:4b87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://presaver.com/css/app.css?id=1082b0d9d12236dd70bc

Requested by

Host: presaver.com
URL: https://presaver.com/1/download

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:4b87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd2fd30c709fd379d25c6c4763842600c4133879956a8f6cca047747a4975133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/1/download
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6838
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Jul 2023 16:36:04 GMT
server: cloudflare
etag: W/"64c7e2f4-4ce5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTP00e7JIkTuvPcLVPB72sDjZQ96IWUuejRXVEqgAZp8ya4wJm%2Fo1mpMhiB6qBsSXamFupMwidJ8iXj52Mstp0Q602roiBluH8uD2TU7%2FIrciAHHk1cz44XqoTw1yTCjWL4DDMkUiJeTkq4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 840b2414aa8b665c-AMS

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 44ms
19ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: presaver.com
URL: https://presaver.com/1/download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3c96cceafde14a4669c2114ee0d10bce6ec0163064151a98824a2575d97eaf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Jan 2024 10:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 10:38:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Jan 2024 10:47:03 GMT

GET
H2 200 widget.js Show response
comments.app/js/ 9 KB
3 KB 67ms
21ms Script
application/javascript 149.154.164.13
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://comments.app/js/widget.js?3

Requested by

Host: presaver.com
URL: https://presaver.com/1/download

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.13 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

482f450b7fdbac6f9304643f3e731df20bf66c51fb0599fa9a734e5d102a9e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Fri, 19 Jun 2020 23:54:45 GMT
server: nginx/1.20.1
etag: W/"5eed5045-2390"
content-type: application/javascript

GET
H3 200 email-decode.min.js Show response
presaver.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 19ms
18ms Script
application/javascript 2606:4700:3031::6815:4b87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://presaver.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: presaver.com
URL: https://presaver.com/1/download

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:4b87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/1/download
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6581a422-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TweUalfCiPY0xrGL9NQjQK5%2FuzRDn1DV5%2BdEcKaLWkgdZYfB%2Ff8X%2F3LGwcXuHskivuXfLAI64yKgRBnkn%2BqIy%2Ff9V8xlPhQPvGhHAxfrpMSj6NqBIuK7sOGQt%2Bv1Lz16sUdGUKGri9wFgSg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 840b2414aa8e665c-AMS
expires: Sun, 07 Jan 2024 10:47:03 GMT

GET
H3 200 sweetAlert2.js Show response
presaver.com/js/ 66 KB
18 KB 28ms
27ms Script
application/javascript 2606:4700:3031::6815:4b87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://presaver.com/js/sweetAlert2.js

Requested by

Host: presaver.com
URL: https://presaver.com/1/download

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:4b87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b2e49819d301475757a2b627c46e5453856c05073d77f6467e58b4780a666a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/1/download
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6578
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Jan 2023 14:17:10 GMT
server: cloudflare
etag: W/"63ce96e6-10600"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4h2MxD223liRv8uTlTLwAzDXkVohX2O1Y6XiCTIqxlsJx0iWw1%2F1s6%2FNHxmD7%2FP8RqRUcS%2BH%2Bzdx84hVib0rxW34SrvSdkjmYanIKruOKL9NWuryj5vDYOH%2FpJQWTXf53dINXOunKfIXr4U%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 840b2414aa91665c-AMS

GET
H3 200 vendor.js Show response
presaver.com/js/ 274 KB
85 KB 42ms
41ms Script
application/javascript 2606:4700:3031::6815:4b87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://presaver.com/js/vendor.js?id=7dcf5502d17063ffae48

Requested by

Host: presaver.com
URL: https://presaver.com/1/download

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:4b87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fc0b8b8f89f4fc12be0dd43fcc8e4907bf83b2b906828d96becd23a5407bbde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/1/download
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1795
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Jan 2023 14:17:10 GMT
server: cloudflare
etag: W/"63ce96e6-44965"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtWfIQaePEbX37gh5cYadPLA17rhEUSEUZ5m7Z%2BHwX2D5L%2B%2Bn8zScYW34EhnApi%2BMEOiquvxjkhZX%2FuC1w0P7kt0ZS3gXir2SMoqPIdvbBG3NfT1ZUJfB7qYlQAlOKmYE2odSG1ZQ45eL%2F4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 840b2414aa94665c-AMS

GET
H3 200 app.js Show response
presaver.com/js/ 55 KB
16 KB 76ms
75ms Script
application/javascript 2606:4700:3031::6815:4b87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://presaver.com/js/app.js?id=b7b3e2aeea1da7921949

Requested by

Host: presaver.com
URL: https://presaver.com/1/download

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:4b87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41aeecf645767e00367f3ce2ed361a63639e87f89e44ab0e85abab0f00efafb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/1/download
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6552
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Jan 2023 14:17:10 GMT
server: cloudflare
etag: W/"63ce96e6-dd0a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNLdh%2B7UjXIJvCRBttBYx4MZhPzDi2nTTD9BoZ1KgHN6elH5We0TwWpVqwZiOkYjY0W4z21Yo0TaA8FVTSN2W4EU%2Fd%2BJu%2FJmCHT%2BQ5qwxne3i%2BuryvfZJpTyscQYJGWb420Groo1OCJxfvY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 840b2414aa96665c-AMS

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//presaver.com/1/download;h220YouTube%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0432%u0438%u0434%u0435%u043E%20%u0441%20YouTube%20%u...
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//presaver.com/1/download;h220YouTube%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0432%u0438%u0434%u0435%u043E%20%u0441%20YouTube%20...

43 B
528 B

40ms
39ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//presaver.com/1/download;h220YouTube%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0432%u0438%u0434%u0435%u043E%20%u0441%20YouTube%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u043E%20%u043D%u0430%20%u0432%u044B%u0441%u043E%u043A%u043E%u0439%20%u0441%u043A%u043E%u0440%u043E%u0441%u0442%u0438%2C%20%u0431%u0435%u0437%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C%20%u0438%20%u0440%u0435%u0433%u0438%u0441%u0442%u0440%u0430%u0446%u0438%u0438;0.2647634301660706

Requested by

Host: presaver.com
URL: https://presaver.com/1/download

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Jan 2024 10:47:03 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Wed, 04 Jan 2023 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 05 Jan 2024 10:47:03 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//presaver.com/1/download;h220YouTube%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0432%u0438%u0434%u0435%u043E%20%u0441%20YouTube%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u043E%20%u043D%u0430%20%u0432%u044B%u0441%u043E%u043A%u043E%u0439%20%u0441%u043A%u043E%u0440%u043E%u0441%u0442%u0438%2C%20%u0431%u0435%u0437%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C%20%u0438%20%u0440%u0435%u0433%u0438%u0441%u0442%u0440%u0430%u0446%u0438%u0438;0.2647634301660706
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Wed, 04 Jan 2023 21:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 203ms
89ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: presaver.com
URL: https://presaver.com/1/download

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 27 Dec 2023 07:32:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "658bd2fc-11627"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71207
expires: Fri, 05 Jan 2024 11:47:03 GMT

GET
H3 200 logo.svg
presaver.com/images/ 2 KB
1 KB 26ms
26ms Image
image/svg+xml 2606:4700:3031::6815:4b87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://presaver.com/images/logo.svg?v2

Requested by

Host: presaver.com
URL: https://presaver.com/css/app.css?id=1082b0d9d12236dd70bc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:4b87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5e57602d71b6ae75248a554d8f5e7d43f2a750574d4b006c1659804e67e51b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/css/app.css?id=1082b0d9d12236dd70bc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5077
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Jan 2023 14:17:10 GMT
server: cloudflare
etag: W/"63ce96e6-742"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6f3a5cG1ue%2BsOUtYN8xc60G%2FkGNT08NNJOzJPZUhJ7r006N2zibNzG%2BgBu%2FnUWPJ33lK9fn%2BulbdJDlfYFu4f%2BJGTn0WXUG2jJ0X5etFScU3Ihhl8l%2FiCynbF0deFDG9c4wEBYmJ%2BBwRNKA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 840b2414fb25665c-AMS

GET
H3 200 button_search.svg
presaver.com/images/ 269 B
691 B 26ms
24ms Image
image/svg+xml 2606:4700:3031::6815:4b87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://presaver.com/images/button_search.svg

Requested by

Host: presaver.com
URL: https://presaver.com/css/app.css?id=1082b0d9d12236dd70bc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:4b87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ddea45f7eb06a894584093adf3edfed13711ab62db3016f2461d7cbfebce0f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/css/app.css?id=1082b0d9d12236dd70bc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1790
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Jan 2023 14:17:10 GMT
server: cloudflare
etag: W/"63ce96e6-10d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0asiDJnL9bhdJaJ7EZjm%2BPG2N6T%2BQjAHepLhqs2c7GJS%2FFG3V%2F6aRmsRUaPLonxJLe9h39uCn2V3PmMXXEH27ebnerlqjMjALL7vk%2Ftf2Via%2FInAxtfR6%2BZzgIX3H0yrZUXy2ZitH5yDnU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 840b24150b2f665c-AMS

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2
fonts.gstatic.com/s/opensans/v40/ 11 KB
11 KB 46ms
14ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21e75944d3f77408d1f5f2fab67c89c7fc43f4a80a3b8e4dcf38185f9d9f46e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://presaver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 17:12:15 GMT
x-content-type-options: nosniff
age: 63288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11116
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 17:12:15 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
19 KB 44ms
12ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://presaver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:10:26 GMT
x-content-type-options: nosniff
age: 102997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 06:10:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
81 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PMVYTSSYQP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-139618482-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c5b3962e5a380efa6862c45565d1c46539611fd16db8190420b3cff9f0a8eca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82555
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 Jan 2024 10:47:03 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-139618482-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 05 Jan 2024 09:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3526
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 05 Jan 2024 11:48:17 GMT

GET
H2 200 view Show response
comments.app/embed/ Frame 6CEA 17 KB
4 KB 27ms
27ms Document
text/html 149.154.164.13
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1

Requested by

Host: comments.app
URL: https://comments.app/js/widget.js?3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.13 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

a7a8f09b4ad9bb870ee934c2e6099f94e8bfbdf6ebd9dbd88150e41f388bcd13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://presaver.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
content-encoding: gzip
content-length: 3405
content-type: text/html; charset=utf-8
date: Fri, 05 Jan 2024 10:47:03 GMT
pragma: no-cache
server: nginx/1.20.1
strict-transport-security: max-age=31536000; includeSubDomains; preload

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 16ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=495019111&t=pageview&_s=1&dl=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&ul=en-us&de=UTF-8&dt=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1397641923&gjid=67596694&cid=191086335.1704451623&tid=UA-139618482-1&_gid=629528222.1704451623&_r=1&gtm=457e4130&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1169360295

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://presaver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 10:47:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://presaver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 44ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PMVYTSSYQP&gtm=45je4130v9119020663&_p=1704451623159&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=191086335.1704451623&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1704451623&sct=1&seg=0&dl=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&dt=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&en=page_view&_fv=1&_ss=1&tfd=854
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PMVYTSSYQP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 10:47:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://presaver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 font-roboto.css
tg.dev/css/ Frame 6CEA 6 KB
893 B 96ms
45ms Stylesheet
text/css 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://tg.dev/css/font-roboto.css?1

Requested by

Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comments.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
server: nginx/1.18.0
etag: W/"63512b7d-1816"
content-type: text/css
cache-control: max-age=345600
expires: Tue, 09 Jan 2024 10:47:03 GMT

GET
H2 200 bootstrap.min.css
tg.dev/css/ Frame 6CEA 42 KB
10 KB 79ms
29ms Stylesheet
text/css 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://tg.dev/css/bootstrap.min.css?3

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comments.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
server: nginx/1.18.0
etag: W/"5a05e7c6-a61b"
content-type: text/css
cache-control: max-age=345600
expires: Tue, 09 Jan 2024 10:47:03 GMT

GET
H2 200 bootstrap-extra.css
tg.dev/css/ Frame 6CEA 70 KB
13 KB 94ms
44ms Stylesheet
text/css 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://tg.dev/css/bootstrap-extra.css?2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

6342d16a93416b5e826f6d0e0e930ef033efb682851ae46270f3c4f5b4a1c194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comments.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
server: nginx/1.18.0
etag: W/"5a05e7c6-11648"
content-type: text/css
cache-control: max-age=345600
expires: Tue, 09 Jan 2024 10:47:03 GMT

GET
H2 200 widget-frame.css
tg.dev/css/ Frame 6CEA 81 KB
21 KB 80ms
29ms Stylesheet
text/css 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://tg.dev/css/widget-frame.css?66

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

d61214fdf1c1eee41b83cb56d52b82db20a47bfeab5248bb6fda7a4f0744eedf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comments.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Sat, 01 Apr 2023 17:42:21 GMT
server: nginx/1.18.0
etag: W/"64286cfd-1456a"
content-type: text/css
cache-control: max-age=345600
expires: Tue, 09 Jan 2024 10:47:03 GMT

GET
H2 200 comments.css
comments.app/css/ Frame 6CEA 83 KB
20 KB 15ms
14ms Stylesheet
text/css 149.154.164.13
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://comments.app/css/comments.css?31

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.13 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

e450af4a7c4974ea3ff324b629876380e0ca9605333a57152a953310c4a4661a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Fri, 24 Jul 2020 12:57:13 GMT
server: nginx/1.20.1
etag: W/"5f1adaa9-14b98"
content-type: text/css

GET
H/1.1

200
OK

O-fCybcnF-vzH-roV5h5gQVvu1rDsPnBv1Wc028NVNzQvPh5QP_VhA5gVtLeag0bLcLvTQmymHi9QaAZkqS6LCGNI8mMGUEsGJHWWT2QDAXIe-xCP4nC1B8s8WBnrDtcowt9nnnUYiDC9eu0vrjA1hWdglr1bh3LEzLl0qcrOwPLeLnO4z18DOZiJB2BTl1cPmr60...
cdn4.telesco.pe/file/ Frame 6CEA
Redirect Chain

https://tx.me/i/userpic/320/MHGfygUlkh91yVtKiUC9lZYmXGy4oPzcgrwB9w75cfk.jpg
https://cdn4.telesco.pe/file/O-fCybcnF-vzH-roV5h5gQVvu1rDsPnBv1Wc028NVNzQvPh5QP_VhA5gVtLeag0bLcLvTQmymHi9QaAZkqS6LCGNI8mMGUEsGJHWWT2QDAXIe-xCP4nC1B8s8WBnrDtcowt9nnnUYiDC9eu0vrjA1hWdglr1bh3LEzLl0qcr...

31 KB
31 KB

95ms
28ms

Image
image/jpeg

149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/O-fCybcnF-vzH-roV5h5gQVvu1rDsPnBv1Wc028NVNzQvPh5QP_VhA5gVtLeag0bLcLvTQmymHi9QaAZkqS6LCGNI8mMGUEsGJHWWT2QDAXIe-xCP4nC1B8s8WBnrDtcowt9nnnUYiDC9eu0vrjA1hWdglr1bh3LEzLl0qcrOwPLeLnO4z18DOZiJB2BTl1cPmr607fPgaz5OthPsyUCXfrS-ZRpAaXaPkmZiNZM0QkDrZpag1U1GkISGrNNPuMYM9WpqlmIelfrQ1u3yMAvjc1w55prdbqAnX3SHc6F4r1AeBGO_HuYWvoUS07f-GPA53kF0kFJYb-1sd5tVgkqIA.jpg

Requested by

Protocol

HTTP/1.1

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

1afe0f404b5168a1d44e037eca1d315953d35008ab81e1ceef9652de930b0ff5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comments.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 10:47:03 GMT
Content-Security-Policy: default-src 'none'; sandbox
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Connection: keep-alive
Content-Length: 31535
X-XSS-Protection: 1; mode=block
Server: nginx/1.18.0
ETag: "86580e7850d45fced8fff1df3f178d7b21a3883d"
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes, bytes
Expires: Sun, 04 Feb 2024 10:47:03 GMT

Redirect headers

date: Fri, 05 Jan 2024 10:47:03 GMT
content-encoding: gzip
strict-transport-security: max-age=35768000
server: nginx/1.18.0
content-type: text/html; charset=UTF-8
location: https://cdn4.telesco.pe/file/O-fCybcnF-vzH-roV5h5gQVvu1rDsPnBv1Wc028NVNzQvPh5QP_VhA5gVtLeag0bLcLvTQmymHi9QaAZkqS6LCGNI8mMGUEsGJHWWT2QDAXIe-xCP4nC1B8s8WBnrDtcowt9nnnUYiDC9eu0vrjA1hWdglr1bh3LEzLl0qcrOwPLeLnO4z18DOZiJB2BTl1cPmr607fPgaz5OthPsyUCXfrS-ZRpAaXaPkmZiNZM0QkDrZpag1U1GkISGrNNPuMYM9WpqlmIelfrQ1u3yMAvjc1w55prdbqAnX3SHc6F4r1AeBGO_HuYWvoUS07f-GPA53kF0kFJYb-1sd5tVgkqIA.jpg
cache-control: max-age=3600, public
content-length: 20
expires: Fri, 05 Jan 2024 11:47:03 GMT

GET
H/1.1

200
OK

qD-XBrU8h17zW8vlsN3-jSzhq_gexACQzH47SgY2apztXzgbx66CyPNvjXMj8vGaPSlg7VsNDtOfLNHvnmylDv9snXgEu_-87V688eabUTNi27tsImX8KQre_UBOYH2skxgAtIfHuLQhjSOsdJ-__Qq8nVRDD3A3FeyRgqbUog0htjoQzDgkvYaDifBEtqZmacjxT...
cdn4.telesco.pe/file/ Frame 6CEA
Redirect Chain

https://tx.me/i/userpic/320/-gJ0Ziqb-gxeFFcxaUmZzO6Zh33M-aMkjLvbNDYTt60y4tDiE9_tCbpg44EN03Zo.jpg
https://cdn4.telesco.pe/file/qD-XBrU8h17zW8vlsN3-jSzhq_gexACQzH47SgY2apztXzgbx66CyPNvjXMj8vGaPSlg7VsNDtOfLNHvnmylDv9snXgEu_-87V688eabUTNi27tsImX8KQre_UBOYH2skxgAtIfHuLQhjSOsdJ-__Qq8nVRDD3A3FeyRgqbU...

20 KB
20 KB

94ms
27ms

Image
image/jpeg

149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/qD-XBrU8h17zW8vlsN3-jSzhq_gexACQzH47SgY2apztXzgbx66CyPNvjXMj8vGaPSlg7VsNDtOfLNHvnmylDv9snXgEu_-87V688eabUTNi27tsImX8KQre_UBOYH2skxgAtIfHuLQhjSOsdJ-__Qq8nVRDD3A3FeyRgqbUog0htjoQzDgkvYaDifBEtqZmacjxTNHSu3y7-EeMQv20KI918LaB9NiNX7YzU9_QuXBEXkyZ15grJXva1dCYdlMp346KvLzwf-4Swc4Cq1JOin3pAxGm36-k_0dj-YKfTrbC6Zxg9Q_P0vAtHCOcIwq0ipsZ0uRcVD7YngwwVVxvOQ.jpg

Requested by

Protocol

HTTP/1.1

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

5b5b6080db68a21fa919cc97d4451da4010fdb0ffacf2f265151b2f0d940d45c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comments.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 10:47:03 GMT
Content-Security-Policy: default-src 'none'; sandbox
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Connection: keep-alive
Content-Length: 19979
X-XSS-Protection: 1; mode=block
Server: nginx/1.18.0
ETag: "5b127c8694a2a4474c2c9a13a0248ec01fd82e7e"
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes, bytes
Expires: Sun, 04 Feb 2024 10:47:03 GMT

Redirect headers

date: Fri, 05 Jan 2024 10:47:03 GMT
content-encoding: gzip
strict-transport-security: max-age=35768000
server: nginx/1.18.0
content-type: text/html; charset=UTF-8
location: https://cdn4.telesco.pe/file/qD-XBrU8h17zW8vlsN3-jSzhq_gexACQzH47SgY2apztXzgbx66CyPNvjXMj8vGaPSlg7VsNDtOfLNHvnmylDv9snXgEu_-87V688eabUTNi27tsImX8KQre_UBOYH2skxgAtIfHuLQhjSOsdJ-__Qq8nVRDD3A3FeyRgqbUog0htjoQzDgkvYaDifBEtqZmacjxTNHSu3y7-EeMQv20KI918LaB9NiNX7YzU9_QuXBEXkyZ15grJXva1dCYdlMp346KvLzwf-4Swc4Cq1JOin3pAxGm36-k_0dj-YKfTrbC6Zxg9Q_P0vAtHCOcIwq0ipsZ0uRcVD7YngwwVVxvOQ.jpg
cache-control: max-age=3600, public
content-length: 20
expires: Fri, 05 Jan 2024 11:47:03 GMT

GET
H2 404 -cLZrujLWYt7T-pfLnFD-whO7O5yobvicdP06MOnqHfeSZmCTTo5LMu0fCwSWXH4.jpg
tx.me/i/userpic/320/ Frame 6CEA 42 B
239 B 49ms
34ms Image
image/gif 95.161.64.99
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tx.me/i/userpic/320/-cLZrujLWYt7T-pfLnFD-whO7O5yobvicdP06MOnqHfeSZmCTTo5LMu0fCwSWXH4.jpg
Requested by: Host: comments.app
URL: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.161.64.99 , Antigua And Barbuda, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comments.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
content-encoding: gzip
server: nginx/1.18.0
content-length: 53
content-type: image/gif

GET k4qMD_54_iZE6HvrewxYjyHYk4hLFFqAGITUVbFzJIYDQEYL-qrZ4MOhtlrj260V.jpg
tx.me/i/userpic/320/ Frame 6CEA 0
0

GET
H/1.1

200
OK

qgKHrE23zncQAGrXXMmioZC2twuw2OhwyPpEaXyKvpTrersMLGItYFxjOh1mde6_qRpX4rE6P0ynPv-jQq4LM-Vai1DbdCYFktuGK3bILygJWqZB13WPzx2LJWASjBzEr-pcd-r8PfGxQx_yCzpWnDp4YRaP8jsnbUhqsoo1I1KmN542tCAtP5t101q16oob6KgQl...
cdn4.telesco.pe/file/ Frame 6CEA
Redirect Chain

https://tx.me/i/userpic/320/FO44pv-_D0irq4tePAjYSgHYMSRyY_012PO5Frh0z1gzTyxMmuy2hPv7VItAPVn3.jpg
https://cdn4.telesco.pe/file/qgKHrE23zncQAGrXXMmioZC2twuw2OhwyPpEaXyKvpTrersMLGItYFxjOh1mde6_qRpX4rE6P0ynPv-jQq4LM-Vai1DbdCYFktuGK3bILygJWqZB13WPzx2LJWASjBzEr-pcd-r8PfGxQx_yCzpWnDp4YRaP8jsnbUhqsoo1...

19 KB
19 KB

96ms
29ms

Image
image/jpeg

149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/qgKHrE23zncQAGrXXMmioZC2twuw2OhwyPpEaXyKvpTrersMLGItYFxjOh1mde6_qRpX4rE6P0ynPv-jQq4LM-Vai1DbdCYFktuGK3bILygJWqZB13WPzx2LJWASjBzEr-pcd-r8PfGxQx_yCzpWnDp4YRaP8jsnbUhqsoo1I1KmN542tCAtP5t101q16oob6KgQl5nz-J6W_0DL4RiA2NCy5TZthv8qx8I6MLCqjwF5YoQae7Y7nf5iZ7JwgAZseob0n7ZxWF9MR2xOXQu4bLzu0sK00ASNKen2IW45XVvXxDRfGfSV577BU_8-zKlotJSA-TW7R-_UuqrwrYox6g.jpg

Requested by

Protocol

HTTP/1.1

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

ed467d3e4e5615633d9c4be5da4e17e6ad13a8e053ec56212356a783f7c73d3a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comments.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 10:47:03 GMT
Content-Security-Policy: default-src 'none'; sandbox
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Connection: keep-alive
Content-Length: 19132
X-XSS-Protection: 1; mode=block
Server: nginx/1.18.0
ETag: "993088a10794f28c1dc444d487775da053971838"
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes, bytes
Expires: Sun, 04 Feb 2024 10:47:03 GMT

Redirect headers

date: Fri, 05 Jan 2024 10:47:03 GMT
content-encoding: gzip
strict-transport-security: max-age=35768000
server: nginx/1.18.0
content-type: text/html; charset=UTF-8
location: https://cdn4.telesco.pe/file/qgKHrE23zncQAGrXXMmioZC2twuw2OhwyPpEaXyKvpTrersMLGItYFxjOh1mde6_qRpX4rE6P0ynPv-jQq4LM-Vai1DbdCYFktuGK3bILygJWqZB13WPzx2LJWASjBzEr-pcd-r8PfGxQx_yCzpWnDp4YRaP8jsnbUhqsoo1I1KmN542tCAtP5t101q16oob6KgQl5nz-J6W_0DL4RiA2NCy5TZthv8qx8I6MLCqjwF5YoQae7Y7nf5iZ7JwgAZseob0n7ZxWF9MR2xOXQu4bLzu0sK00ASNKen2IW45XVvXxDRfGfSV577BU_8-zKlotJSA-TW7R-_UuqrwrYox6g.jpg
cache-control: max-age=3600, public
content-length: 20
expires: Fri, 05 Jan 2024 11:47:03 GMT

GET
H2 200 jquery.min.js Show response
tg.dev/js/ Frame 6CEA 94 KB
38 KB 60ms
46ms Script
application/javascript 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://tg.dev/js/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comments.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
server: nginx/1.18.0
etag: W/"5a05e7c6-1762a"
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 09 Jan 2024 10:47:03 GMT

GET
H2 200 jquery-ui.min.js Show response
tg.dev/js/ Frame 6CEA 96 KB
32 KB 81ms
67ms Script
application/javascript 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://tg.dev/js/jquery-ui.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comments.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
server: nginx/1.18.0
etag: W/"5a05e7c6-181a9"
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 09 Jan 2024 10:47:03 GMT

GET
H2 200 bootstrap.min.js Show response
tg.dev/js/ Frame 6CEA 31 KB
10 KB 64ms
63ms Script
application/javascript 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://tg.dev/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

b5e930df6a2976d5df996e18b347e091756699ea32716dc53d0e1c0fd814c526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comments.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
server: nginx/1.18.0
etag: W/"5a05e7c6-7d0d"
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 09 Jan 2024 10:47:03 GMT

GET
H2 200 main-aj.js Show response
tg.dev/js/ Frame 6CEA 37 KB
11 KB 65ms
64ms Script
application/javascript 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://tg.dev/js/main-aj.js?68

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

460da5fa7484bbd9e429f9d2e266cb50f977536770bf9a070acf6e68d29a2445

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comments.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 08 Jun 2023 16:34:29 GMT
server: nginx/1.18.0
etag: W/"64820315-923f"
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 09 Jan 2024 10:47:03 GMT

GET
H2 200 tgsticker.js Show response
tg.dev/js/ Frame 6CEA 24 KB
7 KB 65ms
65ms Script
application/javascript 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://tg.dev/js/tgsticker.js?31

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

42d42f23d7276824168808093be0f20e3e53673718c79349cc22da88f58d3e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comments.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 29 Mar 2023 11:31:32 GMT
server: nginx/1.18.0
etag: W/"64242194-601c"
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 09 Jan 2024 10:47:03 GMT

GET
H2 200 telegram-widget.js Show response
oauth.tg.dev/js/ Frame 6CEA 20 KB
6 KB 106ms
88ms Script
application/javascript 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://oauth.tg.dev/js/telegram-widget.js?22

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comments.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Mon, 03 Apr 2023 11:46:12 GMT
server: nginx/1.18.0
etag: W/"642abc84-4ff5"
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 09 Jan 2024 10:47:03 GMT

GET
H2 200 widget-frame.js Show response
tg.dev/js/ Frame 6CEA 92 KB
25 KB 66ms
65ms Script
application/javascript 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://tg.dev/js/widget-frame.js?62

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

9db6a684c4b8c87ced6ca91ed34a348464a41df4d3f74c007cae6d87e68a1e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comments.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 20 Apr 2023 18:46:51 GMT
server: nginx/1.18.0
etag: W/"6441889b-16f16"
content-type: application/javascript
cache-control: max-age=345600
expires: Tue, 09 Jan 2024 10:47:03 GMT

GET
H2 200 comments.js Show response
comments.app/js/ Frame 6CEA 81 KB
22 KB 15ms
14ms Script
application/javascript 149.154.164.13
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://comments.app/js/comments.js?35

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.13 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

aa441bf5f2ac8c608371513bad73ea45ad6dc8b7c50e3c6841af81147d0b96ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comments.app/embed/view?website=qnAQclUa&page_id=youtube&page_url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&origin=https%3A%2F%2Fpresaver.com&page_title=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&limit=10&colorful=1&dislikes=1&outlined=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 20:59:36 GMT
server: nginx/1.20.1
etag: W/"5fb439b8-142f4"
content-type: application/javascript

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10239.jC4Bi987aOSH9iUmZ3ca2FJx_NtB67_tNMnzK4mEwG6HtbUxo4chpv4N9kcz0rG1.1oep8DUWXbLDA0Q4Sr1-nM6licI%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10239.mJojUo7lGiEnzNS0tjPtgX4iYxT5zkr2_vUjGkdXpfvNeODAqqGAwptMe80DkysdzotmbJPtGvKJOm7Q0WSQXlHFUIxjvJgtOS5wivnuv641kyANx_FTIxrVrw_q-0EjxyOyN6voNX...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10239.aSPj6Cg8XUleDmq4NWbjbAr2DCtwxkamX6Mb2YmVBKzEeBikB0vWItWp4lCt4J77qwtPPXAbsl8KhgLIzTtdYVjDRLVLTmht73O4xTV3QanrG...

43 B
582 B

57ms
55ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10239.aSPj6Cg8XUleDmq4NWbjbAr2DCtwxkamX6Mb2YmVBKzEeBikB0vWItWp4lCt4J77qwtPPXAbsl8KhgLIzTtdYVjDRLVLTmht73O4xTV3QanrGiWbRype6Mtr-CrY7XkLtmQbr-ABd_3-RVaHVTlYoSC8zHnYNB5TrLwgl3L60vmOFfqTSnR4hXydPi8f_1SD5Ztlmd1HiQFWuKcFml9_5Q%2C%2C.4sKbzClaOmqBLQ2yqnDAPvYxR1w%2C

Requested by

Host: presaver.com
URL: https://presaver.com/1/download

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10239.aSPj6Cg8XUleDmq4NWbjbAr2DCtwxkamX6Mb2YmVBKzEeBikB0vWItWp4lCt4J77qwtPPXAbsl8KhgLIzTtdYVjDRLVLTmht73O4xTV3QanrGiWbRype6Mtr-CrY7XkLtmQbr-ABd_3-RVaHVTlYoSC8zHnYNB5TrLwgl3L60vmOFfqTSnR4hXydPi8f_1SD5Ztlmd1HiQFWuKcFml9_5Q%2C%2C.4sKbzClaOmqBLQ2yqnDAPvYxR1w%2C
date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
501 B 54ms
53ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: presaver.com
URL: https://presaver.com/1/download

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:57:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65898a2e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 05 Jan 2024 11:47:03 GMT

GET
H2 200 ae84bbbd1296b7622b03.js Show response
yastatic.net/partner-code-bundles/937691/ 14 KB
5 KB 161ms
74ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/937691/ae84bbbd1296b7622b03.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1d490f8ba764274bfd0c05c9f08a47fad09e3acdc610277ae758b2110c2fc487

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://presaver.com/
Origin: https://presaver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4774
last-modified: Wed, 27 Dec 2023 15:52:52 GMT
server: nginx/1.17.9
etag: "d032afca6659f91e6050d3a7cb7732d6"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 04 Jan 2054 17:18:22 GMT

GET
H2 200 a6a4b083a73f3d813a26.js Show response
yastatic.net/partner-code-bundles/937691/ 24 KB
8 KB 163ms
81ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/937691/a6a4b083a73f3d813a26.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

37f1e1ddc606edbc65252667c8328137f6368e4cf3cbd3ceadf6c363497f0fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://presaver.com/
Origin: https://presaver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7948
last-modified: Wed, 27 Dec 2023 15:52:51 GMT
server: nginx/1.17.9
etag: "305febfe1dae5f2a6de6e886de7f106e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 04 Jan 2054 17:18:22 GMT

GET
H2 200 a92bedce4b45bc60c7b9.js Show response
yastatic.net/partner-code-bundles/937691/ 118 KB
25 KB 180ms
98ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/937691/a92bedce4b45bc60c7b9.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9aff1e9197e4b9d23668b36be6c8e6d2bc239190eeb664fc1d9d18a50f492b94

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://presaver.com/
Origin: https://presaver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24647
last-modified: Wed, 27 Dec 2023 15:52:52 GMT
server: nginx/1.17.9
etag: "d069730651ed399a08217baa025aa8ea"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 04 Jan 2054 17:18:22 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 190ms
109ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://presaver.com/
Origin: https://presaver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 04 Jan 2054 17:18:22 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 139ms
61ms Font
font/woff2 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://presaver.com/
Origin: https://presaver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: ef06fe2ca539db2e
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 16:31:34 GMT

GET
H2 200 d053ed1897419218e52b.js Show response
yastatic.net/partner-code-bundles/937691/ 59 KB
15 KB 171ms
110ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/937691/d053ed1897419218e52b.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

c5c850074a6028d74f3e9165024b599bef1d198d41cd69332583bfdedb65d2e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://presaver.com/
Origin: https://presaver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 14823
last-modified: Wed, 27 Dec 2023 15:52:53 GMT
server: nginx/1.17.9
etag: "372eddc8968904725578a902d2d6e3d7"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 04 Jan 2054 17:20:54 GMT

GET
H2 200 4c9a181cc3ad10f671b2.js Show response
yastatic.net/partner-code-bundles/937691/ 591 KB
113 KB 54ms
53ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/937691/4c9a181cc3ad10f671b2.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

865e11124af5c3ef37d096e3e7bcd203b405cfe8ccb50a96e853c632f35f073c

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://presaver.com/
Origin: https://presaver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 115418
last-modified: Wed, 27 Dec 2023 15:52:51 GMT
server: nginx/1.17.9
etag: "347ed7d6e2fd1edc6d55a36b22981099"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 04 Jan 2054 17:19:14 GMT

GET
DATA 200
OK truncated
/ Frame 6CEA 981 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a60df03b91b9476787761e0a2740e3506dcc439e9d09ce04042bcab8b57ccce6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6CEA 974 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ddd0d91489d750daa77e69eff926a5de2d39a04039843acb4b28f7eed5d349dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6CEA 694 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76216b6c25b768e5bee4b758dacfef993b3e87cc2d7fd9bf192bd685d1ae9bfb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6CEA 706 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b28d8e93ecf9067ff746e514c79ad5adc53cc00965630bfe0b118cf80f7bf065

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
tg.dev/fonts/Roboto/ Frame 6CEA 11 KB
11 KB 61ms
26ms Font
application/octet-stream 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL: https://tg.dev/fonts/Roboto/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by: Host: tg.dev
URL: https://tg.dev/css/font-roboto.css?1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

Request headers

Referer: https://tg.dev/css/font-roboto.css?1
Origin: https://comments.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
server: nginx/1.18.0
etag: "63512b7d-2b40"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 11072
expires: Tue, 09 Jan 2024 10:47:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
tg.dev/fonts/Roboto/ Frame 6CEA 11 KB
11 KB 62ms
28ms Font
application/octet-stream 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL: https://tg.dev/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by: Host: tg.dev
URL: https://tg.dev/css/font-roboto.css?1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Request headers

Referer: https://tg.dev/css/font-roboto.css?1
Origin: https://comments.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
server: nginx/1.18.0
etag: "63512b7d-2b14"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 11028
expires: Tue, 09 Jan 2024 10:47:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
tg.dev/fonts/Roboto/ Frame 6CEA 6 KB
7 KB 58ms
27ms Font
application/octet-stream 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL: https://tg.dev/fonts/Roboto/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
Requested by: Host: tg.dev
URL: https://tg.dev/css/font-roboto.css?1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 41b5c3b25f4258190937deb900fa57a6db6d450ce7dd2af2259af760119a1c41

Request headers

Referer: https://tg.dev/css/font-roboto.css?1
Origin: https://comments.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
server: nginx/1.18.0
etag: "63512b7d-193c"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 6460
expires: Tue, 09 Jan 2024 10:47:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
tg.dev/fonts/Roboto/ Frame 6CEA 6 KB
7 KB 58ms
29ms Font
application/octet-stream 149.154.167.99
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL: https://tg.dev/fonts/Roboto/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
Requested by: Host: tg.dev
URL: https://tg.dev/css/font-roboto.css?1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 3e70e149a35f394bb78ef7842de11a06359fed7828f30331594a28d196c54012

Request headers

Referer: https://tg.dev/css/font-roboto.css?1
Origin: https://comments.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
server: nginx/1.18.0
etag: "63512b7d-19e8"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 6632
expires: Tue, 09 Jan 2024 10:47:03 GMT

GET
H2 200 1507304 Show response
yandex.ru/ads/meta/ 446 B
770 B 161ms
157ms XHR
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/1507304?target-ref=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&pcode-test-ids=913082%2C0%2C85%3B909920%2C0%2C82%3B920184%2C0%2C29%3B929669%2C0%2C89%3B917808%2C0%2C85%3B934586%2C0%2C57%3B892904%2C0%2C89%3B923323%2C0%2C53%3B936317%2C0%2C81%3B925138%2C0%2C37%3B935795%2C0%2C21%3B912288%2C0%2C53&pcode-flags-map=eJy1Wdty2zgS%2FRc9JxneL3mDSJDCmrcBQTtKagqlSTQZ7cr2luPMziaVf99uAJRI2QvFzkweHJFWHwB9OX0a%2Frq4JL3sV%2B2VJLmsyJJWsmi5ZI1ckqahfPH63dfFH5v95%2B3i9ULwgS5eLO63n%2B7ZB3iOIt8P4sW3X14cYTre5kMmetk2siNDT60IsZsGvkbIWU%2BWFZVZOzRCcpozTjMBOyFdZ8fwnCDwDruAJWU9VILxtqoArRH4gXJ5RUS2orkUrKayLYqeCjuu7znx8XScCr7GUzVUXLX8QlLOW7t%2F4jAK4vSAAKtnF%2BDkdTsI2Vct%2FGBvqVzCgXPCGe3tYHHiBq4CwxMgRsepOuTxuJcsp600v5%2FBuQ78m%2BGlfho7Z%2FCWQ1GA62jdibWsWM1OQZ%2BMeNkRlv%2F1OywG%2BPxc1AZz9S%2Fe6f%2FB%2FKH4PI7593ngudHHZC85WcqKNqVYzYygWJOpWeIkThwczGijSEBwAqVyyfqBVJpXkJXoG0F5A2%2Fy3k4JietFzjNA1YueFFQWnNR26lJraHrgHHmmh28AYcGCAsm0IwgB2L1CJUPOWplxSgS7PFPqSeB4bnjY%2Fhgk0QIJ9YJwgTRUMA4LZauhuZAFYdUMMZxHPAm82DsCEiEwpv1TEH0bIJwVWDerGAXqrmgJ3mRN0cqrFVOM3lxSWEInP%2FrnzOlDJ0kmvNvkkIRkiS4gOSKxHl4MvMJNX9Fle86bsRMcWbikcMahF20tL2vSHbx7SaphHvHopG6SKPSjY6OhGUBkguikqUlV2bcRJ0EQPLRWlvKKiZUUkItPwRhjVw8C%2Bho442FLCmfmqec6kTLvwavStNwc01WsO4ptv2uvKKdFwTIIZraegW3%2F%2FPccbla6JM%2FHSutICS22EwyqQhcCpppyd8WaC%2FsZ0zQ1fW5s5w1V8mQsHgy9bV%2Bp64AmUAhd1ub0BzF64AWgjqavCLoZ4taRBk4GcHaEJEq8A4KiBdzImkA%2Bv5GksRp7buQ6MycsB8kyTHiVKW0LJG0nwdR3E%2F9YowWDNOuGZcUySXoQP%2F3TODX1g8SLZtEWkH8sn0T4bHBTP4qcY3AhfTFdoKZ7cOjMEr7pev7cFnpFONOKRiNmPbc5M0xdqBtlqHqbVrZyaFjBIKCsAQ8UJKN2jMQzYhAzCSoEim8lq7Zkmc0ughhEwWzTEEwO9dEIIwixcfeQl7SR%2FUkMHoClrin%2FDEmjbUZyLOAIkqmmBXsiObWmZhQnaaQZETOrAO3Z5NVaNz0kgVPJbbdfXighq%2FNJkzxgQJ0sWztKGpgGiigVhfIEhNpqEyVBpPNn4raSg1DLaX8hWvu%2Bkyhw%2Fan%2FFGFCmwKQCV4D0hxKrWDlAHMIVB7OIxkF2rC6NXadIA5HRaDTRAy8MeGB9gjRFiveDuXKWiWx644dqyJv1yqiUlHZ1Ozr4rft%2Ffvf683dx93N4rUbOi8W17e%2F7vbb%2Fv1mv7v5uHjtfZuhhpDDmpBqbBs%2FD3SgQACdXFaojCo278zvFteb3f7V3WfY2383Nx%2B2f8Lnn3bXm4%2FbT7NXHzfX6s2HL9sb%2FfXNH7v7W%2F3x%2BtXk4cPNzrxF5AMCvLjbfNnffvnd%2FPrLnf7%2F893m1c32P58efOGfm9vrnTL95fEjNprma8pL%2FJkzIgUpe2v8fM8zyaXKgkLsoV1kqo3ZDUPfMVQP6iKnBQGe0V2wGeoltdJTHLq%2BEc5qYFYjL%2FZPmMFppisSRCsD7jgDEzvhod%2BQvEZ2KhXlsLwgD8M781wShqlpOLMKntaFaIdspaujanu1Qy1AOP0H8PCZ6oDiC7SsW0MvhPBk2sXLqoXkgwoGtSjoI1nIX7KXXpC6MDq8dAFy%2BuydPPsnz4F6Ji%2B9EMag2AP76akTJ41c3dMKBj05J53KGj2XD6VV%2FbhhEAaTckJhyWqMOfpf558VIHSDVAMUPcSqhfGDvbFb%2BL7hL5PekJw4zCBtEqXh8b4DWjpkfDPYoYLU6JsV4bmSSRqlh%2FwVJFtZraFUoujQDctOSEgR1olzRua8quXiEVpUHiYZVN9SV09n2mACsjPyHwEy6qYjwr77o%2F3x0qnGktFSfr76uzRFWom9Fym4P3D86EXkp8D0fjhLpQQoIJ2BmkEIRduP4fraa0ZcY3ahes8gbnYlnYSxyW5O6xbTBUhhaaWyJIk805SLfuyp46AgoUBlTXBKgDS3jwauk6Rn6ESNchlKz1aRCkpKzsoVfILjVbQQehYnQMJnFos812TjwNHnWIb2c4JN4h%2FY0pRTqWkOC0hJZKtEd5wwdKaBGefctgMQLpaghYgEJVCc8NkYeEAbQz9jpdTxolSfRytE3CGn0K5hhFiu1SOzzx5O7BoBob6sWAksOVaKuZotsS3MfPTOj8DOSed7AeHrjPnA6RUkHdXTon1%2B8RxHk71R26xRS2J%2FI5UpWvB4uwQ1DF4DEoDN0dI6cAJqaG56jfA9TFZqKkIuwpsNHNTsOL4XHiejw2U3wOFAZCUfsA3CZE4eStgpwYgEejrJPAAIfZN56IwRZLyGQKbI22yocUAYnXJwkx0YL05sqryAJsPPja3QKd1zlYv4h2sjpU1YxcRhm1Z83wkTcweB2iZvkVDsFi7wmLZYtUOV66tO5XXt%2F3GmV9PYdJ%2FAX6xsjjOJKOdEstnv5e3dbntzv7nf3d7I9%2Fvd%2B39tft1v5%2Bv7MMtP1zf1%2FnCh2QB0utiDYx1gTxxt4McbonMghvryt2NgLmhFxbkkdJOxWxm1CskH6UZhkD%2Bt0UmADwlJ32TVAJqh5uQMFcH4a%2B4y9eZAJbQX6DLc72FRO0TspMd7JoRZQYfADsuaC1N%2B6o41F0NzJvtiz1SvujhE2QkpvGJ2qvdjKPqjtO66VQuc0w%2FLkpPOqjXANHCD8cqN0MvZl4Fr3Pmdke88dmfUoDLD230Bh8bmCPmm9NY5rnHSUeWRvGjfSNarTnsqsN7f7%2BfZ4bjmwoT06yYzkyK2tJwIopSa3T6NzP3AdNI8zrIK9RkIOZBkg1dFx77xFKjpYU5qDiBZc5IF3wc0XsGcYdVHbU1TRMcaGLWt5%2BwCIJ4Qlqkp%2FqXmGWboLu19qXLrR1z35LR6sJGcdv132mJBdWStGqySshxmHp1lgp3M2B%2FvNh%2BwPcyLNE5Mny0Y0qSc3ir2FUSwR7GVs6LQigsKmTPSzLPrt93%2Bfnt3csM6tsbvBLYzzwFt1BhXLAeVBLpWsKa0uisBf5k%2FoCkBCQ6CdtTkjw8eDyWS7%2FlzFuN1d%2Fibfj%2BKHmvA%2FMh346nWWw3kijIjqs9JGD85rJ%2BtWrys0AX%2FM4zL0Mhm5jVkQZA489XDOEXG%2F%2FY%2FNR2wFQ%3D%3D&pcode-active-testids=929669%2C0%2C89&pcode-icookie=YagAE9g5h23rhuM%2FbN3H8JR0xZht4q3spbdCxF8ncJUL0CsOd9L3ArARMw5JVe2TuBdQ4UU%2FCSLpDJ8Sd1zX07LbtOM%3D&duid=MTcwNDQ1MTYyMzc2MTI4MzM1Mw%3D%3D&imp-id=2&enable-flat-highlight=1&charset=utf-8&comboblock-unencoded-vast=1&test-tag=401871499952130&ad-session-id=7005921704451623617&target-id=56088254&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fpresaver.com&top-ancestor-undetermined=0&pcode-version=937691&pcodever=937691&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1220%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A800%2C%22top%22%3A284%2C%22sspInfo%22%3A%7B%22deviceSizeSsp%22%3A%7B%7D%7D%2C%22ad_no%22%3A0%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A0%7D&grab-orig-len=1108&grab=eyJncmFiX3ZlcnNpb24iOjJ9ClKqMpEsv-9BDOt0MLIiueMiY8ePePTYNLJJcioncROytZGS_OvW6g_7r4f_awFbioFltYJ9DuQOcsiJEm-r9243BMxAIDMxMaWyGkqVqazFcmVaoyptSpWKFJIvhiwmal3dF_iyl2djHcS2MfuirbMoy11Gt3G62bnoy7VxFmFZ07mIH53nvcXmf8F4dsZyXj50G_cgzjsdcqtukfoizG5Rz_GWucy-Tj-Fu6jrTNcsbHAP46RZOZeGrcY9iMNGnMubq_AiSY38IO8KP6gtqMT5gvz7H17OIqpp4s9JlGXZoMvZcdC5l7xXO98BkmsA73-eaU_gNyGe78ld_Q_jLo05yLvQF9e5rekm7zaYM4JFp5nD7HSgWaf1k3Jy2JupBKBmZ8pvqTeNubOigES-XKhM5ZGoK6Sx6xLnYRwF6jHzmeblRbGaZ07oRFlVx7m2UOoT-H34pHR_5EriQDdJEldE8EU287Mv0WavshY2tYsXVYWMtkI3TZKothD2xOV_ksjk0jlAYizk0iS5zuRKAKlW8BgUtAoeY52DlkbBY1BEozIS0_2sHLlO3Qo6HNfYJQrc5t35lND3QnNnUco4SYZMUywRV7UiqF6f2c03-9wMQySu1Tei0Ymlr5CnrVBPn7neFFRoZk65q6DFta-P9RAnhFs9PyBQGvKwWIZzC3JH9C_Qoi_Hl9LXj9Vgbi9nmTZ_miGcxrIxh3Q5z74RnGMZf4T-l4JFeifbFhwzuxGTZQtsLBvssZzZoULr9ChcS8ChPVeRXCPBmE-KOUj1I1y473MTVtE0xTD6ArvX7EWedIY6W3o539jWvZORLSliftToY0FCTrk711_FvTOMRewL6isUK-GT6M1LF3FsK4Rjg1dbAdEHgjeVYxTn7gyzHLK-IAwIHu723Zs97wwmHcMP4D-nZbACKxvo_gayDrJL6o8Z4wiC5RJXf7H4fFeYP4-tN8lN_w4ryZQ6xexklBCHwg_DCxHXUJ5skLW2m9D3qyV4AV8mibDFM44NCRsF-LkyCgh9idegxKLmkT18msXKriJVQddpB23xYRER_vSZx3VcEVGZBR8A-Q%3D%3D&uniformat=true&callback=Ya%5B4118636696590%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

3966eb647398965cf429ae24e19c45006f4c8606951d14f54a1f5aa59b5fb9a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://presaver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 05 Jan 2024 10:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1704451623654512-5930855574792748976-balancer-l7leveler-kubr-yp-sas-33-BAL-6125
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 05 Jan 2024 10:47:03 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://presaver.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 05 Jan 2024 10:47:03 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/49162435/
Redirect Chain

https://mc.yandex.com/watch/49162435?wmode=7&page-url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-...
https://mc.yandex.com/watch/49162435/1?wmode=7&page-url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Aut...

439 B
475 B

51ms
51ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/49162435/1?wmode=7&page-url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A253743455139%3Ahid%3A867639300%3Az%3A60%3Ai%3A20240105114703%3Aet%3A1704451623%3Ac%3A1%3Arn%3A834135638%3Arqn%3A1%3Au%3A1704451623761283353%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C59%2C2%2C515%2C0%2C%2C212%2C0%2C%2C%2C%2C789%3Aco%3A0%3Acpf%3A1%3Ans%3A1704451622541%3Agi%3AR0ExLjEuMTkxMDg2MzM1LjE3MDQ0NTE2MjM%3D%3Afp%3A675%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704451624%3At%3A220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Requested by

Host: presaver.com
URL: https://presaver.com/1/download

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f573e714cd7082ff8e8bff544c65ba5abac89d9bf1a1ab4305a7ea84548b33e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 05-Jan-2024 10:47:03 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://presaver.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Fri, 05-Jan-2024 10:47:03 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 05-Jan-2024 10:47:03 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/49162435/1?wmode=7&page-url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A253743455139%3Ahid%3A867639300%3Az%3A60%3Ai%3A20240105114703%3Aet%3A1704451623%3Ac%3A1%3Arn%3A834135638%3Arqn%3A1%3Au%3A1704451623761283353%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C59%2C2%2C515%2C0%2C%2C212%2C0%2C%2C%2C%2C789%3Aco%3A0%3Acpf%3A1%3Ans%3A1704451622541%3Agi%3AR0ExLjEuMTkxMDg2MzM1LjE3MDQ0NTE2MjM%3D%3Afp%3A675%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704451624%3At%3A220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://presaver.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 05-Jan-2024 10:47:03 GMT

GET
H2 200 1507304 Show response
mc.yandex.com/watch/ 256 B
348 B 53ms
53ms Fetch
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1507304?wmode=7&page-url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A1140207305254%3Ahid%3A867639300%3Az%3A60%3Ai%3A20240105114703%3Aet%3A1704451624%3Ac%3A1%3Arn%3A135712181%3Au%3A1704451623761283353%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1704451622541%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704451624%3At%3A220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=mc(p-1)clc(0-0-0)aw(1)rcm(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

7de48d281567a0ff3ca56efcffb57a2913ce0563f5b3d30c35024e1e9fb3a9df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 05-Jan-2024 10:47:03 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://presaver.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Fri, 05-Jan-2024 10:47:03 GMT

POST
H2 200 1
mc.yandex.com/watch/1507304/ 43 B
74 B 54ms
52ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1507304/1?page-url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&hittoken=1704451623_09d5b371b2a809db29acef4be77ca905ab919402860fb20818654fc89ffe1ce5&browser-info=pa%3A1%3Aar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A1140207305254%3Ahid%3A867639300%3Az%3A60%3Ai%3A20240105114703%3Aet%3A1704451624%3Ac%3A1%3Arn%3A791601126%3Arqn%3A1%3Au%3A1704451623761283353%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C59%2C2%2C515%2C0%2C%2C212%2C0%2C%2C%2C%2C789%3Aco%3A0%3Acpf%3A1%3Ans%3A1704451622541%3Afp%3A675%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704451624&t=mc(p-2-h-1)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%227005921704451623617%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 05-Jan-2024 10:47:03 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://presaver.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 05-Jan-2024 10:47:03 GMT

GET
H2 200 1507304
mc.yandex.com/watch/ 43 B
0 47ms
45ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1507304?page-url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&hittoken=1704451623_09d5b371b2a809db29acef4be77ca905ab919402860fb20818654fc89ffe1ce5&browser-info=pv%3A1%3Aar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A1140207305254%3Ahid%3A867639300%3Az%3A60%3Ai%3A20240105114703%3Aet%3A1704451624%3Ac%3A1%3Arn%3A322269646%3Arqn%3A2%3Au%3A1704451623761283353%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1704451622541%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704451624%3At%3A220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=mc(p-2-h-1)clc(0-0-0)rqnt(2)aw(1)rcm(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 05-Jan-2024 10:47:03 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://presaver.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 05-Jan-2024 10:47:03 GMT

POST
H2 200 1
mc.yandex.com/watch/49162435/ 43 B
74 B 46ms
45ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/49162435/1?page-url=https%3A%2F%2Fpresaver.com%2F1%2Fdownload&charset=utf-8&uah=chm%0A%3F0&hittoken=1704451623_6812e68f9d34560222d1227dfc73df1e74c085e82975d099c37a2b4052f082b3&browser-info=pa%3A1%3Aar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A1%3Als%3A253743455139%3Ahid%3A867639300%3Az%3A60%3Ai%3A20240105114703%3Aet%3A1704451624%3Ac%3A1%3Arn%3A380265100%3Arqn%3A2%3Au%3A1704451623761283353%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1704451622541%3Agi%3AR0ExLjEuMTkxMDg2MzM1LjE3MDQ0NTE2MjM%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704451624&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(2)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%227005921704451623617%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 10:47:03 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 05-Jan-2024 10:47:03 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://presaver.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 05-Jan-2024 10:47:03 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tx.me
URL: https://tx.me/i/userpic/320/k4qMD_54_iZE6HvrewxYjyHYk4hLFFqAGITUVbFzJIYDQEYL-qrZ4MOhtlrj260V.jpg

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
presaver.com/	1970-01-20 17:27:38	Name: XSRF-TOKEN Value: eyJpdiI6IlRIRXpVdkJkbTl2YzRRMXorWmpjWEE9PSIsInZhbHVlIjoiczUxN0R1Y0NtWGlNcHNTZERJRDVSaXhEejhXNy95N2JtVWJjSWRLSUxQTnZ3Zm5Wb1krdUd1NWxVYnlHc0IyRFZsKzZyMW9NUnA4NTVlVTlZNnZkYkh1Mm50M3BycSs1SkF1eU9MV2E2bmVLWFJValo4emJDM21jNUlQUHVHa0giLCJtYWMiOiIyYmVlOGZiNmQ1MDA0MmY5MjA3Y2VjM2VkY2YzZmFkZDJmZWQyODFkMTBhYTFjY2IzMTUxMGJhN2QwODk5OTRjIn0%3D
presaver.com/	1970-01-20 17:27:38	Name: presaver_session Value: eyJpdiI6IkVPMy9SamE0Z3pIYW4yblBBUUpQNXc9PSIsInZhbHVlIjoiSW5UMHJ5RjZNNFNVd29wcDRRRmhCOGNTWnVSWmJFWkgzaTZKcU5ldjJjc0hud0w5MVZBbkZSWXdCMUY1K2VSZVJ0MWhVMUplZmoraEFWQmpLYUhTbW1PeWV2VnI4NkRiRXBOQTQ1TWtDL2JrMHQ2RUZwN2FoaFpLbDZ6Vk0vaVIiLCJtYWMiOiJiMjNjNWFjMWZhZDA0ZTQyMjExMWY5MzE1MjRmMzA4MjhmZjU4M2ZlNmZlM2JjNGFkY2FjMzhkY2ZlYWFkYjM4In0%3D
.yadro.ru/	1970-01-21 02:12:18	Name: FTID Value: 1bbzud1QCP8i1bbzud001BO9
.presaver.com/	1970-01-21 03:03:31	Name: tz Value: -60
.yandex.ru/	1970-01-21 02:13:07	Name: yashr Value: 452156441704451623
.yadro.ru/	1970-01-21 02:12:18	Name: VID Value: 2wZXtz3Zlzei1bbzud001IMw
.presaver.com/	1970-01-20 17:28:58	Name: _gid Value: GA1.2.629528222.1704451623
.presaver.com/	1970-01-20 17:27:31	Name: _gat_gtag_UA_139618482_1 Value: 1
comments.app/	1970-01-21 02:19:26	Name: bcom_on Value: 1
.presaver.com/	1970-01-21 03:03:31	Name: _ga_PMVYTSSYQP Value: GS1.1.1704451623.1.0.1704451623.0.0.0
.presaver.com/	1970-01-21 03:03:31	Name: _ga Value: GA1.1.191086335.1704451623
tx.me/	1970-01-20 17:28:58	Name: stel_ssid Value: b75ffcb5a4f6985a64_320023125011978154
.presaver.com/	1970-01-21 02:13:07	Name: _ym_uid Value: 1704451623761283353
.presaver.com/	1970-01-21 02:13:07	Name: _ym_d Value: 1704451623
.mc.yandex.com/	1970-01-20 17:27:32	Name: sync_cookie_csrf Value: 2861904154fake
.yandex.com/	1970-01-21 03:03:31	Name: i Value: 3iwoLBFQX2GvzJSWdao4u2oOA71pcZTlqP7HiHfXqmRVs4jANbcHEt503bWNzuXCQxCFUi3ajcDdITDAp2JgSuzb95M=
.yandex.com/	1970-01-21 02:13:07	Name: yandexuid Value: 8488356421704451623
.mc.yandex.ru/	1970-01-20 17:27:32	Name: sync_cookie_csrf Value: 1982706034fake
.presaver.com/	1970-01-20 17:28:43	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 17:28:58	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 03:03:31	Name: yandexuid Value: 8488356421704451623
.yandex.ru/	1970-01-21 03:03:31	Name: yuidss Value: 8488356421704451623
.yandex.ru/	1970-01-21 03:03:31	Name: i Value: 3iwoLBFQX2GvzJSWdao4u2oOA71pcZTlqP7HiHfXqmRVs4jANbcHEt503bWNzuXCQxCFUi3ajcDdITDAp2JgSuzb95M=
.yandex.ru/	1970-01-21 03:03:31	Name: yp Value: 1704538023.yu.5216467231704451623
.yandex.ru/	1970-01-21 02:13:07	Name: ymex Value: 1707043623.oyu.5216467231704451623
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 308635381704451623
.yandex.com/	1970-01-21 02:13:07	Name: yuidss Value: 8488356421704451623
.yandex.com/	1970-01-21 02:13:07	Name: ymex Value: 1735987623.yrts.1704451623
.yandex.com/	1970-01-21 02:13:07	Name: bh Value: KgI/MA==
.presaver.com/	1970-01-20 17:27:33	Name: _ym_visorc Value: b

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tx.me/i/userpic/320/-cLZrujLWYt7T-pfLnFD-whO7O5yobvicdP06MOnqHfeSZmCTTo5LMu0fCwSWXH4.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn4.telesco.pe
comments.app
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
oauth.tg.dev
presaver.com
region1.google-analytics.com
tg.dev
tx.me
www.google-analytics.com
www.googletagmanager.com
yandex.ru
yastatic.net
tx.me
149.154.164.13
149.154.164.24
149.154.167.99
2001:4860:4802:32::36
2606:4700:3031::6815:4b87
2606:4700:3034::ac43:b14b
2a00:1450:4001:806::2003
2a00:1450:4001:808::2008
2a00:1450:4001:813::200a
2a00:1450:4001:828::200e
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8:a::a
88.212.201.198
95.161.64.99
01ab56a285927f1b97b41819fb940131e528ca36d7f7d7f3e51464af1d5e6bbd
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
04681fed57fbd018ad9836275279337c96b8cf102dea6809d9d3a62150d9363a
0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd
1afe0f404b5168a1d44e037eca1d315953d35008ab81e1ceef9652de930b0ff5
1d490f8ba764274bfd0c05c9f08a47fad09e3acdc610277ae758b2110c2fc487
21e75944d3f77408d1f5f2fab67c89c7fc43f4a80a3b8e4dcf38185f9d9f46e6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
37f1e1ddc606edbc65252667c8328137f6368e4cf3cbd3ceadf6c363497f0fe5
3966eb647398965cf429ae24e19c45006f4c8606951d14f54a1f5aa59b5fb9a7
3e70e149a35f394bb78ef7842de11a06359fed7828f30331594a28d196c54012
41aeecf645767e00367f3ce2ed361a63639e87f89e44ab0e85abab0f00efafb3
41b5c3b25f4258190937deb900fa57a6db6d450ce7dd2af2259af760119a1c41
42d42f23d7276824168808093be0f20e3e53673718c79349cc22da88f58d3e23
460da5fa7484bbd9e429f9d2e266cb50f977536770bf9a070acf6e68d29a2445
482f450b7fdbac6f9304643f3e731df20bf66c51fb0599fa9a734e5d102a9e2a
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b5b6080db68a21fa919cc97d4451da4010fdb0ffacf2f265151b2f0d940d45c
5ddea45f7eb06a894584093adf3edfed13711ab62db3016f2461d7cbfebce0f1
6342d16a93416b5e826f6d0e0e930ef033efb682851ae46270f3c4f5b4a1c194
6b2e49819d301475757a2b627c46e5453856c05073d77f6467e58b4780a666a8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
76216b6c25b768e5bee4b758dacfef993b3e87cc2d7fd9bf192bd685d1ae9bfb
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7de48d281567a0ff3ca56efcffb57a2913ce0563f5b3d30c35024e1e9fb3a9df
7fc0b8b8f89f4fc12be0dd43fcc8e4907bf83b2b906828d96becd23a5407bbde
84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974
865e11124af5c3ef37d096e3e7bcd203b405cfe8ccb50a96e853c632f35f073c
9aff1e9197e4b9d23668b36be6c8e6d2bc239190eeb664fc1d9d18a50f492b94
9db6a684c4b8c87ced6ca91ed34a348464a41df4d3f74c007cae6d87e68a1e88
a60df03b91b9476787761e0a2740e3506dcc439e9d09ce04042bcab8b57ccce6
a7a8f09b4ad9bb870ee934c2e6099f94e8bfbdf6ebd9dbd88150e41f388bcd13
a9b10312da937d73c94385843e514ddd20fed44653409aaba337fc786d2c7b0b
aa441bf5f2ac8c608371513bad73ea45ad6dc8b7c50e3c6841af81147d0b96ce
b28d8e93ecf9067ff746e514c79ad5adc53cc00965630bfe0b118cf80f7bf065
b5e930df6a2976d5df996e18b347e091756699ea32716dc53d0e1c0fd814c526
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
c3c96cceafde14a4669c2114ee0d10bce6ec0163064151a98824a2575d97eaf7
c5b3962e5a380efa6862c45565d1c46539611fd16db8190420b3cff9f0a8eca8
c5c850074a6028d74f3e9165024b599bef1d198d41cd69332583bfdedb65d2e7
c5e57602d71b6ae75248a554d8f5e7d43f2a750574d4b006c1659804e67e51b1
d61214fdf1c1eee41b83cb56d52b82db20a47bfeab5248bb6fda7a4f0744eedf
ddd0d91489d750daa77e69eff926a5de2d39a04039843acb4b28f7eed5d349dc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e450af4a7c4974ea3ff324b629876380e0ca9605333a57152a953310c4a4661a
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376
ed467d3e4e5615633d9c4be5da4e17e6ad13a8e053ec56212356a783f7c73d3a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3
f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c
f573e714cd7082ff8e8bff544c65ba5abac89d9bf1a1ab4305a7ea84548b33e2
fd2fd30c709fd379d25c6c4763842600c4133879956a8f6cca047747a4975133

presaver.com Open in urlscan Pro 2606:4700:3031::6815:4b87 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

88 %HTTPS

67 %IPv6

13 Domains

16 Subdomains

15 IPs

5 Countries

1036 kBTransfer

3230 kBSize

30 Cookies

1 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

presaver.com Open in urlscan Pro
2606:4700:3031::6815:4b87 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

88 %
HTTPS

67 %
IPv6

13
Domains

16
Subdomains

15
IPs

5
Countries

1036 kB
Transfer

3230 kB
Size

30
Cookies

58 HTTP transactions
4 data transactions