telegram.download-program.ru Open in urlscan Pro
92.53.96.102 Public Scan

Software

cafe /

Resource Hash

8a5612e6e8842e03afe6e8bf15ccbb6bedb1b27021800ae8d89e63b843f53df5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://telegram.download-program.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 21:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50701
x-xss-protection: 0
server: cafe
etag: 828666021046106133
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 17 Sep 2023 21:49:13 GMT

GET
H2 200 windows.png
telegram.download-program.ru/images/logo/ 2 KB
2 KB 143ms
142ms Image
image/png 92.53.96.102
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram.download-program.ru/images/logo/windows.png
Requested by: Host: telegram.download-program.ru
URL: https://telegram.download-program.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.102 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: bitrix396.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: d5fe0c5053608b29602aa9ed102da071c09b646e345d69302476025ed5777785

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://telegram.download-program.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 21:49:13 GMT
last-modified: Thu, 23 Apr 2020 09:19:03 GMT
server: nginx/1.22.1
etag: "5ea15d87-7c1"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 1985
expires: Wed, 18 Oct 2023 21:49:13 GMT

GET
H2 200 android.png
telegram.download-program.ru/images/logo/ 2 KB
2 KB 144ms
142ms Image
image/png 92.53.96.102
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram.download-program.ru/images/logo/android.png
Requested by: Host: telegram.download-program.ru
URL: https://telegram.download-program.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.102 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: bitrix396.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: ac9cc8723c0d596c0b65abf1db99b456263de4d031fd37d7345a40d7b48938f9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://telegram.download-program.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 21:49:13 GMT
last-modified: Thu, 23 Apr 2020 10:12:13 GMT
server: nginx/1.22.1
etag: "5ea169fd-827"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 2087
expires: Wed, 18 Oct 2023 21:49:13 GMT

GET
H2 200 ios.png
telegram.download-program.ru/images/logo/ 2 KB
2 KB 144ms
143ms Image
image/png 92.53.96.102
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram.download-program.ru/images/logo/ios.png
Requested by: Host: telegram.download-program.ru
URL: https://telegram.download-program.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.102 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: bitrix396.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 27ecf8cc14c06451efb1d7136a5b63f5fd97604f0d719824f7eb9bcfc693cd7c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://telegram.download-program.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 21:49:13 GMT
last-modified: Thu, 23 Apr 2020 10:02:26 GMT
server: nginx/1.22.1
etag: "5ea167b2-6b8"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 1720
expires: Wed, 18 Oct 2023 21:49:13 GMT

GET
H2 200 telegram-web.png
telegram.download-program.ru/images/logo/ 2 KB
3 KB 145ms
144ms Image
image/png 92.53.96.102
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram.download-program.ru/images/logo/telegram-web.png
Requested by: Host: telegram.download-program.ru
URL: https://telegram.download-program.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.102 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: bitrix396.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 0e1235e8cf4ce4413d9ff996b8bc1bec2e973c2819130a5df8e1f15de8039838

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://telegram.download-program.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 21:49:13 GMT
last-modified: Thu, 23 Apr 2020 13:31:05 GMT
server: nginx/1.22.1
etag: "5ea19899-9dc"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 2524
expires: Wed, 18 Oct 2023 21:49:13 GMT

GET
H2 200 fontawesome-webfont.woff2
telegram.download-program.ru/templates/shaper_helix3/fonts/ 75 KB
76 KB 144ms
144ms Font
application/font-woff2 92.53.96.102
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram.download-program.ru/templates/shaper_helix3/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: telegram.download-program.ru
URL: https://telegram.download-program.ru/templates/shaper_helix3/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.102 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: bitrix396.timeweb.ru
Software: nginx/1.22.1 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://telegram.download-program.ru/templates/shaper_helix3/css/font-awesome.min.css
Origin: https://telegram.download-program.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 21:49:13 GMT
last-modified: Sat, 18 Apr 2020 13:54:04 GMT
server: nginx/1.22.1
etag: "5e9b067c-12d68"
content-type: application/font-woff2
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 77160
expires: Wed, 18 Oct 2023 21:49:13 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/ 380 KB
129 KB 70ms
69ms Script
text/javascript 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b56f772d08578e4c9907928c54bf6257e6880178d41e86c1dedef98e131e020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://telegram.download-program.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 21:49:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131882
x-xss-protection: 0
server: cafe
etag: 1187359307177347780
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Sep 2023 21:49:14 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/ Frame 1CB7 10 KB
5 KB 110ms
36ms Document
text/html 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegram.download-program.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 54761
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 06:36:33 GMT
etag: 8554266389219770021
expires: Sun, 01 Oct 2023 06:36:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 405 B
611 B 117ms
45ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=telegram.download-program.ru&callback=_gfp_s_&client=ca-pub-3293964784929409

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

33d5c41b0cb6890b0e6bedd262c48a2b332587a36a064ddfdb897ab3f4b21f30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://telegram.download-program.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 21:49:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 787E 112 KB
39 KB 1095ms
1093ms Document
text/html 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293964784929409&output=html&h=280&slotname=1827215977&adk=2267332105&adf=42292255&pi=t.ma~as.1827215977&w=848&fwrn=4&fwrnh=100&lmt=1695012553&rafmt=1&format=848x280&url=https%3A%2F%2Ftelegram.download-program.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694987354054&bpp=4&bdt=699&idt=127&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&correlator=1655936149869&frm=20&pv=2&ga_vid=1281942777.1694987354&ga_sid=1694987354&ga_hid=171294387&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=139&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076994%2C21065725&oid=2&pvsid=4297289482231934&tmod=1485834115&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=plgX2GGKOZ&p=https%3A//telegram.download-program.ru&dtd=162

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65baa63519321d9254a1bcd882738e3b8d019777993f16a6d5c9bf47e2b9fbc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegram.download-program.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39514
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 21:49:15 GMT
expires: Sun, 17 Sep 2023 21:49:15 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 72C4 89 KB
35 KB 1637ms
1636ms Document
text/html 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293964784929409&output=html&h=280&slotname=1827215977&adk=2986787109&adf=1525614617&pi=t.ma~as.1827215977&w=848&fwrn=4&fwrnh=100&lmt=1695012553&rafmt=1&format=848x280&url=https%3A%2F%2Ftelegram.download-program.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694987354058&bpp=1&bdt=703&idt=178&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=848x280&correlator=1655936149869&frm=20&pv=1&ga_vid=1281942777.1694987354&ga_sid=1694987354&ga_hid=171294387&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076994%2C21065725&oid=2&pvsid=4297289482231934&tmod=1485834115&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oQ21JgyGQi&p=https%3A//telegram.download-program.ru&dtd=184

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9422b1c9b76edcd56c57ae0f97af28ed7848f3833cfd34873534232d72b2f08d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegram.download-program.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35616
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 21:49:15 GMT
expires: Sun, 17 Sep 2023 21:49:15 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 12C1 0
180 B 56ms
55ms Document
text/html 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293964784929409&output=html&adk=1812271804&adf=3025194257&lmt=1695012553&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Ftelegram.download-program.ru%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694987354074&bpp=1&bdt=718&idt=188&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=848x280%2C848x280&nras=1&correlator=1655936149869&frm=20&pv=1&ga_vid=1281942777.1694987354&ga_sid=1694987354&ga_hid=171294387&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076994%2C21065725&oid=2&pvsid=4297289482231934&tmod=1485834115&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=198

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegram.download-program.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 21:49:14 GMT
expires: Sun, 17 Sep 2023 21:49:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 2ab36c0d951b69d9c04f85f5eb613648.js Show response
www.gstatic.com/mysidia/ Frame 787E 9 KB
4 KB 109ms
35ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2ab36c0d951b69d9c04f85f5eb613648.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293964784929409&output=html&h=280&slotname=1827215977&adk=2267332105&adf=42292255&pi=t.ma~as.1827215977&w=848&fwrn=4&fwrnh=100&lmt=1695012553&rafmt=1&format=848x280&url=https%3A%2F%2Ftelegram.download-program.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694987354054&bpp=4&bdt=699&idt=127&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&correlator=1655936149869&frm=20&pv=2&ga_vid=1281942777.1694987354&ga_sid=1694987354&ga_hid=171294387&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=139&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076994%2C21065725&oid=2&pvsid=4297289482231934&tmod=1485834115&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=plgX2GGKOZ&p=https%3A//telegram.download-program.ru&dtd=162

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 05:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3933
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 05:27:20 GMT

GET
H2 200 d25b659b0dd7add20d23ec95887fd393.js Show response
www.gstatic.com/mysidia/ Frame 787E 11 KB
5 KB 110ms
37ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d25b659b0dd7add20d23ec95887fd393.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

6bd90a11f15a6e28af278037393b9041e3d8489a317f18baf60ac3c9b21c5fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 05:51:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4877
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 19:29:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 05:51:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 787E 14 KB
2 KB 122ms
48ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 17 Sep 2023 21:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/ro
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 17 Sep 2023 19:51:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Sep 2023 21:49:15 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 787E 2 KB
974 B 40ms
35ms Script
text/javascript 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 08:36:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Oct 2023 08:36:59 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 787E 23 KB
9 KB 41ms
36ms Script
text/javascript 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 13:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Oct 2023 13:06:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 787E 3 KB
1 KB 44ms
40ms Script
text/javascript 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 01:42:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Oct 2023 01:42:39 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 787E 20 KB
8 KB 108ms
36ms Script
text/javascript 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 13:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Oct 2023 13:09:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 787E 182 KB
57 KB 113ms
38ms Script
text/javascript 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 21:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Sep 2023 21:49:15 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 787E 36 KB
15 KB 41ms
37ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 05:44:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 17:48:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 05:44:37 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5BF7 143 B
166 B 38ms
36ms Document
text/html 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293964784929409&output=html&h=280&slotname=1827215977&adk=2267332105&adf=42292255&pi=t.ma~as.1827215977&w=848&fwrn=4&fwrnh=100&lmt=1695012553&rafmt=1&format=848x280&url=https%3A%2F%2Ftelegram.download-program.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694987354054&bpp=4&bdt=699&idt=127&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&correlator=1655936149869&frm=20&pv=2&ga_vid=1281942777.1694987354&ga_sid=1694987354&ga_hid=171294387&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=139&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076994%2C21065725&oid=2&pvsid=4297289482231934&tmod=1485834115&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=plgX2GGKOZ&p=https%3A//telegram.download-program.ru&dtd=162
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1219
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 21:28:56 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 787E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c40ba53ce3d45dbc64b7ae5a265ea21cee40dfbc59f444f5eabc3acc0ae9a5de

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 787E 33 KB
34 KB 111ms
37ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:06:19 GMT
x-content-type-options: nosniff
age: 272576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:06:19 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5BF7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

44ms
43ms

Document
text/html

172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 21:49:15 GMT
expires: Sun, 17 Sep 2023 21:49:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 21:49:15 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 787E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C0XjEWnQHZc3gEKn2xtYPvJKn6AqQytKdcfG_y_jiEfrPv9CUDhABIJitvSNg_aCZgegDoAHVl-fIKcgBAagDAcgDy4SAgASqBOcBT9ASdmURToh51Hz2JOG3RZWjJuy7Lgeut-aTMCWkLOK...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x939c32d1644fbc060000000000000000%22,%222%22:%220x94ea9bc05f7c64040000000000000000%22,%223%22:%220x5ce8a9...

0
0

120ms
47ms

Fetch
text/css

142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x939c32d1644fbc060000000000000000%22,%222%22:%220x94ea9bc05f7c64040000000000000000%22,%223%22:%220x5ce8a97f8d2b405e0000000000000000%22,%224%22:%220xb72c752521d64cff0000000000000000%22,%225%22:%220xc73a2750fd7f68c50000000000000000%22},%22debug_key%22:%227038842449998224301%22,%22debug_reporting%22:true,%22destination%22:%22https://offer-starller.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%2211158539221%22],%224%22:[%2209-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210401316655990534065%22}&andc=true

Requested by

Host: telegram.download-program.ru
URL: https://telegram.download-program.ru/

Protocol

Server

142.251.163.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 21:49:16 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x939c32d1644fbc060000000000000000","2":"0x94ea9bc05f7c64040000000000000000","3":"0x5ce8a97f8d2b405e0000000000000000","4":"0xb72c752521d64cff0000000000000000","5":"0xc73a2750fd7f68c50000000000000000"},"debug_key":"7038842449998224301","debug_reporting":true,"destination":"https://offer-starller.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["11158539221"],"4":["09-17"],"6":["true"]},"priority":"500","source_event_id":"10401316655990534065"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 17 Sep 2023 21:49:16 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 17 Sep 2023 21:49:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x939c32d1644fbc060000000000000000","2":"0x94ea9bc05f7c64040000000000000000","3":"0x5ce8a97f8d2b405e0000000000000000","4":"0xb72c752521d64cff0000000000000000","5":"0xc73a2750fd7f68c50000000000000000"},"debug_key":"7038842449998224301","debug_reporting":true,"destination":"https://offer-starller.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["11158539221"],"4":["09-17"],"6":["true"]},"priority":"500","source_event_id":"10401316655990534065"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 U2NgGuF9el-mJsFXQu4mM6YCW1zF1vGv2XWOCJKEcfc.js Show response
pagead2.googlesyndication.com/bg/ Frame 23A9 37 KB
14 KB 37ms
37ms Script
text/javascript 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U2NgGuF9el-mJsFXQu4mM6YCW1zF1vGv2XWOCJKEcfc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5363601ae17d7a5fa626c15742ee2633a6025b5cc5d6f1afd9758e08928471f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 05:55:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 230036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14685
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Sep 2024 05:55:19 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 118ms
44ms Preflight
text/html 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 17 Sep 2023 21:49:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 11778604948800383788
tpc.googlesyndication.com/simgad/ Frame 72C4 13 KB
13 KB 37ms
36ms Image
image/png 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11778604948800383788?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkAaLVHOOPz_bastxbvDcE70OBe7Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293964784929409&output=html&h=280&slotname=1827215977&adk=2986787109&adf=1525614617&pi=t.ma~as.1827215977&w=848&fwrn=4&fwrnh=100&lmt=1695012553&rafmt=1&format=848x280&url=https%3A%2F%2Ftelegram.download-program.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694987354058&bpp=1&bdt=703&idt=178&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=848x280&correlator=1655936149869&frm=20&pv=1&ga_vid=1281942777.1694987354&ga_sid=1694987354&ga_hid=171294387&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076994%2C21065725&oid=2&pvsid=4297289482231934&tmod=1485834115&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oQ21JgyGQi&p=https%3A//telegram.download-program.ru&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2ec1c907004fb1a0d9ade9e9f5d3b19efb55a0319dbaadaea734d86cb5e4c66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 16:41:05 GMT
x-content-type-options: nosniff
age: 277690
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13781
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 13:09:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 13 Sep 2024 16:41:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 72C4 23 KB
9 KB 39ms
39ms Script
text/javascript 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293964784929409&output=html&h=280&slotname=1827215977&adk=2986787109&adf=1525614617&pi=t.ma~as.1827215977&w=848&fwrn=4&fwrnh=100&lmt=1695012553&rafmt=1&format=848x280&url=https%3A%2F%2Ftelegram.download-program.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694987354058&bpp=1&bdt=703&idt=178&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=848x280&correlator=1655936149869&frm=20&pv=1&ga_vid=1281942777.1694987354&ga_sid=1694987354&ga_hid=171294387&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076994%2C21065725&oid=2&pvsid=4297289482231934&tmod=1485834115&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oQ21JgyGQi&p=https%3A//telegram.download-program.ru&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 13:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Oct 2023 13:06:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 72C4 3 KB
1 KB 48ms
47ms Script
text/javascript 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293964784929409&output=html&h=280&slotname=1827215977&adk=2986787109&adf=1525614617&pi=t.ma~as.1827215977&w=848&fwrn=4&fwrnh=100&lmt=1695012553&rafmt=1&format=848x280&url=https%3A%2F%2Ftelegram.download-program.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694987354058&bpp=1&bdt=703&idt=178&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=848x280&correlator=1655936149869&frm=20&pv=1&ga_vid=1281942777.1694987354&ga_sid=1694987354&ga_hid=171294387&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076994%2C21065725&oid=2&pvsid=4297289482231934&tmod=1485834115&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oQ21JgyGQi&p=https%3A//telegram.download-program.ru&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 01:42:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Oct 2023 01:42:39 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 72C4 20 KB
8 KB 38ms
37ms Script
text/javascript 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293964784929409&output=html&h=280&slotname=1827215977&adk=2986787109&adf=1525614617&pi=t.ma~as.1827215977&w=848&fwrn=4&fwrnh=100&lmt=1695012553&rafmt=1&format=848x280&url=https%3A%2F%2Ftelegram.download-program.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694987354058&bpp=1&bdt=703&idt=178&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=848x280&correlator=1655936149869&frm=20&pv=1&ga_vid=1281942777.1694987354&ga_sid=1694987354&ga_hid=171294387&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076994%2C21065725&oid=2&pvsid=4297289482231934&tmod=1485834115&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oQ21JgyGQi&p=https%3A//telegram.download-program.ru&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 13:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 Oct 2023 13:09:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 72C4 182 KB
57 KB 1304ms
1302ms Script
text/javascript 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293964784929409&output=html&h=280&slotname=1827215977&adk=2986787109&adf=1525614617&pi=t.ma~as.1827215977&w=848&fwrn=4&fwrnh=100&lmt=1695012553&rafmt=1&format=848x280&url=https%3A%2F%2Ftelegram.download-program.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694987354058&bpp=1&bdt=703&idt=178&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=848x280&correlator=1655936149869&frm=20&pv=1&ga_vid=1281942777.1694987354&ga_sid=1694987354&ga_hid=171294387&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076994%2C21065725&oid=2&pvsid=4297289482231934&tmod=1485834115&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oQ21JgyGQi&p=https%3A//telegram.download-program.ru&dtd=184

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 21:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Sep 2023 21:49:17 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 72C4 35 KB
14 KB 49ms
48ms Script
text/javascript 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293964784929409&output=html&h=280&slotname=1827215977&adk=2986787109&adf=1525614617&pi=t.ma~as.1827215977&w=848&fwrn=4&fwrnh=100&lmt=1695012553&rafmt=1&format=848x280&url=https%3A%2F%2Ftelegram.download-program.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694987354058&bpp=1&bdt=703&idt=178&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=848x280&correlator=1655936149869&frm=20&pv=1&ga_vid=1281942777.1694987354&ga_sid=1694987354&ga_hid=171294387&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076994%2C21065725&oid=2&pvsid=4297289482231934&tmod=1485834115&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oQ21JgyGQi&p=https%3A//telegram.download-program.ru&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab3a8d4b08d504ad5847e8bd132c66e7f0c5822da1895f9be7454a990487e05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 22:34:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83656
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
server: cafe
etag: 1865743863185650171
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Sep 2023 22:34:59 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2174 143 B
166 B 35ms
35ms Document
text/html 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293964784929409&output=html&h=280&slotname=1827215977&adk=2986787109&adf=1525614617&pi=t.ma~as.1827215977&w=848&fwrn=4&fwrnh=100&lmt=1695012553&rafmt=1&format=848x280&url=https%3A%2F%2Ftelegram.download-program.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694987354058&bpp=1&bdt=703&idt=178&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=848x280&correlator=1655936149869&frm=20&pv=1&ga_vid=1281942777.1694987354&ga_sid=1694987354&ga_hid=171294387&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076994%2C21065725&oid=2&pvsid=4297289482231934&tmod=1485834115&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oQ21JgyGQi&p=https%3A//telegram.download-program.ru&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293964784929409&output=html&h=280&slotname=1827215977&adk=2986787109&adf=1525614617&pi=t.ma~as.1827215977&w=848&fwrn=4&fwrnh=100&lmt=1695012553&rafmt=1&format=848x280&url=https%3A%2F%2Ftelegram.download-program.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694987354058&bpp=1&bdt=703&idt=178&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=848x280&correlator=1655936149869&frm=20&pv=1&ga_vid=1281942777.1694987354&ga_sid=1694987354&ga_hid=171294387&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076994%2C21065725&oid=2&pvsid=4297289482231934&tmod=1485834115&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oQ21JgyGQi&p=https%3A//telegram.download-program.ru&dtd=184
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1219
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 21:28:56 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 72C4 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c707b5490b7f0641a5741c0a29afe3712c49d9269c17cd68ebf567983ae21d34

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2174
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

46ms
46ms

Document
text/html

172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293964784929409&output=html&h=280&slotname=1827215977&adk=2986787109&adf=1525614617&pi=t.ma~as.1827215977&w=848&fwrn=4&fwrnh=100&lmt=1695012553&rafmt=1&format=848x280&url=https%3A%2F%2Ftelegram.download-program.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694987354058&bpp=1&bdt=703&idt=178&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=848x280&correlator=1655936149869&frm=20&pv=1&ga_vid=1281942777.1694987354&ga_sid=1694987354&ga_hid=171294387&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076994%2C21065725&oid=2&pvsid=4297289482231934&tmod=1485834115&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oQ21JgyGQi&p=https%3A//telegram.download-program.ru&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 21:49:16 GMT
expires: Sun, 17 Sep 2023 21:49:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 21:49:15 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 787E 42 B
64 B 120ms
48ms Fetch
image/gif 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHucW_Xv6QlZ0gprWal2i5-8mv5E7usMGNkwo_uQ7LxR53BBZQ9QYPC7AmqWFGQJzrffkYWTx45iSxtwfW35YFzpIhVEpZ9m81uCBU-Sn7ik41Ut3qTPGFQbaZnn-hhIhA_N9MU2acSQ&sai=AMfl-YSzP89wmG14w8kUsRgizj92weBGKsfwy3sBpV8_9NRpH1NJvJ00ExybDbeEskmON2YCQ4RYz-7YvcIY&sig=Cg0ArKJSzFt6S3HeIj8vEAE&cid=CAQSGwBpAlJW5Ul2BqBLaIgk0HNaBEoNp9Fa4nVtnBgB&id=lidar2&mcvt=1000&p=0,0,280,848&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2267332105&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694987354219&rpt=1537&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Sep 2023 21:49:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 72C4
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C9lgMWnQHZbqkEd7tvPIPms6g0ASr4rGccbuaz_HuEbC4lJhDEAEgmK29I2D9oJmB6AOgAffim7QoyAECqAMByAPJBKoE7QFP0DKA8mGOaK8g2masr7Oig6uNLHBJd1VFHEunQrWYgHv3g_Z...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf28ea060219e20580000000000000000%22,%222%22:%220x13b56e42d746c4f30000000000000000%22,%223%22:%220x9936e0...

0
0

44ms
43ms

Fetch
text/css

142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf28ea060219e20580000000000000000%22,%222%22:%220x13b56e42d746c4f30000000000000000%22,%223%22:%220x9936e0770f0a1fa20000000000000000%22,%224%22:%220xf686381148ea64ab0000000000000000%22,%225%22:%220x61e4c7e3ce0c69030000000000000000%22},%22debug_key%22:%2214047522095857661372%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%2210846925175%22],%224%22:[%2209-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228941237558489022865%22}&andc=true

Protocol

Server

142.251.163.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 21:49:17 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xf28ea060219e20580000000000000000","2":"0x13b56e42d746c4f30000000000000000","3":"0x9936e0770f0a1fa20000000000000000","4":"0xf686381148ea64ab0000000000000000","5":"0x61e4c7e3ce0c69030000000000000000"},"debug_key":"14047522095857661372","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["10846925175"],"4":["09-17"],"6":["true"]},"priority":"500","source_event_id":"8941237558489022865"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 17 Sep 2023 21:49:17 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 17 Sep 2023 21:49:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xf28ea060219e20580000000000000000","2":"0x13b56e42d746c4f30000000000000000","3":"0x9936e0770f0a1fa20000000000000000","4":"0xf686381148ea64ab0000000000000000","5":"0x61e4c7e3ce0c69030000000000000000"},"debug_key":"14047522095857661372","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["10846925175"],"4":["09-17"],"6":["true"]},"priority":"500","source_event_id":"8941237558489022865"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 60ms
60ms XHR
application/json 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230913&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6364b4918fa968b9f8aba8bc1d069c3d97dfe245d0320910ecab75e0513bc370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://telegram.download-program.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 21:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12236
x-xss-protection: 0

GET
H3 200 U2NgGuF9el-mJsFXQu4mM6YCW1zF1vGv2XWOCJKEcfc.js Show response
pagead2.googlesyndication.com/bg/ Frame 1673 37 KB
14 KB 37ms
37ms Script
text/javascript 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U2NgGuF9el-mJsFXQu4mM6YCW1zF1vGv2XWOCJKEcfc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293964784929409&output=html&h=280&slotname=1827215977&adk=2986787109&adf=1525614617&pi=t.ma~as.1827215977&w=848&fwrn=4&fwrnh=100&lmt=1695012553&rafmt=1&format=848x280&url=https%3A%2F%2Ftelegram.download-program.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694987354058&bpp=1&bdt=703&idt=178&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=848x280&correlator=1655936149869&frm=20&pv=1&ga_vid=1281942777.1694987354&ga_sid=1694987354&ga_hid=171294387&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076994%2C21065725&oid=2&pvsid=4297289482231934&tmod=1485834115&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=oQ21JgyGQi&p=https%3A//telegram.download-program.ru&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5363601ae17d7a5fa626c15742ee2633a6025b5cc5d6f1afd9758e08928471f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 05:55:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 230038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14685
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Sep 2024 05:55:19 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 46ms
45ms Preflight
text/html 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 17 Sep 2023 21:49:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 45ms
45ms Script
text/javascript 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://telegram.download-program.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 21:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 17 Sep 2023 21:49:17 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0DA5 13 KB
5 KB 38ms
36ms Document
text/html 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://telegram.download-program.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 326657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 03:05:00 GMT
expires: Fri, 13 Sep 2024 03:05:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DFC2 829 B
561 B 52ms
51ms Document
text/html 142.251.167.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f103.1e100.net

Software

GSE /

Resource Hash

cecc4ab4e3036aa877952d559da74f37067c70678df7929a7465bae9911b387d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q3hMBTlQAk-ZZku_JhCD3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://telegram.download-program.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 539
content-security-policy: script-src 'report-sample' 'nonce-Q3hMBTlQAk-ZZku_JhCD3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 21:49:17 GMT
expires: Sun, 17 Sep 2023 21:49:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DFC2 0
0 45ms
44ms Image
text/html 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230913&jk=4297289482231934&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f157.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 200 D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DA5 37 KB
14 KB 36ms
36ms Script
text/javascript 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 05:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 230506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14739
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Sep 2024 05:47:31 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0DA5 0
10 B 36ms
35ms Image
text/plain 142.251.167.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2WuGLA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ww-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 21:49:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 47ms
46ms Image
text/html 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230913&jk=4297289482231934&bg=!GhmlGVbNAAbP3fMH7907ADQBe5WfOP9HHtluutvi3RdO6p6jazw1bxrUhJwqXYXOOmf4GtUC5yL8ZDNzOey8Le9QvzVGAgAAAGJSAAAACmgBB5kC82RPIyUXavPFhkVjI4dx1gN9ZmwbXJdf_38I4sv0MT6783hswYmaRk07VuQNbTVSCe_mdeI7yR17nc-zoclLfQn1s_8iVBDL4O4UuylWV4A0TJR6csRPFDJVjjGNnQxVjGf3bi3bnIke3ApNJO2OPRRBKGETOKLUvYI5Sa2QvthA2GATiBKv2gGlFW5aJVKTriLHq1isO3Yy_hZYvsMKHlm7KAYiYPg2doLH2C7o7n2xHhAS7dQZoouBPzF0-G3GRAgaDI8n3WVTyS2tBtOiwZRd5ZktmnkuxxoOdPv0J2TnYzOvpqpHboH7_Qcu-LMVy7pvUdBfoW7_ZvFjnGt2fRC2JwIUXz-TgK2MCQmyuxSTz4hLpB4g7HYCEpVC65_k2DgSz3ZJN12_ZiojMD_-uDjWUDbPPSNSGcAfVM948DJUusseF4wuU8xf9qELxKKFiGkMJVgnZOYatEmjHPXSNQOuG5RHkCbNfIMGE2sBkVR5-Y1t3zVSiiLdj0dmF2i9vPRPRoDTJ0ZkexmJtp9DrT4SZVUNEnDK_ODkj61rz5hG2aK7F7fuTvQu_--mhqNie3c8Lkb5xDk8FfuT_zRfZnz_Wl_3VUERgGyzeLuV_fKGNgQ_-ShggUMDWMtvC87eovKmFwDDSRDnNuWxOqpC_iRrN0zAHtnvzgA05s0QuFVrHX913T-BpF36A5LlB_mf8KEGMUyYGPpiTnZgPX0vEoL-wS6nRsNztZapNxaVnqTQfnGRc-sZ3aStCw92laVKrTyeWR9MhumbWuxoPCpA7aHIrpQYYSsoeAYxps3bM_1XQAcVuGSYISXjaGxtiOBCbJWDTLDcYRiQPqKORCbqyfIN3Vs6xj8ikkIZ9qDvzl7Z_8YF56MIn4qzyQYhgKqqFIQefWPYjlAz-INovJ-DTyCAqZfrBb97P6Od56_n7OiVx6zcV-xOoHHaY3zNI1D5EQvWKpeE4vatYf2WbuuEcf4m2fFf71vX9lrlE-RRlkXYRTQ3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f157.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://telegram.download-program.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 72C4 42 B
64 B 46ms
46ms Fetch
image/gif 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYJjoL9z3W5xqP28FHGwdONHnHk7idpkGBpggxw10Y_2VldYjZD8_ItlNJ4PdMxlxJ6piM568B7HKyhutFwKlYhQV92Di917tEmDU6EHXdhpnCpmdmfNgNFpQEQMthPyk13FHxY2OpJg&sai=AMfl-YQKjWGi87M1DynOZElOh2D_WGVoeEVtl5ObaTEOZVE3Fw6WkL9RNcms_x6ED51QUzxvhhA9PeGfo_Dv&sig=Cg0ArKJSzOzogbF2GrZJEAE&cid=CAQSGwBpAlJWaoQ9GWcZYiPf3wr8ZxXKMCVZHqA2CBgB&id=lidar2&mcvt=1000&p=0,0,219,848&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=0.79&if=1&vu=1&app=0&itpl=4&adk=2986787109&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694987354243&rpt=3017&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS