www.afn.by Open in urlscan Pro
62.173.140.157 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.afn.by/
Submission Tags: ooni340
Submission: On October 18 via manual (October 18th 2022, 2:08:21 pm UTC) from PL — Scanned from DE

Summary HTTP 177 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 49 IPs in 10 countries across 57 domains to perform 177 HTTP transactions. The main IP is 62.173.140.157, located in Moscow, Russian Federation and belongs to SPACENET-AS Internet Service Provider, RU. The main domain is www.afn.by.

This is the only time www.afn.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	62.173.140.157 62.173.140.157	34300 (SPACENET-...) (SPACENET-AS Internet Service Provider)
5	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
17	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
6 19	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
6 21	46.4.114.109 46.4.114.109	24940 (HETZNER-AS) (HETZNER-AS)
2 21	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4 11	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
8	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2 3	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
1 1	193.3.184.218 193.3.184.218	50214 (QWARTA) (QWARTA)
2 2	193.232.150.150 193.232.150.150	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
2 2	195.209.108.46 195.209.108.46	52007 (ADRIVER-AS) (ADRIVER-AS)
2	195.209.111.19 195.209.111.19	52007 (ADRIVER-AS) (ADRIVER-AS)
1	2606:4700:303... 2606:4700:3033::ac43:d997	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.88.82.46 23.88.82.46	24940 (HETZNER-AS) (HETZNER-AS)
1	37.18.103.21 37.18.103.21	205675 (HYBRID-AS) (HYBRID-AS)
2	185.15.175.174 185.15.175.174	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	159.69.59.100 159.69.59.100	24940 (HETZNER-AS) (HETZNER-AS)
2 2	88.198.16.238 88.198.16.238	24940 (HETZNER-AS) (HETZNER-AS)
1 1	148.251.129.43 148.251.129.43	24940 (HETZNER-AS) (HETZNER-AS)
4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 1	109.248.237.37 109.248.237.37	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	185.147.80.35 185.147.80.35	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
1 2	78.46.100.125 78.46.100.125	24940 (HETZNER-AS) (HETZNER-AS)
1 1	46.243.142.239 46.243.142.239	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	5.200.43.131 5.200.43.131	48096 (ITGRAD) (ITGRAD)
1 1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1 2	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
2 2	217.66.147.35 217.66.147.35	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	176.9.81.69 176.9.81.69	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
2 3	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
1 1	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
1 2	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	148.251.217.100 148.251.217.100	24940 (HETZNER-AS) (HETZNER-AS)
1	139.45.228.100 139.45.228.100	29470 (RETNNET-AS) (RETNNET-AS)
1 1	23.111.107.44 23.111.107.44	39134 (UNITEDNET) (UNITEDNET)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (GLOBAL_DC) (GLOBAL_DC)
17	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	172.217.19.99 172.217.19.99	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	64.233.166.156 64.233.166.156	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
2 2	2.18.232.236 2.18.232.236	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:d::7	15169 (GOOGLE) (GOOGLE)
4 4	185.15.175.132 185.15.175.132	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
2 3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
177	49

11 62.173.140.157 (Moscow, Russian Federation)

ASN34300 (SPACENET-AS Internet Service Provider, RU)
PTR: afn.today

www.afn.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:6b8::1:119 (Moscow, Russian Federation) 6 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 46.4.114.109 (Germany) 6 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1271137.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.3.184.218 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.150 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp5.senders.ntvplus.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.46 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.111.19 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:d997 (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.82.46 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.82.88.23.clients.your-server.de

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.21 (Netherlands)

ASN205675 (HYBRID-AS, DE)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.174 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.59.100 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.100.59.69.159.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.16.238 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-24.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.129.43 (Falkenstein, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-23.community.moscow

030a70e8-9d8a-45bf-9430-e8fc81a7039d.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.37 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.147.80.35 (Russian Federation) 1 redirects

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: ssp2.bestssp.com

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.100.125 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.243.142.239 (Ukraine) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr07.segmento.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.200.43.131 (Moscow, Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation) 1 redirects

ASN16345 (BEE-AS Russia, RU)

0a0909b04fb34e6321018337023b38d7-sp.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.97.2 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.35 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-35-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.81.69 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.69.81.9.176.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.108.120.76 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.172 (Frankfurt am Main, Germany) 1 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.217.100 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.100.217.251.148.clients.your-server.de

nr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.228.100 (Russian Federation)

ASN29470 (RETNNET-AS, RU)
PTR: serv20.mt.viaprog.eu

mediatoday.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.107.44 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

cs.agency2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.19.99 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s27-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.166.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.236 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-236.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:d::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5edn6k.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.15.175.132 (Russian Federation) 4 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	735 KB
25	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 bid.g.doubleclick.net — Cisco Umbrella Rank: 444	119 KB
21	acint.net 6 redirects www.acint.net — Cisco Umbrella Rank: 29740 acint.net — Cisco Umbrella Rank: 23705	18 KB
14	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 78	2 KB
13	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9943	5 KB
13	yandex.ru 3 redirects yandex.ru — Cisco Umbrella Rank: 1336 mc.yandex.ru — Cisco Umbrella Rank: 3510 an.yandex.ru — Cisco Umbrella Rank: 2202 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 21689	240 KB
11	afn.by www.afn.by	124 KB
10	google.de www.google.de — Cisco Umbrella Rank: 6045 adservice.google.de — Cisco Umbrella Rank: 8724	2 KB
8	yastatic.net yastatic.net — Cisco Umbrella Rank: 6193	205 KB
6	digitaltarget.ru 4 redirects tag.digitaltarget.ru — Cisco Umbrella Rank: 106519 dmg.digitaltarget.ru — Cisco Umbrella Rank: 21490	22 KB
4	gstatic.com csi.gstatic.com fonts.gstatic.com	26 KB
4	adriver.ru 2 redirects ad.adriver.ru — Cisco Umbrella Rank: 18931 ssp.adriver.ru — Cisco Umbrella Rank: 22467	2 KB
4	googleadservices.com 2 redirects partner.googleadservices.com — Cisco Umbrella Rank: 888 www.googleadservices.com — Cisco Umbrella Rank: 131	17 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 933 r2---sn-4g5edn6k.c.2mdn.net — Cisco Umbrella Rank: 366819	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 imasdk.googleapis.com — Cisco Umbrella Rank: 435	129 KB
3	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 15306	1 KB
3	mts.ru 3 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 31743 tech.rtb.mts.ru — Cisco Umbrella Rank: 31436	2 KB
3	upravel.com 3 redirects sync.upravel.com — Cisco Umbrella Rank: 30707 030a70e8-9d8a-45bf-9430-e8fc81a7039d.sync.upravel.com	2 KB
3	mail.ru ad.mail.ru — Cisco Umbrella Rank: 9746 top-fwz1.mail.ru — Cisco Umbrella Rank: 9135	2 KB
3	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2142	2 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439	2 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1445	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	93 KB
2	yandex.by 1 redirects mc.yandex.by — Cisco Umbrella Rank: 162947	364 B
2	bumlam.com 1 redirects sync.bumlam.com — Cisco Umbrella Rank: 2880	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10358	510 B
2	rktch.com 1 redirects ut.rktch.com — Cisco Umbrella Rank: 62817	683 B
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 13136	815 B
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 16047	827 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 671	166 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1521	351 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 987	356 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 729	463 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 2765	109 B
1	agency2.ru 1 redirects cs.agency2.ru — Cisco Umbrella Rank: 91031	753 B
1	mediatoday.ru mediatoday.ru — Cisco Umbrella Rank: 98394	368 B
1	bidderstack.com nr.bidderstack.com — Cisco Umbrella Rank: 28410	351 B
1	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9029	287 B
1	gnezdo.ru fcgi4.gnezdo.ru — Cisco Umbrella Rank: 45687	189 B
1	new-programmatic.com match.new-programmatic.com — Cisco Umbrella Rank: 37203	215 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 3981	206 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 17874	176 B
1	beeline.ru 1 redirects 0a0909b04fb34e6321018337023b38d7-sp.ops.beeline.ru	634 B
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 58586	201 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru — Cisco Umbrella Rank: 164111	411 B
1	bestssp.com 1 redirects ssp.bestssp.com — Cisco Umbrella Rank: 61431	304 B
1	adlmerge.com adlmerge.com — Cisco Umbrella Rank: 110894	115 B
1	adlabs.ru 1 redirects stat.adlabs.ru — Cisco Umbrella Rank: 184380	109 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 16197	70 B
1	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 13752	238 B
1	republer.com sync.republer.com — Cisco Umbrella Rank: 57335	68 B
1	utraff.com a.utraff.com — Cisco Umbrella Rank: 51396	794 B
1	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 29036	633 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
0	advarkads.com Failed s3.advarkads.com Failed
0	gotechnology.io Failed dmp.gotechnology.io Failed
177	57

	Domain	Requested by
19	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com www.afn.by googleads.g.doubleclick.net www.googleadservices.com
17	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com imasdk.googleapis.com www.afn.by
17	www.acint.net	6 redirects www.afn.by www.acint.net
17	pagead2.googlesyndication.com	www.afn.by pagead2.googlesyndication.com yastatic.net googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	mc.yandex.com	3 redirects www.afn.by mc.yandex.ru
11	www.google.com	4 redirects www.afn.by googleads.g.doubleclick.net tpc.googlesyndication.com
11	www.afn.by	www.afn.by
8	yastatic.net	yandex.ru yastatic.net www.afn.by
7	www.google.de	www.afn.by
5	yandex.ru	www.afn.by yandex.ru yastatic.net
4	dmg.digitaltarget.ru	4 redirects
4	cm.g.doubleclick.net	www.acint.net www.afn.by googleads.g.doubleclick.net
4	acint.net	www.acint.net
4	mc.yandex.ru	2 redirects www.afn.by yastatic.net
3	www.googleadservices.com	2 redirects yastatic.net
3	x01.aidata.io	2 redirects www.acint.net
3	an.yandex.ru	1 redirects www.acint.net
3	ads.betweendigital.com	2 redirects www.acint.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	top-fwz1.mail.ru	www.acint.net
2	r2---sn-4g5edn6k.c.2mdn.net	www.afn.by
2	ssum-sec.casalemedia.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	mc.yandex.by	1 redirects www.afn.by
2	sync.bumlam.com	1 redirects www.acint.net
2	sm.rtb.mts.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	ut.rktch.com	1 redirects www.acint.net
2	sync.1dmp.io	1 redirects www.acint.net
2	sync.upravel.com	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	ssp.adriver.ru	www.acint.net
2	ad.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	www.google-analytics.com	www.afn.by www.google-analytics.com
1	gcdn.2mdn.net	1 redirects
1	image6.pubmatic.com	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	ysa-static.passport.yandex.ru	www.afn.by
1	sync.adkernel.com	www.acint.net
1	cs.agency2.ru	1 redirects
1	mediatoday.ru	www.acint.net
1	nr.bidderstack.com	www.acint.net
1	counter.yadro.ru	1 redirects
1	fcgi4.gnezdo.ru	www.acint.net
1	match.new-programmatic.com	www.acint.net
1	s.uuidksinc.net	1 redirects
1	exchange.buzzoola.com	1 redirects
1	tech.rtb.mts.ru	1 redirects
1	0a0909b04fb34e6321018337023b38d7-sp.ops.beeline.ru	1 redirects
1	ads.adlook.me	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	ssp.bestssp.com	1 redirects
1	adlmerge.com	www.acint.net
1	stat.adlabs.ru	1 redirects
1	030a70e8-9d8a-45bf-9430-e8fc81a7039d.sync.upravel.com	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm-eu.hybrid.ai	www.acint.net
1	sync.republer.com	www.acint.net
1	a.utraff.com	www.acint.net
1	ad.mail.ru	www.acint.net
1	ssp-rtb.sape.ru	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
0	s3.advarkads.com Failed	www.acint.net
0	dmp.gotechnology.io Failed	www.acint.net
177	76

This site contains links to these domains. Also see Links.

Domain
t.me
www.facebook.com
twitter.com
afn.by
empresasweb.net

Subject Issuer	Validity	Valid
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-08-19` - `2023-02-16`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-08-31` - `2023-02-28`	6 months	crt.sh
*.acint.net R3	`2022-10-16` - `2023-01-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
sync.republer.com R3	`2022-10-01` - `2022-12-30`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
tag.digitaltarget.ru R3	`2022-08-23` - `2022-11-21`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
ad.ad-blast.ru R3	`2022-10-16` - `2023-01-14`	3 months	crt.sh
fcgi4.gnezdo.ru R3	`2022-09-08` - `2022-12-07`	3 months	crt.sh
*.bidderstack.com Go Daddy Secure Certificate Authority - G2	`2021-11-18` - `2022-12-20`	a year	crt.sh
mediatoday.ru R3	`2022-09-06` - `2022-12-05`	3 months	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G2	`2021-12-30` - `2023-01-31`	a year	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-09-27` - `2022-12-06`	2 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 19 frames:

Primary Page: http://www.afn.by/
Frame ID: 65A3082F96D81DAD5DD544F1B03AB909
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/zrt_lookup.html
Frame ID: 99F459D7C18D4E5D3876CEE9EBC52E81
Requests: 1 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: 8A39F883F204BEE7D6515546BF9FAB92
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&adk=1812271804&adf=3025194257&lmt=1666102095&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.afn.by%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1666102095439&bpp=3&bdt=404&idt=164&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1923558324748&frm=20&pv=2&ga_vid=1668176210.1666102095&ga_sid=1666102096&ga_hid=976730884&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31062930&oid=2&pvsid=3147687186251757&tmod=428145752&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=185
Frame ID: 1B5A9C500177F4B4FF3D7DE4D57EB616
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&h=600&slotname=5761908397&adk=3519307484&adf=1131236467&pi=t.ma~as.5761908397&w=160&lmt=1666102095&format=160x600&url=http%3A%2F%2Fwww.afn.by%2F&wgl=1&dt=1666102095442&bpp=2&bdt=407&idt=185&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1923558324748&frm=20&pv=1&ga_vid=1668176210.1666102095&ga_sid=1666102096&ga_hid=976730884&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1415&ady=483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31062930&oid=2&pvsid=3147687186251757&tmod=428145752&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=sjqX2MVgTw&p=http%3A//www.afn.by&dtd=190
Frame ID: 3DE62F8B52708D50FD5E306811232C54
Requests: 10 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0A0909B04FB34E6321018337023B38D7
Frame ID: 60532A40DC5B1AF016B6C87B458BCCA6
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: D3D7F7E21EDEA283331A31A184DB515F
Requests: 23 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: 89B5E37E95209699C9D11A0B685E1C58
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1
Frame ID: D6A43DB87A17115A5E64EB9F0B7CC5BF
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&adk=1812271804&adf=2373185790&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.afn.by%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1666102096131&bpp=3&bdt=133&idt=97&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&nras=1&correlator=6303097545174&frm=24&ife=3&pv=2&ga_vid=798901942.1666102096&ga_sid=1666102096&ga_hid=1059399564&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3408271068&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=3677991976680815&tmod=1612499907&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=1.ri97a6nsw1xh&fsb=1&dtd=116
Frame ID: 8A84E13862D16CD7079BC42B9AD9E3C3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&h=280&slotname=2697508611&adk=1894667632&adf=3279755400&pi=t.ma~as.2697508611&w=728&fwrn=16&fwrnh=100&rafmt=1&format=728x280&url=http%3A%2F%2Fwww.afn.by%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666102096134&bpp=2&bdt=135&idt=117&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6303097545174&frm=24&ife=3&pv=1&ga_vid=798901942.1666102096&ga_sid=1666102096&ga_hid=1059399564&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3408271068&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=3677991976680815&tmod=1612499907&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=2.auy27uj11jag&fsb=1&dtd=123
Frame ID: B01CAF22A2DB1BE0242981FC7D040F48
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DDF7215D187CD729585E463B856B7816
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
Frame ID: C6183D65A7ECF21468448F33AC530436
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9A194CDA69F1294B376CF97D9A3DD126
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
Frame ID: 654B937D77488174A4C558DC17A0ED38
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 51899DF422BE5EDC519030CA02BBC476
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 274FB8723D632AABE459EA705C746809
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EC22F506BD60BC1C76CA3CC8F68D23D5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 11FCF22BBA932ED52F5ABD9F9382D26B
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AFN.BY - Новости Беларуси Политика экономика финансы энергетика общество

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

177
Requests

72 %
HTTPS

33 %
IPv6

57
Domains

76
Subdomains

49
IPs

10
Countries

1756 kB
Transfer

5024 kB
Size

109
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/afn_by

Search URL Search Domain Scan URL

URL: https://www.facebook.com/afn.by

Search URL Search Domain Scan URL

URL: https://twitter.com/_afnby

Search URL Search Domain Scan URL

URL: http://afn.by/
Title: АФН

Search URL Search Domain Scan URL

URL: https://empresasweb.net/
Title: empresas

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 15

http://www.acint.net/aci.js HTTP 302
https://www.acint.net/aci.js

Request Chain 27

http://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10&tc=1

Request Chain 28

http://www.acint.net/hit/?v=0.4.0&uid=be3b0fcb-6e84-4ea8-99a6-c2a735441432&dp=10&tz=%2B00%3A00&nc=73184296&u=http%3A%2F%2Fwww.afn.by%2F&r=&rs=1600x1200&t=AFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&oE=1&oP=1&dT=2022-10-18T14%3A08%3A15.583&fu=b2247912-40d2-45c5-823d-84266cf469dd HTTP 302
https://www.acint.net/hit/?v=0.4.0&uid=be3b0fcb-6e84-4ea8-99a6-c2a735441432&dp=10&tz=%2B00%3A00&nc=73184296&u=http%3A%2F%2Fwww.afn.by%2F&r=&rs=1600x1200&t=AFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&oE=1&oP=1&dT=2022-10-18T14%3A08%3A15.583&fu=b2247912-40d2-45c5-823d-84266cf469dd

Request Chain 34

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0A0909B04FB34E6321018337023B38D7 HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0A0909B04FB34E6321018337023B38D7&crf=1

Request Chain 35

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=A7B803C14FB34E6366009A9502046568

Request Chain 36

https://px.adhigh.net/p/cm/sape?u=0A0909B04FB34E6321018337023B38D7 HTTP 302
https://px.adhigh.net/p/cm/sape?u=0A0909B04FB34E6321018337023B38D7&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=xeYvfNOCGqU.AikABlGD62xwlg

Request Chain 38

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5131720943 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=AOPFUkfk38JiK6m9y_rqCGA&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0A0909B04FB34E6321018337023B38D7

Request Chain 44

https://sync.upravel.com/sape/sync HTTP 302
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP 302
https://030a70e8-9d8a-45bf-9430-e8fc81a7039d.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP 302
https://www.acint.net/match?dp=71&euid=030a70e8-9d8a-45bf-9430-e8fc81a7039d

Request Chain 46

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0A0909B04FB34E6321018337023B38D7 HTTP 302
https://adlmerge.com/merge_gpsid/?sid=50&id=0A0909B04FB34E6321018337023B38D7

Request Chain 48

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP 302
https://www.acint.net/match?dp=95&euid=MWZEPFCU

Request Chain 49

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B04FB34E6321018337023B38D7 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B04FB34E6321018337023B38D7&cs=1

Request Chain 50

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=m8ncXUBTpIHU

Request Chain 51

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=107&euid=bc1a1b3e-c28d-5223-b857-d53bdb196674

Request Chain 52

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=c34dd262df254a0e92cdf92b6f88f922

Request Chain 53

https://0a0909b04fb34e6321018337023b38d7-sp.ops.beeline.ru/p?ssp=sp&id=0A0909B04FB34E6321018337023B38D7 HTTP 301
https://www.acint.net/match?dp=111&euid=fcf6807d-6308-49b0-ade2-c30b97d226a0

Request Chain 54

https://ut.rktch.com/matchspm?pi=1000005&pui=0A0909B04FB34E6321018337023B38D7 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=2343598334 HTTP 302
https://ut.rktch.com/matchspm?pi=1000006&pui=T3JheJjmzvsl7JI9OI6sNu&noredirect

Request Chain 55

https://sm.rtb.mts.ru/p?ssp=sape&id=0A0909B04FB34E6321018337023B38D7 HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0A0909B04FB34E6321018337023B38D7 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=51f29134-efb7-444c-b7cb-66c97ab8ba82&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FUfKRNO-3REy3y2bJeri6gg%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D0%26sign%3D3590850127 HTTP 302
https://an.yandex.ru/setud/mts_banner/UfKRNO-3REy3y2bJeri6gg?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=3590850127

Request Chain 56

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=550b8865-25ee-48c2-6d65-bbf8de0c2d9e

Request Chain 57

https://s.uuidksinc.net/match/396/?remote_uid=0A0909B04FB34E6321018337023B38D7 HTTP 302
https://www.acint.net/match?dp=127&euid=132yog8r4ve9pePFsLIv

Request Chain 58

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=9zm00j1o6y

Request Chain 61

https://x01.aidata.io/0.gif?pid=9401454&id=0A0909B04FB34E6321018337023B38D7 HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0A0909B04FB34E6321018337023B38D7&bounce=1 HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

Request Chain 63

https://sync.bumlam.com/?src=sap1&uid=0A0909B04FB34E6321018337023B38D7 HTTP 302
https://sync.bumlam.com/?src=sap1&s_data=CAIQARjQ5rqaBmIgMEEwOTA5QjA0RkIzNEU2MzIxMDE4MzM3MDIzQjM4RDeiARBP3usUTu4R7YbgACWQwGR8

Request Chain 64

https://an.yandex.ru/mapuid/sapeis/0A0909B04FB34E6321018337023B38D7 HTTP 302
https://an.yandex.ru/mapuid/sapeis/0A0909B04FB34E6321018337023B38D7?redir-setuniq=1

Request Chain 67

https://cs.agency2.ru/p?ssp=sp&uid=0A0909B04FB34E6321018337023B38D7 HTTP 301
https://www.acint.net/match?dp=186&euid=8714c840-7df6-4149-9668-b58dbafb0b80

Request Chain 69

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9795.HkPhPDl8QSo9ZBz2IArv5RMH6aYj7DkKXPyGb1lZyHE4-fDLQ1A329fWgM1c6D-G.25LxqGOaCUUr7eq1RT-nF1LxhX8%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9795.j3jh6gpnlAYDPxZPNHP50JiY4bVhaZRHcC8D-9ZBs9MmgNlwqSVZXeiqspaU_eSeH1kvKuMSuo6ziHJ4GGbY3A%2C%2C.JmAp3PeM9ptTf6pyLuKjYFnlEOI%2C

Request Chain 70

https://mc.yandex.by/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.by&token=9795.7Uk0Re9H6mnqouRpXssN73c_O3iXKjmMLADjw_1J8WPFWJLryfV6EMXDCcBcbLHp.PxOBSdzuE0UgvGLmNlpmT-ED0Dc%2C HTTP 302
https://mc.yandex.by/sync_cookie_image_decide?token=9795.liT79RHYJUwhgKbHyejjn82DWWi7EajBXw80uwt6_8iq18rFed904Fkx7TuDQiGlV44sfJ2ks-jAIi5A_ryVSg%2C%2C.naU0u3gyElpSAoh23T2I3Xu-xXM%2C

Request Chain 75

https://mc.yandex.com/watch/465488?wmode=7&page-url=http%3A%2F%2Fwww.afn.by%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A2%3Adp%3A0%3Als%3A1286666707716%3Ahid%3A307268206%3Az%3A0%3Ai%3A20221018140815%3Aet%3A1666102096%3Ac%3A1%3Arn%3A279621631%3Au%3A166610209690720602%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Antf%3A1%3Ans%3A1666102094276%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666102096%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&t=gdpr(14)mc(p-1)clc(0-0-0)lt(7600)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/465488/1?wmode=7&page-url=http%3A%2F%2Fwww.afn.by%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A2%3Adp%3A0%3Als%3A1286666707716%3Ahid%3A307268206%3Az%3A0%3Ai%3A20221018140815%3Aet%3A1666102096%3Ac%3A1%3Arn%3A279621631%3Au%3A166610209690720602%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Antf%3A1%3Ans%3A1666102094276%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666102096%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29lt%287600%29aw%281%29rqnl%281%29ti%282%29

Request Chain 76

https://mc.yandex.com/watch/421539?wmode=7&page-url=http%3A%2F%2Fwww.afn.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A1131%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A548206723008%3Ahid%3A307268206%3Az%3A0%3Ai%3A20221018140815%3Aet%3A1666102096%3Ac%3A1%3Arn%3A1004534265%3Arqn%3A1%3Au%3A166610209690720602%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A564%2C93%2C99%2C181%2C0%2C0%2C%2C243%2C0%2C%2C%2C%2C1181%3Acpf%3A1%3Antf%3A1%3Ans%3A1666102094276%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666102096%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/421539/1?wmode=7&page-url=http%3A%2F%2Fwww.afn.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A1131%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A548206723008%3Ahid%3A307268206%3Az%3A0%3Ai%3A20221018140815%3Aet%3A1666102096%3Ac%3A1%3Arn%3A1004534265%3Arqn%3A1%3Au%3A166610209690720602%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A564%2C93%2C99%2C181%2C0%2C0%2C%2C243%2C0%2C%2C%2C%2C1181%3Acpf%3A1%3Antf%3A1%3Ans%3A1666102094276%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666102096%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 108

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 112

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 129

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg84f7AJBAcTJAhl958vtgH2lv7IH9M33x0EAuAxzMjdXlkEAME9SSYx-SWivVa0vVmnMBfT9hDJiSQiD30JVGwf6S_bulRL&google_gid=CAESEM_UAp4HLq3pK9iJIaWgcj0&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg84f7AJBAcTJAhl958vtgH2lv7IH9M33x0EAuAxzMjdXlkEAME9SSYx-SWivVa0vVmnMBfT9hDJiSQiD30JVGwf6S_bulRL&google_gid=CAESEM_UAp4HLq3pK9iJIaWgcj0&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTgxNDA4MTcwMDAxNzYxMTkzMzA1Nw%3D%3D&google_push=AZmPxg84f7AJBAcTJAhl958vtgH2lv7IH9M33x0EAuAxzMjdXlkEAME9SSYx-SWivVa0vVmnMBfT9hDJiSQiD30JVGwf6S_bulRL

Request Chain 133

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEARJjftRpYYKBi8K2uoUuxo&google_cver=1&google_push=AZmPxg9OoOwrxi0Qm34unQ_dglQlo4oA4rfeILyipxTlUj2WzQJK2NLbXlcbC17kubyXxJ9ejmX_LlrE6pn8cfLoguo3VTYW-7n0 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEARJjftRpYYKBi8K2uoUuxo&google_push=AZmPxg9OoOwrxi0Qm34unQ_dglQlo4oA4rfeILyipxTlUj2WzQJK2NLbXlcbC17kubyXxJ9ejmX_LlrE6pn8cfLoguo3VTYW-7n0&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEARJjftRpYYKBi8K2uoUuxo&google_hm=Y06zUZIgDRMhGYtg9ySxgQAABLoAAAIB&google_nid=index&google_push=AZmPxg9OoOwrxi0Qm34unQ_dglQlo4oA4rfeILyipxTlUj2WzQJK2NLbXlcbC17kubyXxJ9ejmX_LlrE6pn8cfLoguo3VTYW-7n0

Request Chain 141

https://gcdn.2mdn.net/videoplayback/id/11bad0466d5a38bd/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697638097/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/7A20B228E1B2EC56C70FCCA563AF4897A7AD1914.3E447F6E3B9CACCE7358C17966DD2D003A4EB5AF/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-4g5edn6k.c.2mdn.net/videoplayback/id/11bad0466d5a38bd/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697638097/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1C980D2690BA4791F44E1EF835562AFF4789F89C.472DCC3214C4926453E893AA45BA134F6DE0B20D/key/cms1/cms_redirect/yes/mh/JX/mip/2001:ac8:20:303::203e/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1666101677/mv/m/mvi/2/pl/49/file/file.mp4

Request Chain 148

https://dmg.digitaltarget.ru/1/1093/i/i?i=889328909110456.939859404484799&a=77&e=0A0909B04FB34E6321018337023B38D7&pref=http%3A%2F%2Fwww.afn.by%2F&c=ss:77.up:0A0909B04FB34E6321018337023B38D7.sync:up.xdua:duep7LVXuovhggHiAnbMpuqN.xps:xpsE9BhpUSlORFERmyYO8uhAR.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1666102097613&i=889328909110456.939859404484799&a=77&e=0A0909B04FB34E6321018337023B38D7&pref=http%3A%2F%2Fwww.afn.by%2F&c=ss:77.up:0A0909B04FB34E6321018337023B38D7.sync:up.xdua:duep7LVXuovhggHiAnbMpuqN.xps:xpsE9BhpUSlORFERmyYO8uhAR.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://top-fwz1.mail.ru/counter?id=3210372;pid=LftcBDvw0AozNYK7iMVX

Request Chain 149

https://dmg.digitaltarget.ru/1/1093/i/i?i=889328909110456.346120172094057&a=77&e=0A0909B04FB34E6321018337023B38D7&pref=http%3A%2F%2Fwww.afn.by%2F&c=ss:77.up:0A0909B04FB34E6321018337023B38D7.sync:up.xdua:duep7LVXuovhggHiAnbMpuqN.xps:xpsE9BhpUSlORFERmyYO8uhAR.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1666102097618&i=889328909110456.346120172094057&a=77&e=0A0909B04FB34E6321018337023B38D7&pref=http%3A%2F%2Fwww.afn.by%2F&c=ss:77.up:0A0909B04FB34E6321018337023B38D7.sync:up.xdua:duep7LVXuovhggHiAnbMpuqN.xps:xpsE9BhpUSlORFERmyYO8uhAR.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://top-fwz1.mail.ru/counter?id=3210372;pid=8QcWrwi.Vrx9Gyi77dOC

Request Chain 160

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=UrNOY_nGGv7ImLAPwZC44AI&random=713495486&sscte=1&crd=CJqqsQI HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=713495486&crd=CJqqsQI&is_vtc=1&random=892902954 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=713495486&crd=CJqqsQI&is_vtc=1&random=892902954&ipr=y

Request Chain 161

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=UrNOY8LIGtGCmLAPn5K6uA4&random=783078845&sscte=1&crd=CJqqsQI HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=783078845&crd=CJqqsQI&is_vtc=1&random=2030534 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=783078845&crd=CJqqsQI&is_vtc=1&random=2030534&ipr=y

Request Chain 176

http://www.acint.net/ping/?v=0.4.0&uid=be3b0fcb-6e84-4ea8-99a6-c2a735441432&dp=10&tz=%2B00%3A00&nc=23210988&dT=2022-10-18T14%3A08%3A18.586 HTTP 302
https://www.acint.net/ping/?v=0.4.0&uid=be3b0fcb-6e84-4ea8-99a6-c2a735441432&dp=10&tz=%2B00%3A00&nc=23210988&dT=2022-10-18T14%3A08%3A18.586

177 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.afn.by/ 42 KB
42 KB 756ms
99ms Document
text/html 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.afn.by/
Protocol: HTTP/1.1
Server: 62.173.140.157 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: d801f8eb0a3f61a59148bccb1e8a3d6bd4b6d1cfc3e4328df6eb4534efa5ae53

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Length: 42930
Content-Type: text/html; charset=utf-8
Date: Tue, 18 Oct 2022 14:08:15 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319

GET
H/1.1 200
OK cocss.css
www.afn.by/styles/ 12 KB
12 KB 176ms
85ms Stylesheet
text/css 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.afn.by/styles/cocss.css?v=2020-09-16T2305
Requested by: Host: www.afn.by
URL: http://www.afn.by/
Protocol: HTTP/1.1
Server: 62.173.140.157 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: 21805f6753661b417e371bc6d07627765a0bdb09ff769049bd4fa36a22cac022

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 14:08:15 GMT
Last-Modified: Tue, 29 Sep 2020 16:21:39 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "7792f69b7c96d61:0"
Content-Length: 12192
Content-Type: text/css

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 392 KB
106 KB 224ms
86ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

43fad28719712a8e7d99c2e54183c1b97a5790e680f1eb2b0d486d47f1e2558f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1666102095207583-3399536879012972403-sas3-0877-80f-sas-l7-balancer-8080-BAL-2234
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 18 Oct 2022 15:08:15 GMT

GET
H/1.1 200
OK WebResource.axd Show response
www.afn.by/ 23 KB
23 KB 179ms
88ms Script
application/x-javascript 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.afn.by/WebResource.axd?d=x6kZHarUxIlCmdP8tralfm9j9vlV5v7RssAAB3w2g1T9BlvwLfiegLOUvTlfrsYWRDzRJEVHlbcw8maAjeTX3DGnW1Pk_CIDzs0KtPkZUFU1&t=637814761746327080
Requested by: Host: www.afn.by
URL: http://www.afn.by/
Protocol: HTTP/1.1
Server: 62.173.140.157 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 14:08:15 GMT
Last-Modified: Sat, 26 Feb 2022 09:42:54 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 23063
Expires: Wed, 18 Oct 2023 07:56:17 GMT

GET
H/1.1 200
OK WebResource.axd Show response
www.afn.by/ 26 KB
27 KB 264ms
88ms Script
application/x-javascript 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.afn.by/WebResource.axd?d=j8vvoyaifjvlN4hVlEnJWHWSDZdBC8U54gvtudvF_ovCrNW5jwpwiBjilFnX2S6vEwCPO1trGoJrcB5e-KZDOBr9RWBMrO0aFyWu_oksMzM1&t=637814761746327080
Requested by: Host: www.afn.by
URL: http://www.afn.by/
Protocol: HTTP/1.1
Server: 62.173.140.157 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 14:08:15 GMT
Last-Modified: Sat, 26 Feb 2022 09:42:54 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 26951
Expires: Wed, 18 Oct 2023 07:56:17 GMT

GET
H/1.1 200
OK logo.gif
www.afn.by/images/ 2 KB
2 KB 91ms
90ms Image
image/gif 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.afn.by/images/logo.gif
Requested by: Host: www.afn.by
URL: http://www.afn.by/
Protocol: HTTP/1.1
Server: 62.173.140.157 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: 3d8799c171813adffb4105be1ee07dfd2e7716ba4a5fdd8b785736285a3bf677

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 14:08:15 GMT
Last-Modified: Sat, 22 Apr 2006 08:31:52 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "0cc8a34e765c61:0"
Content-Length: 2072
Content-Type: image/gif

GET
H/1.1 200
OK telegram-icon.png
www.afn.by/images/ 9 KB
9 KB 172ms
87ms Image
image/png 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.afn.by/images/telegram-icon.png
Requested by: Host: www.afn.by
URL: http://www.afn.by/
Protocol: HTTP/1.1
Server: 62.173.140.157 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: 3b9bfffdd25b235582aed4cf08b709719aa5af611d5ca3f3f4a5cb5a17d9b6ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 14:08:15 GMT
Last-Modified: Mon, 31 Aug 2020 16:19:55 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "ea511590b27fd61:0"
Content-Length: 8970
Content-Type: image/png

GET
H/1.1 200
OK facebook-icon-28x28.png
www.afn.by/images/ 1 KB
2 KB 177ms
89ms Image
image/png 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.afn.by/images/facebook-icon-28x28.png
Requested by: Host: www.afn.by
URL: http://www.afn.by/
Protocol: HTTP/1.1
Server: 62.173.140.157 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: a2108bb3f86caf930d09e8a85ae0eccf3a11a5d51296a620201e8a76a9b030c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 14:08:15 GMT
Last-Modified: Wed, 20 Nov 2019 20:28:42 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "91d37219e19fd51:0"
Content-Length: 1482
Content-Type: image/png

GET
H/1.1 200
OK twitter-icon-28x28.png
www.afn.by/images/ 1 KB
1 KB 178ms
89ms Image
image/png 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.afn.by/images/twitter-icon-28x28.png
Requested by: Host: www.afn.by
URL: http://www.afn.by/
Protocol: HTTP/1.1
Server: 62.173.140.157 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: 75bb660f0c38697ed9be3b33be8e5a24365708ee94922da9dd44875efc3776e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 14:08:15 GMT
Last-Modified: Wed, 20 Nov 2019 20:34:16 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "c7dd92e0e19fd51:0"
Content-Length: 1157
Content-Type: image/png

GET
H/1.1 200
OK feed-icon-28x28.png
www.afn.by/images/ 2 KB
2 KB 97ms
89ms Image
image/png 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.afn.by/images/feed-icon-28x28.png
Requested by: Host: www.afn.by
URL: http://www.afn.by/
Protocol: HTTP/1.1
Server: 62.173.140.157 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: 473feba11f89b4d197a2263ebb6567e53b75a969cff0679ccf50f6634fa3a4f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 14:08:15 GMT
Last-Modified: Thu, 27 Jul 2006 11:33:24 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "01a567870b1c61:0"
Content-Length: 1737
Content-Type: image/png

GET
H/1.1 200
OK mail-icon-28x28.png
www.afn.by/images/ 1 KB
1 KB 165ms
87ms Image
image/png 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.afn.by/images/mail-icon-28x28.png
Requested by: Host: www.afn.by
URL: http://www.afn.by/
Protocol: HTTP/1.1
Server: 62.173.140.157 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: 1ddb0b820dec7b14a548cd751c4a24db01dec9d0716daa5724ee5c65d3c347ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 14:08:15 GMT
Last-Modified: Tue, 27 May 2014 16:44:49 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "18b1c1f9ca79cf1:0"
Content-Length: 1262
Content-Type: image/png

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
54 KB 85ms
43ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5271363197717881

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b44259d063a37622710d79f0cef615cff74d64aad18c0b5fddc58816f808482

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.afn.by/
Origin: http://www.afn.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55050
x-xss-protection: 0
server: cafe
etag: 781670506299929566
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 14:08:15 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

55ms
16ms

Script
text/javascript

2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 13:01:59 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3976
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 18 Oct 2022 15:01:59 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
205 B 24ms
23ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=976730884&t=pageview&_s=1&dl=http%3A%2F%2Fwww.afn.by%2F&ul=en-us&de=UTF-8&dt=AFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=378679543&gjid=1008217121&cid=1668176210.1666102095&tid=UA-261460-1&_gid=1529633617.1666102095&_r=1&_slc=1&z=1687009318

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.afn.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.afn.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
438 B 137ms
39ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-261460-1&cid=1668176210.1666102095&jid=378679543&gjid=1008217121&_gid=1529633617.1666102095&_u=IEBAAEAAAAAAACAAI~&z=799097098

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.afn.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 18 Oct 2022 14:08:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.afn.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 208 KB
72 KB 255ms
128ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5a6f5d09e9a2fe3c649c80d0172bda7faf99040c8f45c175efede441a729ff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 07 Oct 2022 07:30:00 GMT
etag: "633fab48-11dd4"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73172
expires: Tue, 18 Oct 2022 15:08:15 GMT

GET
H2

200

aci.js Show response
www.acint.net/
Redirect Chain

http://www.acint.net/aci.js
https://www.acint.net/aci.js

22 KB
7 KB

87ms
28ms

Script
application/x-javascript

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: www.afn.by
URL: http://www.afn.by/
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:15 GMT
content-encoding: gzip
last-modified: Mon, 29 Nov 2021 13:21:32 GMT
server: openresty
etag: "61a4d3dc-1d25"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7461
expires: Wed, 19 Oct 2022 02:08:15 GMT

Redirect headers

Location: https://www.acint.net/aci.js
Date: Tue, 18 Oct 2022 14:08:15 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H/1.1 200
OK icons.png
www.afn.by/images/ 3 KB
3 KB 90ms
90ms Image
image/png 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.afn.by/images/icons.png
Requested by: Host: www.afn.by
URL: http://www.afn.by/styles/cocss.css?v=2020-09-16T2305
Protocol: HTTP/1.1
Server: 62.173.140.157 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: ebb3597f3a327fe00b7b1b766dd19e454e3f8b34ad5d45505439b42bf1c24d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/styles/cocss.css?v=2020-09-16T2305
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 14:08:15 GMT
Last-Modified: Sat, 02 Aug 2008 10:28:49 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "10b0818d8af4c81:0"
Content-Length: 2939
Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/ 353 KB
116 KB 88ms
54ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5271363197717881&plah=www.afn.by

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5271363197717881

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c4353acad2842a5598cc6f98535700a283a4a361b6bd05d7505b6cb86e2d1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118722
x-xss-protection: 0
server: cafe
etag: 8687600056842980967
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 14:08:15 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/ Frame 99F4 10 KB
5 KB 57ms
15ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5271363197717881

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.afn.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:12:32 GMT
etag: 9671129459699598864
expires: Mon, 31 Oct 2022 19:12:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 80ms
39ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-261460-1&cid=1668176210.1666102095&jid=378679543&_u=IEBAAEAAAAAAACAAI~&z=2050411218

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 100ms
58ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-261460-1&cid=1668176210.1666102095&jid=378679543&_u=IEBAAEAAAAAAACAAI~&z=2050411218

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3521127290410543dbe9.js Show response
yastatic.net/partner-code-bundles/667637/ 13 KB
5 KB 194ms
104ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/667637/3521127290410543dbe9.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

bac87240d43f2059419ce7f7fdc63e99966069af39def1f6bcbc59eed1f69cfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://www.afn.by/
Origin: http://www.afn.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:15 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4579
last-modified: Mon, 17 Oct 2022 16:39:15 GMT
server: nginx/1.17.9
etag: "2608153af020534eac1710bcf8245ae2"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 17 Oct 2052 20:44:13 GMT

GET
H2 200 330eaa49e0016d76ba08.js Show response
yastatic.net/partner-code-bundles/667637/ 87 KB
19 KB 213ms
124ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/667637/330eaa49e0016d76ba08.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4f3fad7a21107bb1c4c1798c447279d168671355c2a5a5b5227479569ee8c989

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://www.afn.by/
Origin: http://www.afn.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:15 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 19251
last-modified: Mon, 17 Oct 2022 16:39:15 GMT
server: nginx/1.17.9
etag: "33dbfd26949e535b794926daedff55e3"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 17 Oct 2052 20:44:13 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 222ms
135ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://www.afn.by/
Origin: http://www.afn.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:15 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 17 Oct 2052 20:41:27 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 162ms
84ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://www.afn.by/
Origin: http://www.afn.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:15 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: ceb864c3c4649e22
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 19:53:14 GMT

GET
H2 200 465488 Show response
yandex.ru/ads/meta/ 5 KB
3 KB 207ms
206ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/465488?target-ref=http%3A%2F%2Fwww.afn.by%2F&charset=utf-8&pcode-test-ids=657518%2C0%2C58%3B667036%2C0%2C16%3B665772%2C0%2C4%3B661997%2C0%2C54%3B661220%2C0%2C1%3B666422%2C0%2C61%3B667637%2C0%2C88%3B663028%2C0%2C91&pcode-flags-map=eJytV11v2zYU%2FSuDn4tOokTJ6hslXdlEJFEjKTtuURBu62UBknRo06JbkP%2B%2BS0n%2BkJrSzTbAD7Kgc3k%2Fzz18mPFFLSSYiisFucmZZqZhklXKFEKaFc9BGF6bTFSpmL168zD7ur35spu9mu2%2B%2FTl7Mbvffb7nH%2FAvTbyQ0tnj2xezFVNGwm8tKG1WFWtMIUVlWK5GeC1bODUQ%2BTGZe52BNc8XoE0u2doUXKKZAj0Cwyu2AJcTEQ0oCTsbULO0hEkA%2BFDwmmvAGLMLtRTarLleilYbhvFr5TZOo3nwbOP%2Fh2VWlqaRIm8zrb4%2F5nmmAU0%2Bs7YnRmxtWW4yCUzzFZgcNGSai9rsGwlyzrBqJZwpN43DyD%2FYhMvG1LA26gIdwnoojSegn%2FzyvB0aJ52dSqBD6FzJUiiNFmYw7A7tALdftwqObuDPkSOHI3Wfmx5csUsDTCrTgMygHleLeCMTUZCQYOQMa7InimVUxSQOCCjMujO8KPSjo0XslvUxQ9YuWkxZXYN0xxYFQRgfzei%2BSUEqrPwIGUXYLPEYG8dJn5e25qVgOcjuaFaNKnP%2F6cvuBBaSeZD0dGDzoFTn6wQzDfcEhFEqAOylVIFcTeLb3W3f3exGyCAiSR8h9hzSYW2WwBdLbWrtPjKkQdL3cSbaWtu%2Bu1xKJ2QezweW2rA6h0sjW5OLinFnLakXkyA6uJhKcYHxoXtmIXnuRPoxnUdPHmhyjqPGUyec%2BF7U%2B%2FsaamKKFukIORq57Swj09APB1bvsHhc1zupkLYPJMt5q375SQsbZv3uHUZOXLONk1ZpGMRDafKiwZWkGlFjL2leAVLMZBA9b4wNvaCPuclEDjh3CK2dXEtDimaG7isEZhlsu%2B%2FPO0dFeGQck%2B%2FhvLAju7Zzhw39byzsHVixsh1VK%2FCeRpdIWLWpLJ%2BvmORsylqjQ6nnDVlG4aDsBkANcUg2SImzXorFqQU6ws%2B9sM9aI7mQXG9MukHCg3UjpDvhURwN424%2FN7XQPAPckNXCCYsJ4jqYUo3JWLYE6%2BFTDO17oxTF1E%2F6rkAGywbUZAQmREbnc0L7tO6bP%2BcSl6bJlJMmaOLH85Ox4wpdxWyiVsmsm8p1aBJQ3x9hu1FVB73TsDzn9cJtJKRDZTpqw3nVmwZM4PYa6Y2e9GAlMyym4ikvsbTu45I4%2BiHSoMbISp5dnDl9b6NqS8373WZw8RQc5S23QRQsc1NWMidxfOLHYKRfwUjvOFFNyTYpyi9LC1qKspwumMka9kgY9D2wkCwl7m9xDr3jt0bx1yN%2FqU881%2FdP0JtPf4DYN8cSurUs4SckhU9J1KOtUpJQ4Kwv7STwzI2bB8MWwaShrK%2FsmEuo93qgkZC691iEi4j4o1FCbSCxr3Hv4hBjPexuUqhOcTPibLv9SfxwmOUjiDWNDWWBo%2BEGEz%2BhI0%2BWXHdhnBjDZF5o4fYiiAkZ6fOsqQYRfRDZyk0UqBqDYUMebGT%2F2cZEceZQMJyoZ94%2BQupF0ShNvXLFy2EL1vi5IlErKPudxF5vTLfOuoV8inqY%2Fb67f%2F9Htf10dX03dPvtx3fXNzv1fntzfXc1e0UeR5KUeoPYO3XH3kHS0k51iRrj9IA3s9vt9c3LT1%2FQt7%2B2dx923%2FD51%2Bvb7dXu8%2BjV1fa2e%2FPh791d%2F%2Fn26%2FX9x%2F7x9uXhz9sfeGOvHR3HIueVqWDSPQ943yX9IuOdKpfa3uGFXYQ4Wd19KMO7o2UqZfkTGxLZakTCT2j92BtkZrZk9QK6G8wghotSWOWef6dl3t%2FfTDzba4m0FJjRXi42TGdLN85PkuNFQy8lXlgmndgrCnvjrFHQcNT55ZkuxGkle13GGjsOXujPTUfgHZ%2F3L902opCQox6c3igwazjKkzzaN49vH%2F8BW4oX6A%3D%3D&pcode-icookie=3K3dT3QbTYBEHdbUsbGpQ8eTIAZ5%2B0aQVQBLHlKWNfCpaxFlqQx%2FdLQM47bL%2FeS7AQUJ3KayOPIyZSpVajGljnUCvUk%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=556902639468546&ad-session-id=1775711666102095516&target-id=3070668&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fwww.afn.by&top-ancestor-undetermined=0&pcode-version=667637&pcodever=667637&flash-ver=0&available-width=1560&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.8%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1560%2C%22h%22%3A0%2C%22width%22%3A1560%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A20%2C%22top%22%3A20%2C%22fontFamily%22%3A%22ys%22%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo0MTF9CiqjppCcqI2BCFDHHyzzv67bSkr7pr5zs29DMzzz45_vG35tJyx7Sn6bJBbDlk6lEm4jhM25ROgIR8wM7_tf1062jvoZ6KMBXKuCqhgjYpW2wskNH0mLaIxVFSsNKo2qAASAA4oRTCBm1hxCDXmhLORxCDkEoTiHsENpKAzlHCIOPodw0ENeBMJQPIhCUSjPHJAWgLyQvwAKElpQFnh-KA_5SzXOwM4PpRyiEHMBSlAuHFgckBf9ELwEgq1zUrNoAchJydE5aFw0UDz0ZbCZawde77AbiBYWaV5EM27PtxTLQwkHJ8RcWHEWqZwDj0OQFxGChYY_Yyy06BlQABxCKDp43xUz5AFKmA_7Nvp7wD1QeWidGRb1Ur605hCET7qrLrW7KAgc_FmFA_-kL5U55C5CjAVIvFTKQ2Fu2ENJHmQYi4y73Z9R5By8w_L2zboLtJSDe2rFHHj528kX6S7LwX4Td6vF7KVuCd1txe-WeCkdbOm94DowTjxrQd42TnP401fp7rNUzWjbOsGQxoHLIeBg5-4pBz_1v9fA2PXh2levLOsMOt3AucMstDbtnvqVfL8ljnuc7_bzF2OnU59fdPoW3h5zcHwAIE7YPKRIazqwaRAryMipaRBrtBTUNAq1glxDDUzUAQ1L701DplFoM6mWTAOWmUKjpFSpiRVqElJzpiQhVWhIFWCZQzghxBDq7CXdPssXGvGrUPCGf2__AuLBfufs0Bd4ou_YbXpNuKY02Q9pshvZ5JzYmDfvuFVWA6vs-A539uVvgzfnlrbj7aDjeZs543Nwtj6edPyXO55zdFr_Et-z06orfVfGH_J3NbEpFbKslpYkcoxmFm8_QNcgBJVERaG0bwmWj4ypCqIQK6EKwvRnFtn1yI3RXNRU7jsByhMzAbdEcF8BGJPIixQn5aJdMQ4hHcWDbHhT3-yBgXCAlr8b4pl7c2IzSNzUYAyJC5mk0BfOSRdGwoSrm3YW-N608zfiHmhrvP6IC9sWygalSYn3ciaZDuANxN3AKQRRptKQa1WIlJlUA6oyE5OQqxVqSmWmQqRUk2qUyqxZXCMhQ5jJSEg1CDMSEpUGIDKVlhR0ZSZRk2ckiDTkWUOqUQEBYVaTKhGptKSUmkysUoOmVagBXDtZmFUa7cKsVGgVmilolg7kVCQUCKlplkIyahoKNWiZklyrVIJl1iqJgaJRAKyagkJDal54Fin4IvAC5wEiQUW5MCDaQEquTqiRqFVKxaLSUocwp8RSatKwaBcCcvXAdETeWOlEBNFXmPYQVSUGiFlm8976cEM_NhO8Opdi9AHODYt_cDUpEhIz9YTkhUV4TBnskLbX7MSukBJKabMeqVFvMN6r6_W0OobqM4tdL_0kg6rSEhNrVGYvusWGxRNWYnItpQYxCTnFEbCw7wUb6BOsZAu8RusmFDHFAoFYR-0KVFu-OnvKKUgobSFgfnvA3Xt2_GeUP-jGotlxJs8GRqMBaTbQ0RqY8mz0WNYwW3dqhiSmDqGFIIYw7E7-I9-e9vX68BcVvHYL0t_6CoWygXTC885ZMQ2zd5jwc_j_rse1CXaup_eEzSIKUgxvOwycFyP6S_H-pZ_0bPvGyn4zxY9Fhy2n4DnL9iWVeRDs5fYFrxiL-PeRg24jp_Dh4MFvHmRj0iARTIA8VqPflVXkI_LRjnl0-Eur_N54sXiwdSfATYW-RAhS92ulGRHmU3BCV8IYUXvhmf9ZEwLfa3bJQ_4Ewu8tncGNNCzExz0YU7_WC7qm4w0-YW2JCbs9jXkYXWD93QF_f-158w2X6G57_DfBPdWvEmu_mRfaYBmEopLNJa_6nf7gHQq4-6HfCozPb4ffh3hy_jj9t_1VsJxJtqsKE3Y0-sE8T752u0480cLO_z2Rp59fG_RmkvsS3NgdbDvClvTOlEPMn8Lgtil__G74p8S2eaa5RZjl64nuMAiHwCnhRVWf8UkvroyOGAIrxxrlJ29tsl3XGV5n4U7rt134BmDb4gQvPyElr2IIXxC7WlKxd0L_NmkD_X_9bXHJi_fZ0ic5nXV4HbKP_9EMTtbus0v8q0zorZRNnnpML2UHdtl1RPTmE6WJK_CK-mUERMi9luYTLB1AjNegdOAvAuSPdz58u1fzt6lvQcH9PvRFvQ03EEB7dolTdk0rX41fi3-keH0whaZ2HW7TboLPax0zJbC4Uy65ldzu-09ocL4rHH5QuZ3AhN7gttkydTy4A_IN9_T1Bv55X11N81ZAHvJyhWdMX45NfOQGlz3Ay1BgnMjZ9tvxdW7Hkto0jnnuJSDPp3jv0dtEespjVl_wJ851YvPHIa27g_4Wyx5rETwood9m7toguMuU5iK94d0YZgroB5C6sQUVgIWQjkv5I_frrajF_SCyB-IbBsIKYW2AFn3jg_qRzwNBTy3chdvlEFu5G_JfNK-DCX6Z-t-MRkmsJU1oFWoyjZn6HzPrGWiZDDQsg8QF7xpL5rlYU_odMm_hVouJ2jHDbssgTSduDz8xd5xkVdpUIqDbDOjsF71OMe1Ni7S1_zWB19jMtHp6tmND-oq8r3bbdtIIo7zwg2Wvwv2Px_ynjg-wU2PsPdxKxcoAEO82iKZKQejk7l-Hksl1tHo6tpNba2EhdOPmqj6roe7ThVpG1L_nE7PMsdxxr02QqHt9h58DO_zj7KPinzrRo99jw_QZsId6kwkFc80bYzcX5Afs6BX9rm7iE_4cQdmrro2dCdXyNcbp6CceSB_RM_1Vo5MGnUDt9OFHfe3OLnu8mU7jZJSOTF-Jy6hjk7htGsonCsOcRHbouqHNcFj_evMCrxDcSe9EITwRsXNj-eMdUfv6GQH5ezDSMjKywfmovwPlqkXvRa33v_FE1mq6G-ftKwA3cX6Sc4FmzaUYQzCFvGNCmM82n0na97C9MnIH17HDf1g-X-Qwpa_87lqJ-vFYhJOx4ruGgRaefRVy8J1b3IaxjiZsTDGnLgPFhhgAcO2K2-RaTDMwL0C0TAyoNLkcI-mZ8m3-VpH7FSrpVdi1nY45h1BSz_sxiNNbTA4DWGlu-kkAFQLXqwGkxxddHV3nhFvqJ_jxJDofXX_ICuPou47YryJzEGHK_z7tBW8l2w_UEnv5_wbPQ3kM6ryyQ7D-KyHcqOIHl8Pb1Whky75VciQbOfCiQ73AHEGyvYrOd8d1fqJPwQgaOnT-0cg2iEriwWgIZprAQiq7w96umQHtrIbbXY9xgRWHa122ll8E-JoM_wZ9nWnYHp2JhclXuv5oijxeistkTwqWuo8ip2nBwffp9r0GBO9nIumLd71RDVWJJqK4b87oaHo6d_HCS9YEL5nG0Qp-oqWvKWolp9RvjQr6Q7d1eWvKrprmAnDwqgt-0xjrv7Cl6r485AcaAl-FybN_fY-pxStFOoEb096qaz7-3CBEObVfT4Hhsq8kjV1lkidLvmJoi_x3LTQNB0ifWJCMlaTN5UXtaMf1-VTzMlKA5B37JvKjm3JJ9sd1CDcl_djqkvZGq41_i60udgvn0kO1LpNBi-FJ-8tE22oC-uQCbqDjwq8FvBqan8gS4PEe2l-L8iQQF_9wdwJhtA5V0p5fX57_YtDUXJ9s7tfhwdFf52UO-QmHumkOqa5NR2VJE_xW25fya9ShlW6da8t6W-NvLd0dKkyt0_ebEGz6fpV6R8qB5unfpr9sG8M9Tl_NBzQTMGh_MTOzPZLQvm3r4-Q9bvufUsN17fGutJGmYiaslyMdIdXoE2GFUJBvbDLRMrE7aVCPPSWArFh1jdmY3rc4saJe6XpF_sWbfvzr_BrhY5_1NiRxJij5FC_yQS87ks2dT4Ncc8bAwHZSWyk6eq6wKpyMwK8Vb8O1F_4tkz24CNw67-8QyIEWKD3S-_6tqY-8ELh_5XEH9uIgxBA2cm0VNrZxKyvahw7OB8pwQeNYjSZtPd_VlQQd0-q-8KMUpIpOngI-r_z-g3SxqzsfFfKHbDGlxZDQd1WiPd44oSTQEfmFOhNyRCV_LSlsY9vraGZO5qTY_6y-wXrYbJ63ziEyI3N8ZjTV_pM22O2dYPctTsZcRztZud22DbGjtmb4obF6rtYGJ6vqfPg3Ukqfh7-GVGVTe9KYaSJ7ExHVI7JRtLpjuNPK6nCS9Gcj3PUfpFFrdTy8TDk4HFNHEW86HIAr88rJXI9i4wpY57F1mWcGo4EuG-hpGVFnngH_208YGeNzfNrSjvrS9r91eiN_u2MBru9tLv7dt46NK3MehPKQ_fzL0aQBXLync0naygQ5_ZXHo4G2T_qJuNdO3iHgAm-qBn5R1ve7mlgfYw1zjDXxeQEmeR9LbL_AiCg1ct5QeW_2o_I9NoXnNogD1YFbrOMXypdgvFa6eevPhOyvxaaZsJ6MNP2VtN9Feqxto685W2c8vcZ7lhbUYrajqer3G5ztEuwjQqZr05nvd4ODA9DK8a5FHzsDuQ8bSMkIxRgdOTvsjbq75FwDrTjfaRX22G99FL3ePi4pYZc0bJ-BE5lE_aUsyyWBKm7QtbnXbpUERoidaWMcfsl7psa8w2SyMtACgWSgdhC3ucrzd0KexM6-6aMFHjfg9W0Fjxciz08l0bxIW8Jijh5fI8HSsa7a3iEoBXcKYeKxI1mbUqwkvp49-H6b0G9LT_B2RnfxzRFei1z_yY8Pla_Hombclu7vRWpibCc39v31HLhDl-hn8Rjfu_ktsr-XIJqKu_bYZ0MSGbYg7oaaN1veu5a1T9uCCDcWrsTOOkaAdlCuOTFu0wtbssJ2MJlxxIe8RjeBhTCy6fsZ8aN2fyLH1n9U8MiKVTC_POR3fVJa_2YVlWSnn9sGQR80X6EzMBo8y0S7ymIVwE4P042uY9Zs9iM0FvSqE-chpDNfpsJd1uz5chzXLi0IkiavpR2u2CYDRs08Zlqdnu2PhbjOBmbCSYyWK_a4WI_m-P5SmpO-nvv39TF7giucPc6QOl5NyEmGaXP7yyv2Cl0hCpn2KDvLG86LkijgGjUPW2wxOEdNL6_YPzcwmf3MxuMXJHUv5PmRDORAtyYbpuu-B0fPGojIikkZBnJl&uniformat=true&callback=Ya%5B2686894915947%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0d9ae83ed412c0a51d6302086193b9f846a503612d1c91fd0df838f2e2321779

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.afn.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 18 Oct 2022 14:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1666102095585324-11348526896492509674-sas3-0877-80f-sas-l7-balancer-8080-BAL-6059
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 18 Oct 2022 14:08:15 GMT
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: http://www.afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 18 Oct 2022 14:08:15 GMT

GET
H2 200 acb99422177ec0a89123.js Show response
yastatic.net/partner-code-bundles/667637/ 468 KB
96 KB 171ms
150ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/667637/acb99422177ec0a89123.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

41665f556d519d47b0533b3d4f4b699ee997a0b6675be6513af768a082b3b1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://www.afn.by/
Origin: http://www.afn.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:15 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 97549
last-modified: Mon, 17 Oct 2022 16:39:15 GMT
server: nginx/1.17.9
etag: "137be3bd099bc182394e28ed7e1b19d4"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 17 Oct 2052 20:44:13 GMT

GET
H2

200

/ Show response
www.acint.net/mc/ Frame 8A39
Redirect Chain

http://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10&tc=1

4 KB
5 KB

40ms
40ms

Document
text/html

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=10&tc=1
Requested by: Host: www.acint.net
URL: http://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: 81dd8e95b1a2b7f08d29875ccb8796895c9c0ee05d6f37838d283fb34c5665d0

Request headers

Referer: http://www.afn.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 18 Oct 2022 14:08:15 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server: openresty

Redirect headers

content-length: 154
content-type: text/html
date: Tue, 18 Oct 2022 14:08:15 GMT
location: /mc/?dp=10&tc=1
server: openresty

GET
H2

200

/
www.acint.net/hit/
Redirect Chain

http://www.acint.net/hit/?v=0.4.0&uid=be3b0fcb-6e84-4ea8-99a6-c2a735441432&dp=10&tz=%2B00%3A00&nc=73184296&u=http%3A%2F%2Fwww.afn.by%2F&r=&rs=1600x1200&t=AFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81...
https://www.acint.net/hit/?v=0.4.0&uid=be3b0fcb-6e84-4ea8-99a6-c2a735441432&dp=10&tz=%2B00%3A00&nc=73184296&u=http%3A%2F%2Fwww.afn.by%2F&r=&rs=1600x1200&t=AFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%8...

43 B
340 B

41ms
41ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.4.0&uid=be3b0fcb-6e84-4ea8-99a6-c2a735441432&dp=10&tz=%2B00%3A00&nc=73184296&u=http%3A%2F%2Fwww.afn.by%2F&r=&rs=1600x1200&t=AFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&oE=1&oP=1&dT=2022-10-18T14%3A08%3A15.583&fu=b2247912-40d2-45c5-823d-84266cf469dd
Requested by: Host: www.afn.by
URL: http://www.afn.by/
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 18 Oct 2022 14:08:15 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/hit/?v=0.4.0&uid=be3b0fcb-6e84-4ea8-99a6-c2a735441432&dp=10&tz=%2B00%3A00&nc=73184296&u=http%3A%2F%2Fwww.afn.by%2F&r=&rs=1600x1200&t=AFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&oE=1&oP=1&dT=2022-10-18T14%3A08%3A15.583&fu=b2247912-40d2-45c5-823d-84266cf469dd
Date: Tue, 18 Oct 2022 14:08:15 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 379 B
692 B 79ms
24ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.afn.by&callback=_gfp_s_&client=ca-pub-5271363197717881&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5271363197717881&plah=www.afn.by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41a9f1a7e28701810cb7895d9739e87f333d4ee7071c3e395630a7e7194a074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 69ms
26ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.afn.by

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 69ms
27ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.afn.by

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1B5A 92 KB
33 KB 418ms
383ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&adk=1812271804&adf=3025194257&lmt=1666102095&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.afn.by%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1666102095439&bpp=3&bdt=404&idt=164&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1923558324748&frm=20&pv=2&ga_vid=1668176210.1666102095&ga_sid=1666102096&ga_hid=976730884&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31062930&oid=2&pvsid=3147687186251757&tmod=428145752&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=185

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bc25bf4b354d60ff200bc3f20e7c8154afbd1642b21d47343461c9bb134602d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.afn.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33374
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 14:08:16 GMT
expires: Tue, 18 Oct 2022 14:08:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3DE6 73 KB
29 KB 648ms
621ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&h=600&slotname=5761908397&adk=3519307484&adf=1131236467&pi=t.ma~as.5761908397&w=160&lmt=1666102095&format=160x600&url=http%3A%2F%2Fwww.afn.by%2F&wgl=1&dt=1666102095442&bpp=2&bdt=407&idt=185&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1923558324748&frm=20&pv=1&ga_vid=1668176210.1666102095&ga_sid=1666102096&ga_hid=976730884&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1415&ady=483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31062930&oid=2&pvsid=3147687186251757&tmod=428145752&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=sjqX2MVgTw&p=http%3A//www.afn.by&dtd=190

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c19bf103343e1241bdf5948e26627f8b7bd3a1697c65ce783e9ea400fc1e2044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.afn.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29606
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 14:08:16 GMT
expires: Tue, 18 Oct 2022 14:08:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 8A39
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0A0909B04FB34E6321018337023B38D7
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0A0909B04FB34E6321018337023B38D7&crf=1

68 B
607 B

25ms
25ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0A0909B04FB34E6321018337023B38D7&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=0A0909B04FB34E6321018337023B38D7&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 8A39
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=A7B803C14FB34E6366009A9502046568

43 B
269 B

1634ms
1627ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=A7B803C14FB34E6366009A9502046568
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:17 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Tue, 18 Oct 2022 14:08:15 GMT
Server: openresty
Access-Control-Allow-Methods: GET
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Location: https://acint.net/match?dp=14&euid=A7B803C14FB34E6366009A9502046568
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 8A39
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0A0909B04FB34E6321018337023B38D7
https://px.adhigh.net/p/cm/sape?u=0A0909B04FB34E6321018337023B38D7&bounced=1
https://acint.net/match?dp=17&euid=xeYvfNOCGqU.AikABlGD62xwlg

43 B
269 B

31ms
31ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=xeYvfNOCGqU.AikABlGD62xwlg
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:16 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:16 GMT
server: nginx
x-backend-id: f17-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://acint.net/match?dp=17&euid=xeYvfNOCGqU.AikABlGD62xwlg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 8A39 43 B
764 B 275ms
94ms Image
image/gif 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0A0909B04FB34E6321018337023B38D7
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 14:08:16 GMT
Last-Modified: Tue, 18 Oct 2022 14:08:16 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Tue, 18 Oct 2022 20:08:16 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 8A39
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5131720943
https://www.acint.net/rmatch?dp=45&euid=AOPFUkfk38JiK6m9y_rqCGA&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0A0909B04FB34E6321018337023B38D7

42 B
201 B

114ms
114ms

Image
image/gif

195.209.111.19
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0A0909B04FB34E6321018337023B38D7
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 195.209.111.19 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 14:08:17 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Tue, 18 Oct 2022 14:08:17 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0A0909B04FB34E6321018337023B38D7
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame 8A39 0
794 B 84ms
34ms Image
text/plain 2606:4700:3033::ac43:d997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=sape
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TurC%2B8EWAi5h5ILZh2yDENyP%2F8oiYSixRqRkznXOT%2BTGmsRyvYUYIAeiIbi50ZixFpumh6Q8HWM2Wch8%2Fr%2BUBWRBrAB9jLX3DdaPKkDECJadPLrh9K0WFkSClnK0I7%2BgY6RRXBHuJpeJxLU%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 75c1d852ec7a9078-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 match
sync.republer.com/ Frame 8A39 0
68 B 100ms
26ms Image
text/plain 23.88.82.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.republer.com/match?dsp=sape

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.88.82.46 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.46.82.88.23.clients.your-server.de

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:15 GMT
strict-transport-security: max-age=0
server: nginx

GET
H2 204 match
dm-eu.hybrid.ai/ Frame 8A39 0
238 B 82ms
22ms Image
text/plain 37.18.103.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=0A0909B04FB34E6321018337023B38D7

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.21 , Netherlands, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:15 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 522
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame 8A39 3 KB
3 KB 278ms
90ms Script
application/javascript 185.15.175.174
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.174 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 14:08:16 GMT
Last-Modified: Tue, 18 Oct 2022 14:05:02 GMT
Server: nginx
ETag: "634eb28e-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame 8A39 0
70 B 178ms
51ms Image
text/plain 159.69.59.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0A0909B04FB34E6321018337023B38D7
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.59.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.59.69.159.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 18 Oct 2022 14:08:15 GMT
server: nginx/1.17.10

GET
H2

200

match
www.acint.net/ Frame 8A39
Redirect Chain

https://sync.upravel.com/sape/sync
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
https://030a70e8-9d8a-45bf-9430-e8fc81a7039d.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
https://www.acint.net/match?dp=71&euid=030a70e8-9d8a-45bf-9430-e8fc81a7039d

43 B
269 B

29ms
29ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=71&euid=030a70e8-9d8a-45bf-9430-e8fc81a7039d
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:16 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Tue, 18 Oct 2022 14:08:16 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://www.acint.net/match?dp=71&euid=030a70e8-9d8a-45bf-9430-e8fc81a7039d
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 8A39 170 B
502 B 71ms
28ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=CgkJsE-zTmMhAYM3Ajs41w

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adlmerge.com/merge_gpsid/ Frame 8A39
Redirect Chain

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0A0909B04FB34E6321018337023B38D7
https://adlmerge.com/merge_gpsid/?sid=50&id=0A0909B04FB34E6321018337023B38D7

43 B
115 B

84ms
24ms

Image
image/gif

95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adlmerge.com/merge_gpsid/?sid=50&id=0A0909B04FB34E6321018337023B38D7
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:16 GMT
iseu: eu
server: nginx/1.16.0
content-type: image/gif

Redirect headers

location: //adlmerge.com/merge_gpsid/?sid=50&id=0A0909B04FB34E6321018337023B38D7
date: Tue, 18 Oct 2022 14:08:16 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 8A39 42 B
201 B 425ms
100ms Image
image/gif 195.209.111.19
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0A0909B04FB34E6321018337023B38D7
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.209.111.19 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 14:08:16 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

match
www.acint.net/ Frame 8A39
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
https://www.acint.net/match?dp=95&euid=MWZEPFCU

43 B
269 B

1545ms
1545ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=95&euid=MWZEPFCU
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:17 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=95&euid=MWZEPFCU
Date: Tue, 18 Oct 2022 14:08:16 GMT
Server: nginx/1.16.1
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 8A39
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B04FB34E6321018337023B38D7
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B04FB34E6321018337023B38D7&cs=1

35 B
376 B

31ms
30ms

Image
image/gif

78.46.100.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B04FB34E6321018337023B38D7&cs=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 78.46.100.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.100.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 18 Oct 2022 14:08:16 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B04FB34E6321018337023B38D7&cs=1
date: Tue, 18 Oct 2022 14:08:16 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

match
www.acint.net/ Frame 8A39
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=m8ncXUBTpIHU

43 B
269 B

31ms
31ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=m8ncXUBTpIHU
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:16 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=m8ncXUBTpIHU
Date: Tue, 18 Oct 2022 14:08:16 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame 8A39
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=107&euid=bc1a1b3e-c28d-5223-b857-d53bdb196674

43 B
269 B

29ms
28ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=bc1a1b3e-c28d-5223-b857-d53bdb196674
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:16 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=bc1a1b3e-c28d-5223-b857-d53bdb196674
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 8A39
Redirect Chain

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=c34dd262df254a0e92cdf92b6f88f922

43 B
269 B

35ms
34ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=c34dd262df254a0e92cdf92b6f88f922
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:16 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=c34dd262df254a0e92cdf92b6f88f922
date: Tue, 18 Oct 2022 14:08:15 GMT
server: Microsoft-IIS/10.0

GET
H2

200

match
www.acint.net/ Frame 8A39
Redirect Chain

https://0a0909b04fb34e6321018337023b38d7-sp.ops.beeline.ru/p?ssp=sp&id=0A0909B04FB34E6321018337023B38D7
https://www.acint.net/match?dp=111&euid=fcf6807d-6308-49b0-ade2-c30b97d226a0

43 B
269 B

30ms
29ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=111&euid=fcf6807d-6308-49b0-ade2-c30b97d226a0
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:16 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Tue, 18 Oct 2022 14:08:16 GMT
x-route: http://upstream_cookiesync
server: nginx
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
location: https://www.acint.net/match?dp=111&euid=fcf6807d-6308-49b0-ade2-c30b97d226a0
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.36
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

matchspm
ut.rktch.com/ Frame 8A39
Redirect Chain

https://ut.rktch.com/matchspm?pi=1000005&pui=0A0909B04FB34E6321018337023B38D7
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=2343598334
https://ut.rktch.com/matchspm?pi=1000006&pui=T3JheJjmzvsl7JI9OI6sNu&noredirect

88 B
88 B

94ms
94ms

Image
image/png

89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000006&pui=T3JheJjmzvsl7JI9OI6sNu&noredirect
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 14:08:16 GMT
Server: nginx/1.22.0
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Content-Length: 88

Redirect headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:16 GMT
via: 1.1 google
last-modified: Tue, 18 Oct 2022 14:08:16 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://ut.rktch.com/matchspm?pi=1000006&pui=T3JheJjmzvsl7JI9OI6sNu&noredirect
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

404

UfKRNO-3REy3y2bJeri6gg
an.yandex.ru/setud/mts_banner/ Frame 8A39
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0A0909B04FB34E6321018337023B38D7
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0A0909B04FB34E6321018337023B38D7
https://tech.rtb.mts.ru/?dsp_uid=51f29134-efb7-444c-b7cb-66c97ab8ba82&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FUfKRNO-3REy3y2bJeri6gg%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
https://an.yandex.ru/setud/mts_banner/UfKRNO-3REy3y2bJeri6gg?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=3590850127

43 B
103 B

85ms
85ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/UfKRNO-3REy3y2bJeri6gg?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=3590850127

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 18 Oct 2022 14:08:17 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 18 Oct 2022 14:08:17 GMT

Redirect headers

Date: Tue, 18 Oct 2022 14:08:17 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/UfKRNO-3REy3y2bJeri6gg?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=3590850127
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

match
www.acint.net/ Frame 8A39
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=550b8865-25ee-48c2-6d65-bbf8de0c2d9e

43 B
269 B

80ms
79ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=550b8865-25ee-48c2-6d65-bbf8de0c2d9e
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:16 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=550b8865-25ee-48c2-6d65-bbf8de0c2d9e
date: Tue, 18 Oct 2022 14:08:16 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 8A39
Redirect Chain

https://s.uuidksinc.net/match/396/?remote_uid=0A0909B04FB34E6321018337023B38D7
https://www.acint.net/match?dp=127&euid=132yog8r4ve9pePFsLIv

43 B
269 B

76ms
76ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=132yog8r4ve9pePFsLIv
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:16 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=132yog8r4ve9pePFsLIv
date: Tue, 18 Oct 2022 14:08:16 GMT
server: nginx/1.19.0
content-length: 0

GET

match
www.acint.net/ Frame 8A39
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=9zm00j1o6y

0
0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame 8A39 0
215 B 319ms
85ms Image
text/plain 217.65.2.150
CITYTELECOM-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0A0909B04FB34E6321018337023B38D7
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 , Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 18 Oct 2022 14:08:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 204 0A0909B04FB34E6321018337023B38D7
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame 8A39 0
189 B 328ms
184ms Image
text/plain 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0A0909B04FB34E6321018337023B38D7
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

server: nginx
date: Tue, 18 Oct 2022 14:08:16 GMT
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2

204

0.gif
x01.aidata.io/ Frame 8A39
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0A0909B04FB34E6321018337023B38D7
https://x01.aidata.io/0.gif?pid=9401454&id=0A0909B04FB34E6321018337023B38D7&bounce=1
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

0
432 B

92ms
92ms

Image
text/plain

89.108.120.76
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51804.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:17 GMT
last-modified: Tue, 18 Oct 2022 14:08:16 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Tue, 18 Oct 2022 14:08:16 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Date: Tue, 18 Oct 2022 14:08:17 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 242
Content-Type: text/html; charset=iso-8859-1

GET sape
dmp.gotechnology.io/match/ Frame 8A39 0
0

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 8A39
Redirect Chain

https://sync.bumlam.com/?src=sap1&uid=0A0909B04FB34E6321018337023B38D7
https://sync.bumlam.com/?src=sap1&s_data=CAIQARjQ5rqaBmIgMEEwOTA5QjA0RkIzNEU2MzIxMDE4MzM3MDIzQjM4RDeiARBP3usUTu4R7YbgACWQwGR8

0
523 B

16ms
16ms

Image
text/html

31.172.81.172
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&s_data=CAIQARjQ5rqaBmIgMEEwOTA5QjA0RkIzNEU2MzIxMDE4MzM3MDIzQjM4RDeiARBP3usUTu4R7YbgACWQwGR8
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 31.172.81.172 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Date: Tue, 18 Oct 2022 14:08:16 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Tue, 18 Oct 2022 14:08:16 GMT
Server: nginx
ETag: 4fdeeb14-4eee-11ed-86e0-002590c0647c
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARjQ5rqaBmIgMEEwOTA5QjA0RkIzNEU2MzIxMDE4MzM3MDIzQjM4RDeiARBP3usUTu4R7YbgACWQwGR8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2

200

0A0909B04FB34E6321018337023B38D7
an.yandex.ru/mapuid/sapeis/ Frame 8A39
Redirect Chain

https://an.yandex.ru/mapuid/sapeis/0A0909B04FB34E6321018337023B38D7
https://an.yandex.ru/mapuid/sapeis/0A0909B04FB34E6321018337023B38D7?redir-setuniq=1

43 B
180 B

73ms
73ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0A0909B04FB34E6321018337023B38D7?redir-setuniq=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 18 Oct 2022 14:08:17 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 18 Oct 2022 14:08:17 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 18 Oct 2022 14:08:16 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/sapeis/0A0909B04FB34E6321018337023B38D7?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 18 Oct 2022 14:08:16 GMT

GET
H/1.1 200
OK cm
nr.bidderstack.com/sape/ Frame 8A39 44 B
351 B 101ms
32ms Image
image/gif 148.251.217.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr.bidderstack.com/sape/cm?user_id=0A0909B04FB34E6321018337023B38D7
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.217.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.217.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 14:08:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 44
Content-Type: image/gif

GET
H2 200 match.gif
mediatoday.ru/core/ Frame 8A39 43 B
368 B 163ms
51ms Image
image/gif 139.45.228.100
RETNNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediatoday.ru/core/match.gif?s=32&id=0A0909B04FB34E6321018337023B38D7
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.45.228.100 , Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS: serv20.mt.viaprog.eu
Software: nginx/1.20.2 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:17 GMT
server: nginx/1.20.2
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: image/gif
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 43
expires: Thursday, 01-Jan-1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame 8A39
Redirect Chain

https://cs.agency2.ru/p?ssp=sp&uid=0A0909B04FB34E6321018337023B38D7
https://www.acint.net/match?dp=186&euid=8714c840-7df6-4149-9668-b58dbafb0b80

43 B
269 B

29ms
28ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=186&euid=8714c840-7df6-4149-9668-b58dbafb0b80
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:17 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Tue, 18 Oct 2022 14:08:17 GMT
Server: fasthttp
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Location: https://www.acint.net/match?dp=186&euid=8714c840-7df6-4149-9668-b58dbafb0b80
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Host: 23.111.107.44
Connection: keep-alive
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK user-sync
sync.adkernel.com/ Frame 8A39 0
109 B 147ms
92ms Image
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 14:08:17 GMT
Server: nginx
Connection: close
Content-Length: 0

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9795.HkPhPDl8QSo9ZBz2IArv5RMH6aYj7DkKXPyGb1lZyHE4-fDLQ1A329fWgM1c6D-G.25LxqGOaCUUr7eq1RT-nF1LxhX8%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9795.j3jh6gpnlAYDPxZPNHP50JiY4bVhaZRHcC8D-9ZBs9MmgNlwqSVZXeiqspaU_eSeH1kvKuMSuo6ziHJ4GGbY3A%2C%2C.JmAp3PeM9ptTf6pyLuKjYFnlEOI%2C

75 B
75 B

64ms
64ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9795.j3jh6gpnlAYDPxZPNHP50JiY4bVhaZRHcC8D-9ZBs9MmgNlwqSVZXeiqspaU_eSeH1kvKuMSuo6ziHJ4GGbY3A%2C%2C.JmAp3PeM9ptTf6pyLuKjYFnlEOI%2C

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:15 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9795.j3jh6gpnlAYDPxZPNHP50JiY4bVhaZRHcC8D-9ZBs9MmgNlwqSVZXeiqspaU_eSeH1kvKuMSuo6ziHJ4GGbY3A%2C%2C.JmAp3PeM9ptTf6pyLuKjYFnlEOI%2C
date: Tue, 18 Oct 2022 14:08:15 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

400

sync_cookie_image_decide
mc.yandex.by/
Redirect Chain

https://mc.yandex.by/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.by&token=9795.7Uk0Re9H6mnqouRpXssN73c_O3iXKjmMLADjw_1J8WPFWJLryfV6EMXDCcBcbLHp.PxOBSdzuE0UgvGLmNlpmT-ED0Dc%2C
https://mc.yandex.by/sync_cookie_image_decide?token=9795.liT79RHYJUwhgKbHyejjn82DWWi7EajBXw80uwt6_8iq18rFed904Fkx7TuDQiGlV44sfJ2ks-jAIi5A_ryVSg%2C%2C.naU0u3gyElpSAoh23T2I3Xu-xXM%2C

75 B
75 B

69ms
68ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.by/sync_cookie_image_decide?token=9795.liT79RHYJUwhgKbHyejjn82DWWi7EajBXw80uwt6_8iq18rFed904Fkx7TuDQiGlV44sfJ2ks-jAIi5A_ryVSg%2C%2C.naU0u3gyElpSAoh23T2I3Xu-xXM%2C

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:15 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.by/sync_cookie_image_decide?token=9795.liT79RHYJUwhgKbHyejjn82DWWi7EajBXw80uwt6_8iq18rFed904Fkx7TuDQiGlV44sfJ2ks-jAIi5A_ryVSg%2C%2C.naU0u3gyElpSAoh23T2I3Xu-xXM%2C
date: Tue, 18 Oct 2022 14:08:15 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET frame.html
s3.advarkads.com/modules/match/ Frame 6053 0
0

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 65ms
64ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:15 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 07 Oct 2022 07:30:00 GMT
etag: "633fab48-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 18 Oct 2022 15:08:15 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame D3D7 24 KB
7 KB 134ms
48ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://www.afn.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Tue, 18 Oct 2022 14:08:15 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Thu, 17 Oct 2052 20:40:03 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 89B5 24 KB
7 KB 168ms
84ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://www.afn.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Tue, 18 Oct 2022 14:08:15 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Thu, 17 Oct 2052 20:40:03 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H2

200

1 Show response
mc.yandex.com/watch/465488/
Redirect Chain

https://mc.yandex.com/watch/465488?wmode=7&page-url=http%3A%2F%2Fwww.afn.by%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afu%3A0%3Aen%3Autf-8%3...
https://mc.yandex.com/watch/465488/1?wmode=7&page-url=http%3A%2F%2Fwww.afn.by%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afu%3A0%3Aen%3Autf-8...

408 B
499 B

65ms
65ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/465488/1?wmode=7&page-url=http%3A%2F%2Fwww.afn.by%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A2%3Adp%3A0%3Als%3A1286666707716%3Ahid%3A307268206%3Az%3A0%3Ai%3A20221018140815%3Aet%3A1666102096%3Ac%3A1%3Arn%3A279621631%3Au%3A166610209690720602%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Antf%3A1%3Ans%3A1666102094276%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666102096%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29lt%287600%29aw%281%29rqnl%281%29ti%282%29

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f4adfd9489ae0ea8d1a5497dc644d3e73ae0aafcf0a7032ba24084568c004d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 18-Oct-2022 14:08:16 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 408
x-xss-protection: 1; mode=block
expires: Tue, 18-Oct-2022 14:08:16 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:16 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 18-Oct-2022 14:08:16 GMT
location: /watch/465488/1?wmode=7&page-url=http%3A%2F%2Fwww.afn.by%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A2%3Adp%3A0%3Als%3A1286666707716%3Ahid%3A307268206%3Az%3A0%3Ai%3A20221018140815%3Aet%3A1666102096%3Ac%3A1%3Arn%3A279621631%3Au%3A166610209690720602%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Antf%3A1%3Ans%3A1666102094276%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666102096%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29lt%287600%29aw%281%29rqnl%281%29ti%282%29
access-control-allow-origin: http://www.afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 18-Oct-2022 14:08:16 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/421539/
Redirect Chain

https://mc.yandex.com/watch/421539?wmode=7&page-url=http%3A%2F%2Fwww.afn.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A1131%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...
https://mc.yandex.com/watch/421539/1?wmode=7&page-url=http%3A%2F%2Fwww.afn.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A1131%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...

474 B
509 B

65ms
63ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/421539/1?wmode=7&page-url=http%3A%2F%2Fwww.afn.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A1131%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A548206723008%3Ahid%3A307268206%3Az%3A0%3Ai%3A20221018140815%3Aet%3A1666102096%3Ac%3A1%3Arn%3A1004534265%3Arqn%3A1%3Au%3A166610209690720602%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A564%2C93%2C99%2C181%2C0%2C0%2C%2C243%2C0%2C%2C%2C%2C1181%3Acpf%3A1%3Antf%3A1%3Ans%3A1666102094276%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666102096%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

310abf0ebb4e47432cce9e583389d8a0963f6996cce0c8def3e94e875f4d95bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 18-Oct-2022 14:08:16 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 474
x-xss-protection: 1; mode=block
expires: Tue, 18-Oct-2022 14:08:16 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:16 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 18-Oct-2022 14:08:16 GMT
location: /watch/421539/1?wmode=7&page-url=http%3A%2F%2Fwww.afn.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A1131%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A548206723008%3Ahid%3A307268206%3Az%3A0%3Ai%3A20221018140815%3Aet%3A1666102096%3Ac%3A1%3Arn%3A1004534265%3Arqn%3A1%3Au%3A166610209690720602%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A564%2C93%2C99%2C181%2C0%2C0%2C%2C243%2C0%2C%2C%2C%2C1181%3Acpf%3A1%3Antf%3A1%3Ans%3A1666102094276%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666102096%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
access-control-allow-origin: http://www.afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 18-Oct-2022 14:08:16 GMT

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame D3D7 95 B
400 B 198ms
65ms Image
image/png 2a02:6b8::5:114
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 14:08:16 GMT
Strict-Transport-Security: max-age=315360000; includeSubDomains
Server: nginx/1.14.2
X-RT-IH: 0.0001
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0000
Content-Length: 95
Expires: Wed, 19 Oct 2022 14:08:16 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 89B5 166 KB
54 KB 78ms
43ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5271363197717881

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df591d5c8b0c6bde895ec6ae9d2577c16f91e8499d8f5bbe13e12fd117480809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
Origin: https://yastatic.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55047
x-xss-protection: 0
server: cafe
etag: 11070335537991527829
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 14:08:16 GMT

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame 8A39 15 KB
15 KB 190ms
189ms Script
application/javascript 185.15.175.174
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=920571216011979
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.174 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5fe5d1f5b73cac63a3ac98efcd1ab515f883b012b3aae669239b96a06354008c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 14:08:17 GMT
Last-Modified: Tue, 18 Oct 2022 14:05:03 GMT
Server: nginx
ETag: "634eb28f-3cb0"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15536

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/ 151 KB
54 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23f164c2a32a77520af8e88622bb5f48b24981a238588e84747fbb63ea82857f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55056
x-xss-protection: 0
server: cafe
etag: 15630741719805380934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 14:08:16 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/465488/ 43 B
73 B 72ms
72ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/465488/1?page-url=http%3A%2F%2Fwww.afn.by%2F&charset=utf-8&cnt-class=1&hittoken=1666102096_f0f81ec5d7cee0282cb93cc3b48504efcab0b8ea5c4412adaab2a3c7db2141f9&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A1131%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A2%3Adp%3A0%3Als%3A1286666707716%3Ahid%3A307268206%3Az%3A0%3Ai%3A20221018140816%3Aet%3A1666102096%3Ac%3A1%3Arn%3A564160810%3Arqn%3A1%3Au%3A166610209690720602%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A564%2C93%2C99%2C181%2C0%2C0%2C%2C243%2C0%2C%2C%2C%2C1181%3Acpf%3A1%3Antf%3A1%3Ans%3A1666102094276%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666102096&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)lt(7600)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.afn.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:16 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 18-Oct-2022 14:08:16 GMT
content-type: image/gif
access-control-allow-origin: http://www.afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 18-Oct-2022 14:08:16 GMT

GET
H2 200 465488 Show response
mc.yandex.com/watch/ 43 B
85 B 64ms
64ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/465488?page-url=http%3A%2F%2Fwww.afn.by%2F&charset=utf-8&cnt-class=1&hittoken=1666102096_f0f81ec5d7cee0282cb93cc3b48504efcab0b8ea5c4412adaab2a3c7db2141f9&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A2%3Adp%3A0%3Als%3A1286666707716%3Ahid%3A307268206%3Az%3A0%3Ai%3A20221018140816%3Aet%3A1666102096%3Ac%3A1%3Arn%3A851699590%3Arqn%3A2%3Au%3A166610209690720602%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Antf%3A1%3Ans%3A1666102094276%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666102096%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)lt(7600)aw(1)rqnt(2)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:16 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 18-Oct-2022 14:08:16 GMT
content-type: image/gif
access-control-allow-origin: http://www.afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 18-Oct-2022 14:08:16 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/421539/ 43 B
73 B 67ms
67ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/421539/1?page-url=http%3A%2F%2Fwww.afn.by%2F&charset=utf-8&hittoken=1666102096_f0d8cfa47deb5f8090c0563dc37ce68465f076edf3571c967344dc504cae4f76&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A548206723008%3Ahid%3A307268206%3Az%3A0%3Ai%3A20221018140816%3Aet%3A1666102096%3Ac%3A1%3Arn%3A795840272%3Arqn%3A2%3Au%3A166610209690720602%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1666102094276%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666102096&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)lt(7600)aw(1)rqnt(2)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.afn.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:16 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 18-Oct-2022 14:08:16 GMT
content-type: image/gif
access-control-allow-origin: http://www.afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 18-Oct-2022 14:08:16 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/ Frame 89B5 353 KB
116 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5271363197717881&plah=yastatic.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5271363197717881

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4b61957a7f81c371fcb736ae466bb791a3bb7f4b04f7dbc314d5311c268b18e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118722
x-xss-protection: 0
server: cafe
etag: 9858308648203831227
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 14:08:16 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 68ms
27ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.afn.by

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 67ms
26ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.afn.by

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/ Frame D6A4 10 KB
4 KB 17ms
16ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.afn.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:08:12 GMT
etag: 9671129459699598864
expires: Mon, 31 Oct 2022 19:08:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D6A4 0
0 71ms
66ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHP_1T7NOY_CvKviTjuwPs7CgsAKfxb_raZHO8_fED6rcj5mlIxABIKyWuQNgleKQgqAHoAGtlprZA8gBAqgDAcgDyQSqBOMBT9Dhjrd8nX7-46OSjvWx99NBWdRllB1m2Q0WtwSoaG5p3kCoW79CnTmOq8pkINl1OTzO2TEXiCu9iLB2YAJ-2E9YMq7k0_1ZlFcngvIszAGRKX7o0Z0eogJMP8YS7krrzlZA3h-IhlYnOh3QRvsA6xKlAdTOBsW8pu-I6Q_VErWBzvsoo8AqiM_7il2bwQH-e3HR2nmm8jRrLHcIfZoHtNMjVY5WRNtr3G-yb6ALT8PJ4RxImqQOKDJd2qoskyS8bvUG84mMypnFzwSZcbCiBCrREISgA5pOD-rFToca4TaB1xXABKvRwc77A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAe76eUmqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQkDXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi01MjcxMzYzMTk3NzE3ODgxGAA&sigh=cwfcWJ96sc0&uach_m=[UACH]&cid=CAQSGwDq26N90ryaPibjBP5PYJcHBM9r0_JKf0HNNBgBIA4

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Oct 2022 14:08:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Oct 2022 14:08:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/ Frame D6A4 23 KB
10 KB 64ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:44:50 GMT

GET
H2 200 16616563197061602642
tpc.googlesyndication.com/simgad/ Frame D6A4 87 KB
88 KB 81ms
34ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16616563197061602642?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnb_qnPDRaLhfxj8Q6rD-sUPpAYRA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1a934e6b705cc33cf61189e1ab03c4a69cce891082affee06e44f10a55b52f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:05:42 GMT
x-content-type-options: nosniff
age: 381754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89353
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 07:43:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Oct 2023 04:05:42 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame D6A4 3 KB
1 KB 69ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 07:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25662
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 07:00:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame D6A4 17 KB
7 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:49:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D6A4 152 KB
47 KB 81ms
34ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 14:08:16 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame D6A4 32 KB
13 KB 67ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f72d933a34e40e438eae141e1851934625c411461f44e1c86cbcd35d918a2a7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13666
x-xss-protection: 0
server: cafe
etag: 1284150378165101616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 18:05:03 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 89B5 107 B
122 B 25ms
25ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=yastatic.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 89B5 107 B
122 B 26ms
25ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=yastatic.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8A84 0
16 B 128ms
120ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&adk=1812271804&adf=2373185790&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.afn.by%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1666102096131&bpp=3&bdt=133&idt=97&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&nras=1&correlator=6303097545174&frm=24&ife=3&pv=2&ga_vid=798901942.1666102096&ga_sid=1666102096&ga_hid=1059399564&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3408271068&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=3677991976680815&tmod=1612499907&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=1.ri97a6nsw1xh&fsb=1&dtd=116

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 14:08:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B01C 79 KB
26 KB 460ms
453ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&h=280&slotname=2697508611&adk=1894667632&adf=3279755400&pi=t.ma~as.2697508611&w=728&fwrn=16&fwrnh=100&rafmt=1&format=728x280&url=http%3A%2F%2Fwww.afn.by%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666102096134&bpp=2&bdt=135&idt=117&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6303097545174&frm=24&ife=3&pv=1&ga_vid=798901942.1666102096&ga_sid=1666102096&ga_hid=1059399564&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3408271068&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=3677991976680815&tmod=1612499907&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=2.auy27uj11jag&fsb=1&dtd=123

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

934c42561ecd95d4e8ea88db974c3b72f6f94250932c46fe5e028beb92b16e24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 26144
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 14:08:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DDF7 143 B
166 B 24ms
18ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 13:15:23 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D6A4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1232525609bc2312fac5f67b2bc0e5c65c2839b18a68535605139d1a657c10f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 13829856476932349631
tpc.googlesyndication.com/simgad/ Frame 3DE6 64 KB
64 KB 113ms
77ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13829856476932349631?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn0r6x8ksy6-lrCjyfnOF61eNZggQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&h=600&slotname=5761908397&adk=3519307484&adf=1131236467&pi=t.ma~as.5761908397&w=160&lmt=1666102095&format=160x600&url=http%3A%2F%2Fwww.afn.by%2F&wgl=1&dt=1666102095442&bpp=2&bdt=407&idt=185&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1923558324748&frm=20&pv=1&ga_vid=1668176210.1666102095&ga_sid=1666102096&ga_hid=976730884&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1415&ady=483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31062930&oid=2&pvsid=3147687186251757&tmod=428145752&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=sjqX2MVgTw&p=http%3A//www.afn.by&dtd=190

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf0fdab4031d85c318bafbd48968462e4cf1d917071085862aa426c0cf024418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:28:20 GMT
x-content-type-options: nosniff
age: 380396
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65910
x-xss-protection: 0
last-modified: Tue, 03 Nov 2020 11:06:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Oct 2023 04:28:20 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/ Frame 3DE6 23 KB
9 KB 98ms
62ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:44:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 3DE6 3 KB
1 KB 120ms
88ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 07:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25662
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 07:00:34 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 3DE6 17 KB
7 KB 120ms
87ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:49:08 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3DE6 152 KB
46 KB 110ms
76ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 14:08:16 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 3DE6 32 KB
13 KB 121ms
88ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f72d933a34e40e438eae141e1851934625c411461f44e1c86cbcd35d918a2a7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13666
x-xss-protection: 0
server: cafe
etag: 1284150378165101616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 18:05:03 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3DE6 0
0 110ms
109ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpdA8T7NOY9KhLeS-j-8PkYiZ4Au9l7DkbK7q28iyD5y8q7KrCRABIKyWuQNgleKQgqAHoAGZp6edA8gBAqkCTZfsWvSIsD6oAwHIA8kEqgTlAU_Qbw7Ge37vt2aQkBwybWSOayJRNhB9GwNZN6LneQXKmAYNcfIqjXnxnvg5TDO5N-qL35Q7cWLMlv7-Ndou7PxAEtJ6TZ17vHwjEnc4tO55XXVy7GO-J_yw3cXnXaiXT1IcYJSuUNtRC3Ul_-FE9CjJdJFpMrtJ4enfvSBNYf7VFDvzIhNLmd6hju1Yh33V5qk_0TmAkTMhCR2efwIyf5tfsHyFpK_Gjnz82Dqct4ThqOHhSDXrTl1sIAd-CnqGKB-QA6X5pzMIqvPJa0SEqjJ_d7s7LBAfbx0lCk-r8VVdTEd0MyHABKrEoLz-A5IFBAgEGAGSBQQIBRgEoAYCgAfP2NhiqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQyDvSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi01MjcxMzYzMTk3NzE3ODgxGAA&sigh=J0p3BWU0wx8&uach_m=[UACH]&cid=CAQSGwDq26N9dBL5d1SWkrWdQhvAQ3J4wW4JFeNwERgBIA4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&h=600&slotname=5761908397&adk=3519307484&adf=1131236467&pi=t.ma~as.5761908397&w=160&lmt=1666102095&format=160x600&url=http%3A%2F%2Fwww.afn.by%2F&wgl=1&dt=1666102095442&bpp=2&bdt=407&idt=185&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1923558324748&frm=20&pv=1&ga_vid=1668176210.1666102095&ga_sid=1666102096&ga_hid=976730884&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1415&ady=483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31062930&oid=2&pvsid=3147687186251757&tmod=428145752&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=sjqX2MVgTw&p=http%3A//www.afn.by&dtd=190
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Oct 2022 14:08:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DDF7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

66ms
65ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 14:08:16 GMT
expires: Tue, 18 Oct 2022 14:08:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 14:08:16 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame C618 36 KB
15 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 12:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 12:12:29 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9A19 143 B
166 B 17ms
16ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&h=600&slotname=5761908397&adk=3519307484&adf=1131236467&pi=t.ma~as.5761908397&w=160&lmt=1666102095&format=160x600&url=http%3A%2F%2Fwww.afn.by%2F&wgl=1&dt=1666102095442&bpp=2&bdt=407&idt=185&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1923558324748&frm=20&pv=1&ga_vid=1668176210.1666102095&ga_sid=1666102096&ga_hid=976730884&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1415&ady=483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31062930&oid=2&pvsid=3147687186251757&tmod=428145752&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=sjqX2MVgTw&p=http%3A//www.afn.by&dtd=190
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 13:15:23 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3DE6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1acd5b6e3ef73f684c361cbc587fa6e6ee3fb957af2019e3baa4330a1f8fbb85

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9A19
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

34ms
33ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 14:08:16 GMT
expires: Tue, 18 Oct 2022 14:08:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 14:08:16 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame 654B 36 KB
15 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 12:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 12:12:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/ Frame B01C 23 KB
9 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&h=280&slotname=2697508611&adk=1894667632&adf=3279755400&pi=t.ma~as.2697508611&w=728&fwrn=16&fwrnh=100&rafmt=1&format=728x280&url=http%3A%2F%2Fwww.afn.by%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666102096134&bpp=2&bdt=135&idt=117&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6303097545174&frm=24&ife=3&pv=1&ga_vid=798901942.1666102096&ga_sid=1666102096&ga_hid=1059399564&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3408271068&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=3677991976680815&tmod=1612499907&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=2.auy27uj11jag&fsb=1&dtd=123

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:44:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B01C 8 KB
1 KB 71ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 14:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 12:10:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 14:08:16 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/ Frame B01C 14 KB
3 KB 60ms
18ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 13:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 10:40:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 13:23:35 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/ Frame B01C 359 KB
124 KB 60ms
19ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a7f3d2c238784e955c2426069e8764f35cdbd3a88b5e06e1120a196d119e72d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 13:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127092
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 10:40:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 13:23:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame B01C 17 KB
7 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:49:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B01C 0
0 24ms
24ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmj_ueYlZcFblMTk7pxR62ycJBrJuVgAbQ4csVw1miCRrv_Ws1Yakm2rlhlEAIPlR2A3VwwZ4F8fKHke-Nk87bsLrZzA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&h=280&slotname=2697508611&adk=1894667632&adf=3279755400&pi=t.ma~as.2697508611&w=728&fwrn=16&fwrnh=100&rafmt=1&format=728x280&url=http%3A%2F%2Fwww.afn.by%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666102096134&bpp=2&bdt=135&idt=117&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6303097545174&frm=24&ife=3&pv=1&ga_vid=798901942.1666102096&ga_sid=1666102096&ga_hid=1059399564&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3408271068&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=3677991976680815&tmod=1612499907&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=2.auy27uj11jag&fsb=1&dtd=123
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame B01C 0
327 B 445ms
62ms Ping
image/gif 172.217.19.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=1~l9ea65ox&c=2019231808319&slotId=1009615904159.5&qqid=CKLY-Pz56foCFafIOwIdXj0Blw&fb=outstream-lima&sei=44714743%2C44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.19.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s27-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B01C 9 KB
10 KB 62ms
21ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 20:29:43 GMT
x-content-type-options: nosniff
age: 63514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 20:29:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B01C 15 KB
16 KB 54ms
16ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 348804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 13:14:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B01C 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cg3PuULNOY6LwGqeR78EP3vqEuAnu7o-4bJTR_rKWEPAuEAEgrJa5A2CV4pCCoAegAa2W8PIoyAEFqQJNl-xa9IiwPqgDAcgDmwSqBIsCT9Ad9sdypBF_HNeebARcw7-yS6b34F6jggaG9P2i6IowmVmB_NhWdfGPlO__yQPa1hPTin3HghUAV7dJTHF7WQTOFuq7JytQLrq_63Vi0UMd4kvW0T0u1Ma3ibRw-WElnGJPfLu0UYSlQQUJ1JJfM_BIUAF9TnbD_Qq_2SCwgp5cw4lyrkmq-NzJ_L07_yEjucMVtk8Dkk2DM-dqKio_fAMecOi3Dchz0Uj3cD5IqHiDR0jPHEhQFfYhH9F6VdHI-bIV1je4ucOHBbOWTdFuRD0FhRidfF-N1IhpSKp6GeolbMk0QiBMtk9gorSLttp93DqG7JNQRNID4VNw2yKU0UHJKReemmGbfaW6wATUvsjhoQTgBAOQBgGgBnaAB63OwNIDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB4AsBgAwBsBPtwuwQyBPbqI_hA9ATANgTCogUBNgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1666102096989&ai=Cg3PuULNOY6LwGqeR78EP3vqEuAnu7o-4bJTR_rKWEPAuEAEgrJa5A2CV4pCCoAegAa2W8PIoyAEFqQJNl-xa9IiwPqgDAcgDmwSqBIsCT9Ad9sdypBF_HNeebARcw7-yS6b34F6jggaG9P2i6IowmVmB_NhWdfGPlO__yQPa1hPTin3HghUAV7dJTHF7WQTOFuq7JytQLrq_63Vi0UMd4kvW0T0u1Ma3ibRw-WElnGJPfLu0UYSlQQUJ1JJfM_BIUAF9TnbD_Qq_2SCwgp5cw4lyrkmq-NzJ_L07_yEjucMVtk8Dkk2DM-dqKio_fAMecOi3Dchz0Uj3cD5IqHiDR0jPHEhQFfYhH9F6VdHI-bIV1je4ucOHBbOWTdFuRD0FhRidfF-N1IhpSKp6GeolbMk0QiBMtk9gorSLttp93DqG7JNQRNID4VNw2yKU0UHJKReemmGbfaW6wATUvsjhoQTgBAOQBgGgBnaAB63OwNIDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB4AsBgAwBsBPtwuwQyBPbqI_hA9ATANgTCogUBNgUAdAVAfgWAYAXAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame B01C 30 KB
16 KB 140ms
68ms XHR
text/xml 64.233.166.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CKFesxYfADTJDx7V1qBqm0w_Nt-zOZ1-MMEdoj4mUYe_a6DmBVhbNr93dvIFWuVXp1u5EXJTzZlz_6lBtr59xFee41Zw&cry=1&dbm_d=AKAmf-BvXNqeXNpAYPOB-zYIQCoB78a_eEzZ-E-uFpdqWAiupDpBX2gzxDhQHX8gfLt5wE5aWYcUbTZQHA102HjaHpwWajs1a4_iPV6ZMXCTuKpN2v0b_sI_UbInug10FIZwoW5Bx_PeBgJLi5zxTEM9w48pr0ATO8Vo_dplQi58vZ1r_HdXIdgCBCaoMLnlWhh8MLcqj_V5KEY7IznVRBf0Owmv5sFNX6wSMTZNhqyfnwmVozLZ4ye0qC8z9apjzFhHRSkhmweP80SszSZPaJylo8-b432hPw8HOBCWlDefJA7jVnpdMBi24EkU5GpnxHaAKmde6C6cb8e2ng-S7F3yP16mS3iFbh6xe8iwDMys8pUStoPPuWLHRlANr9nXoV39KyERWy8Vf89zTafdaPiwdDCWL9D8NKGoJhR6bN58f0Cmk8udmFR_BTaDL0OT1yJHAddJa6HfF0GRyHldULCdu7Vbwr1vF0eg36bEcg2kFMluAzKPyzBmjtgG-SRP7ftNFly73hcbywmw1fzoqZWljBNDp-sFvPZUK1X65w83kD5E69wo5eDMIh3NeqtInEWAVri5Fh0ix9HUtFfWcqwtHLN-dIVLRlswNPoylmJ1-U42QFzRIsff-KXlB18r06oXPkBTTPauNOulq06rOgeSWaFpJnVXBAFCn5DxeDTz0CQx0Y5xMO2QmLwHHkbxeSHEQeB22cWY5jzJS8Il_jSDLTXH2tmOrMkI9auzkMDgPzCSEWE9aaqakf6LPhkyJQQh83FHKdy9Cj4G7UcX8Fj1j7MBNOEJD8ql3bj7ipZOYyLToUm4nAHtbDtX_ncPyhHEAoMrXDroNBilYeVQ2WbVRy0by8vT0aXTnbHF9f-w-ybVTiuqBZn8N5ErNutXpQbBmAjlXRqSMlUIUxOAaXYqxd-QXpc4krWcrY91tE-Ip2nVvTJSNTrcCMHn_VF7ng27T2tBcbqj8PuWzGHevRdwsIwpMsg7aLSbgu_1Ai7RW4k0KAzD66pasEiBMlsFllLGWbmn4RxB9InMM4ZXWcFAwWQBI2KJO-lR2Li3TmG-tqsWCOpeSt9O27ap_B1aX3deqy4PKEEEfjrBJ0jbMeRoFUgVp0BzEcF36cVJfTS3TDdCPvdnBcEgga-2Mi6ueCByczpy_EH2k67geqAySRkfg2mtyh-u1oLicZVvWZrSj7Jtl9NrflHvxRBmd8mmdHfP4eGuFUGgh0ht2yHiO196_iKE7o_CDi_E90U8uFfYV1Lq5xEqVRGK4d7V47zSL5yMtmHDhtkun0A8eUPykXEabhusqVKNEDYSnsdVyd2k67v2VvCT5wXvhCUP37CO3r-c3v67V5dIPONhF-Bn4kBzKxO6WCxFfp_4_fM2h5HXWZ0pKWXQfLQugra4b6fYD0D9AFKCrnX3F1zcB0HA-QqoyF5jFHe3LlYoW-gMed_XEKbIHd26gGn1QlU1MxPSKBDHVomzJLxKBJjjgxSnyF6kpsGYazFKrph1v5vJ7J7Si-gRcTBJ8NdHywipxsJSEy7yyWcJgG-6wQTdcHkJd3-KdUqShTJtZxuiSKQgqywNKTYaNfeUyprBX7nss4vE-ZBUJazluZcXSqzeQ8Ca3zQFMntKU0WbdUTlB5payOpY1nRLEuvX0LNqM8vGXQR9UHKen_2WFIbiKr_igZmoCUqbp9qjaX7DcEivta0osrSkO9dGwwLA1Rk8BXxB0DA76IFSS4U_5eqncC12h8YmOxfXtNLpuabQXK49YhICXwwlzkgXJ8M4miXBR6qSXA8noyswztdPODl4VF_qewwjSl95_Bt2XFL6IzB9y2A3QxCx1d7DGuEXA3zeCn2splPTiJzolvSrCWOSAdOJx9l0VSc-ONS6sPEdInphjmE_upxlpn6w7--xM8PWAa-irSgYPhJVKzA1I1xpwO07xZGyZ3VW3mILyIsDndzMXc3HqpDCJ21YXTUD01pSqfp_EnmwY8rPRS1quqZozSSQtfN49IzKI0YUNE-hSxF8J8cmQvYqVUZg_OQm0tVO8-fkB6ulg8Q_oJDVBeC5NfNVQeeUFhmv4ZxIwolrm-3qfU56K3tos1HpSL02GEKx_CRA3S4t_c7pI2QY4HDH6Ao6CwQonfTp08_pPlIajAxUkaMFOZc3DAbhnOW2lVy-0rhp5hf1ZjCcO_RJ4zrPWXUJj721SJLCwkdIeMdzLpKZ4eh_ZVmOVZ1RKJEJ9mQrnxuU8aShQ4yh1B042iQSI-x_rRrUUlnSkPRSsACOwa7g-ggeoNHX2SSN5HJjXor2bu_RwyYb8lOvemmRZ1-1dXswcUelWIReWqV2d51ZyNz2zzUkU_i5jItQbVRV3GHzu8EBSN7cLx2x5Tit2BZ9nNRqboQLLCyir9GfmQ7dsgjPRdEfxM9onkzsq7WgQfO1NANQTxSy-yqOBE-g50aKAxlw4PWGoiKOkgQhWWfkEwq8RhNpZD8tY41-EvucK9FkpJ3W43fRQI_iOG2mq30jePYvwxiDmOWYQiUhK8czhoVdtCTlbGCpqDZwEcavFa9TRRQcsClp0fmA0bbkBKDbFVVL-OXnP-5nK1D4lHqQDmyHB2a5Y1k6VYa4_zVgMbNxdz1M1tuFA--_BkJzXNjRXaghVhOZOa8_MLa5Q9UPOislCMA-Dwxq66hhZ20ZJJXXh1tWi_9VX0s0UWYucSMvJlRxxctFWjPir7my91ITrfzVwgcrPtdTIzXzuZwFbc5VzkLNI8l5b4T69c-Mq2gwNx0UQqYeoaQ_Zyoj-y-LxXntzD56BPivVo6waLUnsbWLEnErKTPndeQye66PFGaTfAwb7qfl42c1RrVfyTWdblDNwertsWBguH0OLyEUxdEMJ3Uyb_0uVGhPB9YhpO3jimamOUxK9LngRkYZ1bRRSjh4DynljXY4lz9WtY3JnuE8q7lBMq6NlhERiTK55vWHVSRivOFdjhD5MvEKQJWMHA-VWtrCwGlx5b4Tsex8B6LlqNfSXxx1yM53FigNXDJrLWf7xSgi6NkoNwFrW0i4J9ARKfULFuFAoNYfuy788zZWYIoew81423WrECvyQvglur9ON-HuRN0WPC8MjlnDPJBeEJeRU64UaU2zM8jK95oeGYKBrPZ48zkBi09jD2mvGxCKksuEvv-SzOvCWn1pee2Fxeba7xO5rC1QZfkIJ51B_b2KLYUpsKeFm2L-jY9_DafxrWduzr-CJAfNAm_yVJ-1SO_gXGbU9rYWC8KRXS-T3Qq9jcqHwgT1entcEkgLgclYd7BT0rMZd2t8JinmxN5xe5_tGbxCO1qvQi-w0rWQkQoFNHf_EMV3o8_HBwm2AJQekyVNrXtgoNwD0AzYoT-q2UTAeRaGFgnU3_hsIosSUnq4NLSS8E27s3sLA_vQLki6Ka6T6ZHii6_KSxRvF_rkrhSkeIc5Ah97hyzHUkg1h2JDBpT4Vy6nl5_cDuvvkOLPB2HC5_jbDNq4xMItnnLc-gAIbrx5C4zin4YuuYjHdrMk6s-mJsKjnbX6yezq3LMyU5AwUzDuAnDeKXC_7Ix0RfhpWabCTbzeOOM9pALjE7J2fEPTKN-n6M95ADst8TaqFMWJFeqQJczL-mwvktqprrcT043pJ1XQZ9ZjCflDQ0xduSYWUDHK2w3LFqBemegveLHlvmQjF3Lw4MbtpRyAHeylyfH1yH1Wc-osLHcb7l2cMvv-ephZQKSt5CxSkxoTH_rUU_mMUSAR1ApO6Qy9IqEqw-jPZq9frHKreTwVzBzMU3DmlK922kZigRRVtur6PG4pipHif0mNbyLlXo7lsvhaXvjfG1dkLiLS7tMvyo5zbRdR3a4PjXB5vZif-47WjdI6cRSVtIIXG5gszq2UXZY5PREq2dbuaxiUWmWFfiWmwa9s1KtzQJQ4e3FUnNIpzISDQE7lTAaWi_CYCuCcNncXyZT4AXT-3ByUTAzBr-EpW4gwiaYt4VOrWHTzPE8xXw4qGJT__I1iP7SnBw&cid=CAQSKQDq26N9itZ_eeMja9EL1EXnRF1gaTundsKsVKiBJIgWMUTd-XHNvCPKGAEgDg&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.166.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wm-in-f156.1e100.net

Software

cafe /

Resource Hash

fe35cd48b276338084999f88cc7d62bab072574908bc0a2282d4d9122fe6ae27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16226
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B01C 0
0 54ms
54ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cj9oUULNOY6LwGqeR78EP3vqEuAnu7o-4bJTR_rKWEPAuEAEgrJa5A2CV4pCCoAegAa2W8PIoyAEFqQJNl-xa9IiwPqgDAaoEiAJP0B32x3KkEX8c155sBFzDv7JLpvfgXqOCBob0_aLoijCZWYH82FZ18Y-U7__JA9rWE9OKfceCFQBXt0lMcXtZBM4W6rsnK1Auur_rdWLRQx3iS9bRPS7UxreJtHD5YSWcYk98u7RRhKVBBQnUkl8z8EhQAX1OdsP9Cr_ZILCCnlzDiXKuSar43Mn8vTv_ISO5wxW2TwOSTYMz52oqKj98Ax5w6LcNyHPRSPdwPkioeINHSM8cSFAV9iEf0XpV0cj5shXWN7i5w4cFs5ZNiW_mIQ2_jq_uinYxz4Gt7v3OmaK7hvmTHYFPOUKoF4GfwpUy87shYIVs_Bs18L-opWF2aeUxwFBnJnPABNS-yOGhBOAEA4gFufXEqkSSBQYIAxACGAGSBQYIGxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB63OwNIDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQi5ACGK2DydIB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwGwE-3C7BDCEwYYrZbw8ijIE9uoj-ED0BMA2BMKiBQE2BQB0BUBgBcBshccChoIABIUcHViLTUyNzEzNjMxOTc3MTc4ODEYAA&sigh=qSQpTZ80DMg&uach_m=[UACH]&cid=CAQSKQDq26N9itZ_eeMja9EL1EXnRF1gaTundsKsVKiBJIgWMUTd-XHNvCPKGAEgDg&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&h=280&slotname=2697508611&adk=1894667632&adf=3279755400&pi=t.ma~as.2697508611&w=728&fwrn=16&fwrnh=100&rafmt=1&format=728x280&url=http%3A%2F%2Fwww.afn.by%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666102096134&bpp=2&bdt=135&idt=117&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6303097545174&frm=24&ife=3&pv=1&ga_vid=798901942.1666102096&ga_sid=1666102096&ga_hid=1059399564&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3408271068&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=3677991976680815&tmod=1612499907&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=2.auy27uj11jag&fsb=1&dtd=123
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Oct 2022 14:08:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5189 1 KB
643 B 15ms
15ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75555
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 17:09:02 GMT
etag: 48472445140208031
expires: Tue, 18 Oct 2022 17:09:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B01C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1266bf92428386599e0210453869c0bfd9e7d62470630216db0ac96330eef2e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5189 35 B
463 B 67ms
19ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGed2-3LLU0Unrf0vjpOeL4&google_cver=1&google_push=AZmPxg82_5RgyVO6Afe6fAo9OngBSM1GPaOjr3uku9qhl8Xwl8uPjpvxfr-GpQXi4NZv_8SRTH4RD85d8nTme-wTf6KMBTKRwfGL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5189
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg84f7AJ...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg84f7AJ...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTgxNDA4MTcwMDAxNzYxMTkzMzA1Nw%3D%3D&google_push=AZmPxg84f7AJBAcTJAhl958vtgH2lv7IH9M33x0EAuAxzMjdXlkEAME9SSYx-SWivVa0vV...

170 B
188 B

28ms
27ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTgxNDA4MTcwMDAxNzYxMTkzMzA1Nw%3D%3D&google_push=AZmPxg84f7AJBAcTJAhl958vtgH2lv7IH9M33x0EAuAxzMjdXlkEAME9SSYx-SWivVa0vVmnMBfT9hDJiSQiD30JVGwf6S_bulRL

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTgxNDA4MTcwMDAxNzYxMTkzMzA1Nw%3D%3D&google_push=AZmPxg84f7AJBAcTJAhl958vtgH2lv7IH9M33x0EAuAxzMjdXlkEAME9SSYx-SWivVa0vVmnMBfT9hDJiSQiD30JVGwf6S_bulRL
pragma: no-cache
date: Tue, 18 Oct 2022 14:08:17 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Tue, 18 Oct 2022 14:08:17 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 5189 43 B
356 B 79ms
25ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESENJ-jGdzqey_Ie4OcsRCiZ4&google_push=AZmPxg8m-pkr364_Rh4uHs8VPAZMdTBIXlJI1dugjO6WTteDD75NcIxo--fVABX94KDKh4A8p-EznLSlBDL_AAZLMU5F21snkDCv&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&h=280&slotname=2697508611&adk=1894667632&adf=3279755400&pi=t.ma~as.2697508611&w=728&fwrn=16&fwrnh=100&rafmt=1&format=728x280&url=http%3A%2F%2Fwww.afn.by%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666102096134&bpp=2&bdt=135&idt=117&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6303097545174&frm=24&ife=3&pv=1&ga_vid=798901942.1666102096&ga_sid=1666102096&ga_hid=1059399564&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3408271068&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=3677991976680815&tmod=1612499907&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=2.auy27uj11jag&fsb=1&dtd=123
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:17 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 5189 43 B
351 B 65ms
25ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEQ1pBgLmDrOmIpKApJoQw8&google_cver=1&google_push=AZmPxg85_ikm2XVGqpV6EwnHjjfQctIAuAWJTtts-ybsk_M2pbGg53eUHrifu3dFgXjyFPkpsfTzNYMkaC8tRy89ICP9VBtiQXb3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&h=280&slotname=2697508611&adk=1894667632&adf=3279755400&pi=t.ma~as.2697508611&w=728&fwrn=16&fwrnh=100&rafmt=1&format=728x280&url=http%3A%2F%2Fwww.afn.by%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666102096134&bpp=2&bdt=135&idt=117&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6303097545174&frm=24&ife=3&pv=1&ga_vid=798901942.1666102096&ga_sid=1666102096&ga_hid=1059399564&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3408271068&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=3677991976680815&tmod=1612499907&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=2.auy27uj11jag&fsb=1&dtd=123
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:17 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: q3j4nm5jjoeuhr6adv8vd1ns05ohj22h

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 5189 0
166 B 105ms
27ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEB51JGdSeS3cxSFlWXilT-c&google_cver=1&google_push=AZmPxg-2ZqfOHEhIktvczMuXaVmBYbVm76uyJKrf0yWUdfLQB6h8rDaBum3vXJN3JkCfzCv5UPZrJxQ_TRjzA5VlcwPP2J6Qdl0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&h=280&slotname=2697508611&adk=1894667632&adf=3279755400&pi=t.ma~as.2697508611&w=728&fwrn=16&fwrnh=100&rafmt=1&format=728x280&url=http%3A%2F%2Fwww.afn.by%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666102096134&bpp=2&bdt=135&idt=117&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6303097545174&frm=24&ife=3&pv=1&ga_vid=798901942.1666102096&ga_sid=1666102096&ga_hid=1059399564&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3408271068&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=3677991976680815&tmod=1612499907&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=2.auy27uj11jag&fsb=1&dtd=123
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 18 Oct 2022 14:08:15 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5189
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEARJjftRpYYKBi8K2uoUuxo&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEARJjftRpYYKBi8K2uoUuxo&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEARJjftRpYYKBi8K2uoUuxo&google_hm=Y06zUZIgDRMhGYtg9ySxgQAABLoAAAIB&google_nid=index&google_push=AZmPxg9OoOwrxi0Qm34unQ_dglQlo4oA4rfeI...

170 B
188 B

29ms
28ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEARJjftRpYYKBi8K2uoUuxo&google_hm=Y06zUZIgDRMhGYtg9ySxgQAABLoAAAIB&google_nid=index&google_push=AZmPxg9OoOwrxi0Qm34unQ_dglQlo4oA4rfeILyipxTlUj2WzQJK2NLbXlcbC17kubyXxJ9ejmX_LlrE6pn8cfLoguo3VTYW-7n0

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPviKJ8u%2FlGMrzqUvRpfdVJqOty49cuMz9JDuSErdhpn7MD713iX7INnVwn6dXZqS5cTMhB2uN10Y4xRgaDUfA%2B7NFNUX2O8shrkSiTO%2BbDZnmlXdGJJnts%2FIDkoFwa10KzbRmcYnu76rA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEARJjftRpYYKBi8K2uoUuxo&google_hm=Y06zUZIgDRMhGYtg9ySxgQAABLoAAAIB&google_nid=index&google_push=AZmPxg9OoOwrxi0Qm34unQ_dglQlo4oA4rfeILyipxTlUj2WzQJK2NLbXlcbC17kubyXxJ9ejmX_LlrE6pn8cfLoguo3VTYW-7n0
cache-control: no-cache
cf-ray: 75c1d85bca61d5b0-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 5189 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5189 0
12 B 58ms
24ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KYUS4pBS708sxIwo3q-_RgsYD70fsjxR5RI7vlH3JnuteG2fV_cQOHBJczQn4RlUU-ljFpkg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:17 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 89B5 14 KB
11 KB 32ms
32ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221013&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e9eef13fef2613d07262064babfaf30126169e3ad74a82c3751942886c79d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11244
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 89B5 17 KB
6 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 14:08:17 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 274F 13 KB
5 KB 17ms
15ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2982
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 13:18:35 GMT
expires: Wed, 18 Oct 2023 13:18:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EC22 783 B
535 B 36ms
35ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6de6bc8539811babe97bad8ff5722b3f9c1e768c0e443044c481c755112494ee

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jmRCKLUdUBcA2RkZ-32Qpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-jmRCKLUdUBcA2RkZ-32Qpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 14:08:17 GMT
expires: Tue, 18 Oct 2022 14:08:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame B01C 41 KB
15 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 11:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355170
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 11:28:47 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-4g5edn6k.c.2mdn.net/videoplayback/id/11bad0466d5a38bd/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697638097/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame B01C
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/11bad0466d5a38bd/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697638097/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r2---sn-4g5edn6k.c.2mdn.net/videoplayback/id/11bad0466d5a38bd/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697638097/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

79ms
16ms

Fetch
video/mp4

2a00:1450:4001:d::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5edn6k.c.2mdn.net/videoplayback/id/11bad0466d5a38bd/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697638097/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1C980D2690BA4791F44E1EF835562AFF4789F89C.472DCC3214C4926453E893AA45BA134F6DE0B20D/key/cms1/cms_redirect/yes/mh/JX/mip/2001:ac8:20:303::203e/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1666101677/mv/m/mvi/2/pl/49/file/file.mp4

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

HTTP/1.1

Server

2a00:1450:4001:d::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 14:08:17 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2603716
Last-Modified: Thu, 01 Sep 2022 12:26:51 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 18 Oct 2022 14:08:17 GMT

Redirect headers

date: Tue, 18 Oct 2022 14:08:17 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 651
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-4g5edn6k.c.2mdn.net/videoplayback/id/11bad0466d5a38bd/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697638097/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1C980D2690BA4791F44E1EF835562AFF4789F89C.472DCC3214C4926453E893AA45BA134F6DE0B20D/key/cms1/cms_redirect/yes/mh/JX/mip/2001:ac8:20:303::203e/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1666101677/mv/m/mvi/2/pl/49/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame 274F 36 KB
15 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 12:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 12:12:29 GMT

GET
H2 200 1SGEcaz20Ma100000000U9nJzFzjiEgp-DT0m-DdUIBo3yM6Mlflzajc089GgPpA_DW0ANQ6L5OWjvGHIDIc08bMHX3P2U830HF3KKQE80Q6iupCGDvLHf3mNKO64GQckKnCGFPIfXj0QYrJ591zbka_4BnY4dZmiElNyRCC33ly9yxtVytAqCeCigANMH58pcK6Q... Show response
yandex.ru/an/rtbcount/ 43 B
489 B 70ms
70ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1SGEcaz20Ma100000000U9nJzFzjiEgp-DT0m-DdUIBo3yM6Mlflzajc089GgPpA_DW0ANQ6L5OWjvGHIDIc08bMHX3P2U830HF3KKQE80Q6iupCGDvLHf3mNKO64GQckKnCGFPIfXj0QYrJ591zbka_4BnY4dZmiElNyRCC33ly9yxtVytAqCeCigANMH58pcK6QLi991L0vhDiP9xZrw4PDME9n4bc_-8ofrdywsElCeEj0PC_cHsS-C5EsS32k8E5yG0BqqqMYDi-s3zaENi61DxOBs3blSdgRvoGidhZIj-lh227TB0riCnWkt8uU07Ra-UTtJk-h7sGjv8Dfk40cyS9DkP7RBnfvevMRaQPoOPfPYdcBzbWHl-4ioQomrYpsDdCpCpDZCqNi3DkO6VQmSvpWbta1_kQROm0ZwDjxW00

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.afn.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Tue, 18 Oct 2022 14:08:17 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://www.afn.by
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 18 Oct 2022 14:08:17 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 11FC 23 KB
9 KB 17ms
16ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 393890
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 00:43:27 GMT
expires: Sat, 14 Oct 2023 00:43:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EC22 0
0 50ms
50ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221013&jk=3677991976680815&rc=
Requested by: Host: www.afn.by
URL: http://www.afn.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 11FC 36 KB
16 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 06:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 06:21:07 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 274F 0
10 B 16ms
16ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WSaeOA
Requested by: Host: www.afn.by
URL: http://www.afn.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2

200

counter
top-fwz1.mail.ru/ Frame 8A39
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=889328909110456.939859404484799&a=77&e=0A0909B04FB34E6321018337023B38D7&pref=http%3A%2F%2Fwww.afn.by%2F&c=ss:77.up:0A0909B04FB34E6321018337023B38D7.sync:up...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1666102097613&i=889328909110456.939859404484799&a=77&e=0A0909B04FB34E6321018337023B38D7&pref=http%3A%2F%2Fwww.afn.by%2F&c=ss:77.u...
https://top-fwz1.mail.ru/counter?id=3210372;pid=LftcBDvw0AozNYK7iMVX

43 B
872 B

599ms
102ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3210372;pid=LftcBDvw0AozNYK7iMVX

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:18 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Tue, 18 Oct 2022 14:08:17 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 5
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://top-fwz1.mail.ru/counter?id=3210372;pid=LftcBDvw0AozNYK7iMVX
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

counter
top-fwz1.mail.ru/ Frame 8A39
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=889328909110456.346120172094057&a=77&e=0A0909B04FB34E6321018337023B38D7&pref=http%3A%2F%2Fwww.afn.by%2F&c=ss:77.up:0A0909B04FB34E6321018337023B38D7.sync:up...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1666102097618&i=889328909110456.346120172094057&a=77&e=0A0909B04FB34E6321018337023B38D7&pref=http%3A%2F%2Fwww.afn.by%2F&c=ss:77.u...
https://top-fwz1.mail.ru/counter?id=3210372;pid=8QcWrwi.Vrx9Gyi77dOC

43 B
875 B

579ms
103ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3210372;pid=8QcWrwi.Vrx9Gyi77dOC

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:18 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Tue, 18 Oct 2022 14:08:17 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 21
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://top-fwz1.mail.ru/counter?id=3210372;pid=8QcWrwi.Vrx9Gyi77dOC
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H3 206 file.mp4
r2---sn-4g5edn6k.c.2mdn.net/videoplayback/id/11bad0466d5a38bd/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697638097/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame B01C 421 KB
0 242ms
224ms Media
video/mp4 2a00:1450:4001:d::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:d::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 18 Oct 2022 14:08:17 GMT
date: Tue, 18 Oct 2022 14:08:17 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2603715/2603716
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2603716
last-modified: Thu, 01 Sep 2022 12:26:51 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 11FC 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B4iq2UbNOY_-zBoSdlgTPtb-YCQAAAAA4AeAEAg&bg=!WlmlWR3NAAYeOJy_Pjg7ACkAdvg8Wgq25lbvC9CjsAWkLh6dKfpq9AK1WyjADF24z5eMUhRPhmUnYQIAAABmUgAAAAFoAQcKAEo3zhEUfg3oR49TQ2gpWt3cbSaL7NvsjP2FMpVWYVNNuAo4J0ZRLKCuIv4r6HDKXX2GKeZzkfcuyW41Rc2lHjkfl_DIjW4m2iLRjpkC8HSvqo5jtMHVabN6wdRMloGe6ffN33o8NzOAqVcUBTp6vTwema4xd9ZAYaiC8JpBazCduVh_p4TTZqOQGdSWpOqZjoTkmbRFCmcc0XfZzjmx-wz63ilU_UTqi6-588IcWYNHJrfC26u6IJW9WWgCJPYcILUa-TtXPxvy1BrNky7DI1AVwXofZh0-3-fnWEuRdvTHc6kzRMj-Tkd7I6Y47Vl8PlXFUhSyBOyYpoDV9H9Q10lwst9W36g6zzZ2Nar9NxRMMv140xeAUabcPmxIyiqfK44woRMXPIMLmMseerPWhP_QXimkWtovGqqJ8Mr7Tv16n9BeRg2PXfKC_dz9vwhGYXCrQQUG_6rDnvAPt52bzPA4K1I6N6hIb3zah4AH188r2pOVOlN7co6JeuDYHKBrZo_tfFgCnFlJfkIK5r2RxyGxa9yYilhuotg0pNywYyBYv-CQFcx1-yvm0lYSPgQsfDGOvkP5TZmpGVaZAnkLKyVdmUrX-9QLP77eAmN9I9lWms5SMEapfd4cMVCRCk7FG2OWdB3PwT71zbpErNdvPLySlhss4cr__e0EVdy6fiIPvKRVIluuD7-v8yBiQmo248yqeBJZ0qMrMOzzLPcY2Nsvdt9QUSJBzyfr8-GYeBcuTyzkbvuLgovuuSIaTjD9ATKOPDlWqRQD0KwD5H0f4cQyX_WnV5Bk3FKmHuupBT1xIFssRZqjK_20lotZW91VRuT-dme6550kwZLl7cwAflBu0T2bjZDfikioQEcyRliI57jClNTNLxVjWw6jlY9huzUGOliQXgrdCUzb14itk5UZs9Uyvo_JifzqAFupdd_J0qS0HxGNlU8YS9-rjfH5INfk-6HCvZ_Mj-dJHX3tjQXBo8x-ChTP8WlrHmtKK8FcIliMWJ1kT6iU3jQQ4kbNb3PAriwuTjNxWsvkQRDFnomGZkqgv7AvHNwtt2lL4l-6k4kL3Fg_gsP-Je1Ifn3yli2fHOAaLgAMZ6Jd3OdH

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D6A4 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjmrC9dBAJiYjpr9efVBrITDVWX9GSu4nqQNrj7dZkSRL4Pf7eSH1WP3WZ3V9fIlKZj7EE-KX5sfWMHPSdqH_oGytCApiaDwVxNPEe3LpRaTzlTtCKahfNESsKmuysOQO__MMrvA&sai=AMfl-YSD1lQRGTwTeYq6HipXBhkbZaP-3CwXNs1wBU4O9T1HfUAM4ZTdD8T9s-vQLDwyKwRkogoOl9QT9gWfB5Y&sig=Cg0ArKJSzLMl_BMQAq-LEAE&cid=CAQSGwDq26N90ryaPibjBP5PYJcHBM9r0_JKf0HNNBgBIA4&id=lidar2&mcvt=1000&p=0,0,124,641&mtos=123,807,1000,1155,1258&tos=123,684,193,155,103&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1666102096146&rpt=176&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3DE6 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssyXnFyPO90-5zGy8hYga0Vc4o-36RPjbFS3KrhAsOfcL6h7q-c9WSGQkwoNP72tYss1ANy5jVDUiUjuJ6XjTVpiGp16r__UL9x1wJPWJDNvcZJbewIG_7p68IXMDbQMXT-d7X5w&sai=AMfl-YTfXIcO29TtkTaCMlOLe4NEbboQmokFuGgtvBTNS8lTrnKb8TEtaLjS7tdYgu_x1LlLEFkI0HbVZT3AFI0&sig=Cg0ArKJSzHgBgyt_ZjMwEAE&cid=CAQSGwDq26N9dBL5d1SWkrWdQhvAQ3J4wW4JFeNwERgBIA4&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3519307484&rs=2&la=0&cr=0&vs=4&r=v&rst=1666102095633&rpt=980&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame D3D7 105 KB
37 KB 54ms
54ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:17 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: e330bcf698349800
timing-allow-origin: *
expires: Fri, 21 Oct 2022 02:04:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 89B5 0
0 52ms
52ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221013&jk=3677991976680815&bg=!Tk2lTQnNAAYeOJy_Pjg7ACkAdvg8WgY60ApwvP_O6pDlTuRMVqwlm3Pmr48b_-n48r6Hhmv87HlP1AIAAABoUgAAAAJoAQeZArNu-PvSZ9UW08MeYlnbJdeAQyqvE6RQjl_Y5e0LvKVtiUwup6ajER-ocXTJkb3douDUrESOZn8firrnnXjR3Y68_-9LyTgaz8zS8Zrzr-jewSxVbewio6fdJpr1ElPcWZz2E_o_NW1xWaMWECZ_fgIZKGxILFknbzZVrZ-CMf_NSdGlL6dN8XzAEyGw5Zm9MinZLrpETLQRfXjG8hkK8157pIbAMZR0ITQps00AtcMqQqzgorqFwzGJb51V7CUgkIHYBztTqNwjJLv2nbRO_e-DeBFPKHTp8Y7pK0idzpR7s_FmKgsi-uCLr3sBqUgNvnAaK7bBeClGiY3siAAC3AVxnnvUk5426W2S_-Knk_3a27H1MRZK0bx7rBS2iXPo9tiiixGMdhnoqjDCt0SWTsF2ClCbV1ShAmLZC4T-5j2hm9_35sm11gASTDXr4h0OG0mdPtFx5j0Ofm--HziZNiPsaGq4v5hJSzoRCK3z9Oidt-H7GZ3BxDLZOkvovwN8l763aB1nAN3Pdj6z4GdoiQce7ajOe6FcLC-XNDQNZdsDb2p-ZFVgium-R3y8_b9tSF0xbMxYDIs5zSaB0Cjt1sedOoZ_VWxxbvPuOCNIejBRPCCMHdbCxIzB_Jc4fNbymYgIOTjsoylLhwXRFDmkDxxJjo2aqU-wJA-qF6dkfCTDwxfkvUpfvXJe2qGoH1NJfexeffA9ppn4cbk8pxjxW6lRom9UbtqwfhiB6g-Hj_gi6EU1IL81gnWrcwKT2d6SKXyx7HktpIUvRqg_qMpj1I-_FN8JlkUCxT73eGMPLBblt0hjjix0VCfgLxk9460v9NXIamgxuU0_VFz2MuM3blI_2THIl6ICjlj6Q8qcSTdMVcHrFmELR4f5fWxe6W7AKGJRK_dH5ZDuwnunJHBoIkq01quv
Requested by: Host: www.afn.by
URL: http://www.afn.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame B01C 0
54 B 363ms
61ms Ping
image/gif 172.217.19.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=2~l9ea65pa&c=2019231808319&slotId=1009615904159.5&qqid=CKLY-Pz56foCFafIOwIdXj0Blw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=844&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.19.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s27-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame D3D7 160 KB
56 KB 64ms
63ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6d0f9faf185c1f43001f2508f80abf686cfb1c00f58c6bf0fa807791b5fc65e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 07 Oct 2022 07:30:00 GMT
etag: "633fab48-e0cd"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 57549
expires: Tue, 18 Oct 2022 15:08:18 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame D3D7 403 B
651 B 97ms
96ms Fetch
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=http%3A%2F%2Fwww.afn.by%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

2b5a9fe93f3c04bc6653128850d640a575725ee1f7ec41600eca3000a939775c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame D3D7 41 KB
15 KB 96ms
41ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 14:08:18 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame D3D7
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=UrNOY_nGGv7ImLAPwZC44A...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=713495486&crd=CJqqsQI&is_vtc=1&random=892902954
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=713495486&crd=CJqqsQI&is_vtc=1&random=8929029...

42 B
64 B

37ms
37ms

Image
image/gif

2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=713495486&crd=CJqqsQI&is_vtc=1&random=892902954&ipr=y

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=713495486&crd=CJqqsQI&is_vtc=1&random=892902954&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame D3D7
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=UrNOY8LIGtGCmLAPn5K6uA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=783078845&crd=CJqqsQI&is_vtc=1&random=2030534
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=783078845&crd=CJqqsQI&is_vtc=1&random=2030534...

42 B
64 B

65ms
30ms

Image
image/gif

2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=783078845&crd=CJqqsQI&is_vtc=1&random=2030534&ipr=y

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=783078845&crd=CJqqsQI&is_vtc=1&random=2030534&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame D3D7 256 B
355 B 62ms
62ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fwww.afn.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A181832144727%3Ahid%3A123306177%3Az%3A0%3Ai%3A20221018140818%3Aet%3A1666102098%3Ac%3A1%3Arn%3A360733352%3Arqn%3A1%3Au%3A1666102098562724071%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C86%2C47%2C1%2C0%2C0%2C%2C12%2C1%2C149%2C149%2C0%2C148%3Acpf%3A1%3Ans%3A1666102095823%3Ast%3A1666102098&t=clc(0-0-0)aw(1)rqnt(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e321fbf16ac23281b648af230907838bb5dfa1edb66ac67c59ce20cefb02ec90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 18-Oct-2022 14:08:18 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Tue, 18-Oct-2022 14:08:18 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame D3D7 43 B
100 B 63ms
63ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:18 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 07 Oct 2022 07:30:00 GMT
etag: "633fab48-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 18 Oct 2022 15:08:18 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame D3D7 3 KB
1 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1666102098481&cv=9&fst=1666102098481&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.afn.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1028e3d8a2b24879ce1c8109b96018b5edd73790441c0e54dab2a66fffb5e27b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame D3D7 3 KB
1 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1666102098485&cv=9&fst=1666102098485&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.afn.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f91ece6bf7ec63decde6fbaf9a2c64575a4b3bed12164114a85693a180483270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1117
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame D3D7 3 KB
1 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1666102098488&cv=9&fst=1666102098488&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.afn.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a77e88a053f40b37616d59686fe474d4bf64be658588b56a3f5f95f5c02cb6c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1117
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame D3D7 3 KB
1 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1666102098489&cv=9&fst=1666102098489&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.afn.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a424a69e1c28b4042568b220c0c1ee05a61d295453958efe290a4fffdcbd3cd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame D3D7 42 B
64 B 29ms
28ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1666102098485&cv=9&fst=1666101600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.afn.by%2F&async=1&fmt=3&is_vtc=1&random=1575073858&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame D3D7 42 B
64 B 36ms
33ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1666102098485&cv=9&fst=1666101600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.afn.by%2F&async=1&fmt=3&is_vtc=1&random=1575073858&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame D3D7 42 B
64 B 29ms
28ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1666102098481&cv=9&fst=1666101600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.afn.by%2F&async=1&fmt=3&is_vtc=1&random=377482891&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame D3D7 42 B
64 B 33ms
32ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1666102098481&cv=9&fst=1666101600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.afn.by%2F&async=1&fmt=3&is_vtc=1&random=377482891&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame D3D7 42 B
64 B 30ms
29ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1666102098489&cv=9&fst=1666101600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.afn.by%2F&async=1&fmt=3&is_vtc=1&random=742855095&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame D3D7 42 B
64 B 38ms
38ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1666102098489&cv=9&fst=1666101600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.afn.by%2F&async=1&fmt=3&is_vtc=1&random=742855095&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame D3D7 42 B
64 B 29ms
28ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1666102098488&cv=9&fst=1666101600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.afn.by%2F&async=1&fmt=3&is_vtc=1&random=3806540962&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame D3D7 42 B
64 B 29ms
29ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1666102098488&cv=9&fst=1666101600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.afn.by%2F&async=1&fmt=3&is_vtc=1&random=3806540962&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.afn.by
URL: http://www.afn.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.acint.net/ping/
Redirect Chain

http://www.acint.net/ping/?v=0.4.0&uid=be3b0fcb-6e84-4ea8-99a6-c2a735441432&dp=10&tz=%2B00%3A00&nc=23210988&dT=2022-10-18T14%3A08%3A18.586
https://www.acint.net/ping/?v=0.4.0&uid=be3b0fcb-6e84-4ea8-99a6-c2a735441432&dp=10&tz=%2B00%3A00&nc=23210988&dT=2022-10-18T14%3A08%3A18.586

43 B
224 B

30ms
29ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.4.0&uid=be3b0fcb-6e84-4ea8-99a6-c2a735441432&dp=10&tz=%2B00%3A00&nc=23210988&dT=2022-10-18T14%3A08%3A18.586
Requested by: Host: www.afn.by
URL: http://www.afn.by/
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 18 Oct 2022 14:08:18 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/ping/?v=0.4.0&uid=be3b0fcb-6e84-4ea8-99a6-c2a735441432&dp=10&tz=%2B00%3A00&nc=23210988&dT=2022-10-18T14%3A08%3A18.586
Date: Tue, 18 Oct 2022 14:08:18 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame D3D7 439 B
474 B 63ms
63ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fwww.afn.by%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A2%3Adp%3A0%3Als%3A925535072960%3Ahid%3A123306177%3Az%3A0%3Ai%3A20221018140818%3Aet%3A1666102099%3Ac%3A1%3Arn%3A619343046%3Arqn%3A1%3Au%3A1666102098562724071%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C86%2C47%2C1%2C0%2C0%2C%2C12%2C1%2C149%2C149%2C0%2C148%3Acpf%3A1%3Ans%3A1666102095823%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666102099%3At%3A&t=gdpr(6)clc(0-0-0)lt(14500)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1c046c3c0881b62a8c2eba07a2df48e785a4e2622189b4b9c3f4403ae32ea845

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 18-Oct-2022 14:08:18 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Tue, 18-Oct-2022 14:08:18 GMT

GET
H2 200 1NAZhgr00Ma100000000U9nJzFzjiEgp-DT0m-DdUIBo3yM6Mlflzajc089GgPpA_DW0ANQ6L5OWjvGHIDIc08bMHX3P2U830HF3KKQE80Q6iumWWQjWyYuZWmW3qrmc9Y1xATCD8BMMAGh8Filq7mXUCGayUDZrw_XP1eOT_XFd-xzcPMXb1bdHowm89ESoWxIj1... Show response
yandex.ru/an/rtbcount/ 43 B
156 B 71ms
71ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1NAZhgr00Ma100000000U9nJzFzjiEgp-DT0m-DdUIBo3yM6Mlflzajc089GgPpA_DW0ANQ6L5OWjvGHIDIc08bMHX3P2U830HF3KKQE80Q6iumWWQjWyYuZWmW3qrmc9Y1xATCD8BMMAGh8Filq7mXUCGayUDZrw_XP1eOT_XFd-xzcPMXb1bdHowm89ESoWxIj198A8FDPDZBFyUlGZ9gnHE8aitzncTCi_lMnLvd1re39dymEJlnWfsnWOTp1mdY0XUac2yHj7-mVifmz0m9lx1UmyjvazJTEI5czSQNlLrQGGphO6bXci5qv7Bo0xSdppkuTNzO-o5l91jDmWCtZ11lp8pRUD7D7ApUZp6J3DBCKyvTiCAD_mbaJsM6iMUniPcRcPiRc2zWPDx0pxM3dES4kyeDzpJP608rfRUm0?confirmTime=2100000&confirmRatio=1000000&test-tag=556902639468546&rnd=3480912232391&width=1560&height=90&media-test-tag=6147

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.afn.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 14:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Tue, 18 Oct 2022 14:08:19 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://www.afn.by
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 18 Oct 2022 14:08:19 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.acint.net
URL: https://www.acint.net/match?dp=129&euid=9zm00j1o6y

Domain: dmp.gotechnology.io
URL: https://dmp.gotechnology.io/match/sape?id=0A0909B04FB34E6321018337023B38D7

Domain: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0A0909B04FB34E6321018337023B38D7

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFRsxX6hVeyTJqTcW4TqPK4&google_cver=1&google_push=AZmPxg-BkvAIdh0QBNvMR8-4ut6LRR_Mir-JiP3fw46aPMFjtOv-pBXGTIVY90YU2SuSoZ9lO-lnwLEJHdHsYPHMFU7rxPLug50HJg

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

109 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 06:49:48	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 06:49:48	Name: pcs3 Value: 1
.mediatoday.ru/core	1970-01-20 16:24:22	Name: idntfy Value: VUgduFSNxuHJQeo
.afn.by/	1970-01-20 16:24:22	Name: _ga Value: GA1.2.1668176210.1666102095
.afn.by/	1970-01-20 06:49:48	Name: _gid Value: GA1.2.1529633617.1666102095
.afn.by/	1970-01-20 06:48:22	Name: _gat Value: 1
www.afn.by/	1970-01-20 16:24:22	Name: fid Value: b2247912-40d2-45c5-823d-84266cf469dd
.acint.net/	1970-01-20 06:48:22	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-20 16:24:22	Name: aid Value: sAkJCmNOs083gwEh1zg7Ars3MrtkmWrnDo/B5ZPdAwZvPS8U
.afn.by/	1970-01-20 16:09:58	Name: __gads Value: ID=585e11db93074caf-224ec7474ace0099:T=1666102095:RT=1666102095:S=ALNI_MYJZrmQiu-fao7MLO6OAUldwvHk9Q
.afn.by/	1970-01-20 16:09:58	Name: __gpi Value: UID=00000b74ba3c1746:T=1666102095:RT=1666102095:S=ALNI_MaVu_-DmS48vsZ4wvOYL2U0CG-geQ
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp7v2 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp14v3 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp17 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp32 Value: 1666102095
.acint.net/	1970-01-20 06:49:48	Name: cSyncDp45v3 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp53 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp54v2 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp62 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp67v2 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp68 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp71 Value: 1666102095
.acint.net/	1970-01-20 07:08:31	Name: cSyncDp77 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp84 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp85 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp95v3 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp101 Value: 1666102095
.acint.net/	1970-01-20 07:08:31	Name: cSyncDp104v2 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp107 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp110 Value: 1666102095
.acint.net/	1970-01-20 07:08:31	Name: cSyncDp111v2 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp112v2 Value: 1666102095
.acint.net/	1970-01-20 07:09:58	Name: cSyncDp125v2 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp126 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp127 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp129 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp136v2 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp138 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp144 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp146 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp148 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp149 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp151 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp178 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp179 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp186 Value: 1666102095
.acint.net/	1970-01-20 07:31:34	Name: cSyncDp221 Value: 1666102095
.afn.by/	1970-01-20 15:33:58	Name: _ym_uid Value: 166610209690720602
.afn.by/	1970-01-20 15:33:58	Name: _ym_d Value: 1666102096
.betweendigital.com/	1970-01-20 15:33:58	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 15:33:58	Name: tuuid Value: bc1a1b3e-c28d-5223-b857-d53bdb196674
.betweendigital.com/	1970-01-20 15:33:58	Name: ss Value: 1
.mc.yandex.by/	1970-01-20 06:48:22	Name: sync_cookie_csrf Value: 4257061983fake
.mc.yandex.com/	1970-01-20 06:48:22	Name: sync_cookie_csrf Value: 1453224963fake
.afn.by/	1970-01-20 06:49:34	Name: _ym_isad Value: 2
.utraff.com/	1970-01-20 07:31:44	Name: preutid Value: 1
.mc.yandex.ru/	1970-01-20 06:48:22	Name: sync_cookie_csrf Value: 61370307fake
.ssp-rtb.sape.ru/	1970-01-20 16:24:22	Name: sspuid Value: wQO4p2NOs0+VmgBmaGUEAstSFRgipnzPswMh4cgKMAKtoMQA
.upravel.com/	1970-01-20 06:48:22	Name: session_tptc Value: 1666102095960
.1dmp.io/	1970-01-20 15:33:58	Name: uid Value: 4f6eae34-4eee-11ed-8677-901b0e934d81
.yandex.com/	1970-01-20 15:33:58	Name: ymex Value: 1697638096.yrts.1666102096#1697638096.yrtsi.1666102096
.upravel.com/	1970-01-20 16:24:22	Name: user_id Value: 030a70e8-9d8a-45bf-9430-e8fc81a7039d
.yandex.com/	1970-01-20 15:33:58	Name: yandexuid Value: 1426515921666102096
.yandex.com/	1970-01-20 15:33:58	Name: yuidss Value: 1426515921666102096
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1517326831666102096
.yandex.com/	1970-01-20 16:24:22	Name: i Value: jckMGqBKdpq5NykRKquzu9NAmVxJw0Hra5NJAOqDSNmD5KqZDWXioKbNGQPl2HwsqekDYBGN7FgwnkDXiu8MEzUUxJQ=
.adhigh.net/	1970-01-20 15:33:58	Name: gi_u Value: xeYvfNOCGqU.AikABlGD62xwlg
.betweendigital.com/	1970-01-20 15:33:58	Name: ut Value: Y06zUAAAw1B02F-mU8PCxLEZzOOW1MXyia_0_g==
.adhigh.net/	1970-01-20 15:33:58	Name: sape_sync Value: jAl
.doubleclick.net/	1970-01-20 16:09:58	Name: IDE Value: AHWqTUkir0mc--7sSShGVGeUOmncFjkW7R2Z1TlyGZ5vXVFgi9vPSU1Xd_R6B426SdY
.rutarget.ru/	1970-01-20 11:07:34	Name: userId Value: m8ncXUBTpIHU
.uuidksinc.net/	1970-01-20 15:33:58	Name: jcsuuid Value: 132yog8r4ve9pePFsLIv
.ops.beeline.ru/	1970-01-20 15:21:00	Name: BeeAID Value: fcf6807d-6308-49b0-ade2-c30b97d226a0
.rktch.com/	1970-01-20 07:31:34	Name: b_uid Value: f34db1b1eb859ca7193d4ad2c52affbd25d5
ssp.bidvol.com/	1970-01-20 16:24:22	Name: bvuid Value: 9zm00j1o6y
.doubleclick.net/	1970-01-20 06:48:25	Name: DSID Value: NO_DATA
.weborama.fr/	1970-01-20 16:14:17	Name: AFFICHE_W Value: NPWHd1ztzOM077
.bumlam.com/	1970-01-20 16:24:22	Name: suuid3 Value: IiQ0ZmRlZWIxNC00ZWVlLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
.aidata.io/	1970-01-20 16:24:22	Name: __upin Value: mN4jdydAH8wObAuZmiqsOg
.aidata.io/	1970-01-20 16:24:22	Name: __upints Value: 1666102096
.gnezdo.ru/	1970-01-20 16:24:22	Name: uid Value: XV9maWNOs1AzPLkk8wUiAg==
x01.aidata.io/	1970-01-20 06:52:41	Name: livin Value: 1
.yandex.ru/	1970-01-20 16:24:22	Name: yuidss Value: 340842061666102096
.yandex.ru/	1970-01-20 16:24:22	Name: yandexuid Value: 340842061666102096
.quantserve.com/	1970-01-20 08:57:58	Name: d Value: EBEBCQGuJ4EA
.quantserve.com/	1970-01-20 16:18:36	Name: mc Value: 634eb351-18b7c-575de-1e872
.mts.ru/	1970-01-20 15:21:00	Name: dspid Value: 51f29134-efb7-444c-b7cb-66c97ab8ba82
.casalemedia.com/	1970-01-20 15:33:58	Name: CMID Value: Y06zUZIgDRMhGYtg9ySxgQAA
.casalemedia.com/	1970-01-20 08:57:58	Name: CMPS Value: 1210
.casalemedia.com/	1970-01-20 08:57:58	Name: CMPRO Value: 1210
.agency2.ru/	1970-01-20 15:21:00	Name: uuid Value: 8714c840-7df6-4149-9668-b58dbafb0b80
.yandex.ru/	1970-01-20 16:24:22	Name: i Value: cJZVVJINSegVyhsjyxYjljCwF9g13M4XzjVPYrpMv4tsgYWTMnBkfPrJakg39J+Dgg7c+HecR+rvA+JFmRlO7p9hXAg=
.e.dlx.addthis.com/	1970-01-20 16:18:36	Name: na_tc Value: Y
.casalemedia.com/	1970-01-20 08:57:58	Name: CMTS Value: 5167
.mts.ru/	1970-01-20 16:24:22	Name: mts_id Value: 0eda057f-b76e-4509-aefd-33adbadb2eef
.mts.ru/	1970-01-20 16:24:22	Name: mts_id_last_sync Value: 1666102097
.adriver.ru/	1970-01-20 16:24:22	Name: cid Value: AOPFUkfk38JiK6m9y_rqCGA
.dmg.digitaltarget.ru/	1970-01-20 16:24:22	Name: viuserid Value: 8QcWrwi.Vrx9Gyi77dOC
.addthis.com/	1970-01-20 16:18:36	Name: na_id Value: 2022101814081700017611933057
.addthis.com/	1970-01-20 16:18:36	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:18:36	Name: uid Value: 634eb351467f7574
.addthis.com/	1970-01-20 16:18:36	Name: ouid Value: 634eb3510001b4eeac1fd97ac3e9cd1c3884d5ea6b166d62f6a2
.dlx.addthis.com/	1970-01-20 07:31:34	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 07:31:34	Name: na_sr Value: 20221018
.dlx.addthis.com/	1970-01-20 06:48:22	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 07:31:34	Name: na_sc_e Value: 0
.mail.ru/	1970-01-20 15:35:24	Name: VID Value: 2USQVy3plt2D002C-c11iJID:::0-0-0-8690c10:CAASEPof6SJ_H3H_PjXcTXdrNDkaYFFMUov_l5FBCj19qH6A0IgyAnBmMCIXL3t3eh18JyI78ko7GCJyX-kW22JdOt8EGNwuzbRNaxIEkU5_jNC_Xl2UZyJpxIgvj9_731Bwv3NwykQiC3Zua8jrmjljYhtEYA
.yandex.ru/	1970-01-20 16:24:22	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 16:24:22	Name: is_gdpr_b Value: CN+rNhCpkAEYAQ==

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9795.j3jh6gpnlAYDPxZPNHP50JiY4bVhaZRHcC8D-9ZBs9MmgNlwqSVZXeiqspaU_eSeH1kvKuMSuo6ziHJ4GGbY3A%2C%2C.JmAp3PeM9ptTf6pyLuKjYFnlEOI%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://mc.yandex.by/sync_cookie_image_decide?token=9795.liT79RHYJUwhgKbHyejjn82DWWi7EajBXw80uwt6_8iq18rFed904Fkx7TuDQiGlV44sfJ2ks-jAIi5A_ryVSg%2C%2C.naU0u3gyElpSAoh23T2I3Xu-xXM%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFRsxX6hVeyTJqTcW4TqPK4&google_cver=1&google_push=AZmPxg-BkvAIdh0QBNvMR8-4ut6LRR_Mir-JiP3fw46aPMFjtOv-pBXGTIVY90YU2SuSoZ9lO-lnwLEJHdHsYPHMFU7rxPLug50HJg Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://an.yandex.ru/setud/mts_banner/UfKRNO-3REy3y2bJeri6gg?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=3590850127 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

030a70e8-9d8a-45bf-9430-e8fc81a7039d.sync.upravel.com
0a0909b04fb34e6321018337023b38d7-sp.ops.beeline.ru
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.adlook.me
ads.betweendigital.com
adservice.google.com
adservice.google.de
an.yandex.ru
bid.g.doubleclick.net
cm.g.doubleclick.net
cms.quantserve.com
counter.yadro.ru
cs.agency2.ru
csi.gstatic.com
dm-eu.hybrid.ai
dmg.digitaltarget.ru
dmp.gotechnology.io
e.dlx.addthis.com
exchange.buzzoola.com
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
imasdk.googleapis.com
match.new-programmatic.com
mc.yandex.by
mc.yandex.com
mc.yandex.ru
mediatoday.ru
nr.bidderstack.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
px.adhigh.net
r2---sn-4g5edn6k.c.2mdn.net
redirect.frontend.weborama.fr
rtb.openx.net
s.uuidksinc.net
s3.advarkads.com
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bestssp.com
ssum-sec.casalemedia.com
stat.adlabs.ru
stats.g.doubleclick.net
sync.1dmp.io
sync.adkernel.com
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync.upravel.com
tag.digitaltarget.ru
tech.rtb.mts.ru
top-fwz1.mail.ru
tpc.googlesyndication.com
ut.rktch.com
www.acint.net
www.afn.by
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
x01.aidata.io
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
dmp.gotechnology.io
googlecm.hit.gemius.pl
s3.advarkads.com
www.acint.net
104.18.18.126
109.248.237.37
139.45.228.100
142.250.185.66
142.250.186.162
148.251.129.43
148.251.217.100
159.69.59.100
172.217.19.99
176.9.81.69
185.147.80.35
185.15.175.132
185.15.175.174
185.64.190.78
188.42.196.115
193.232.150.150
193.3.184.218
195.209.108.46
195.209.111.19
2.18.232.236
213.87.44.187
217.65.2.150
217.66.147.35
23.111.107.44
23.88.82.46
2606:4700:3033::ac43:d997
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1148:db00::17
2a00:1450:4001:800::2003
2a00:1450:4001:802::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
2a00:1450:4001:d::7
2a00:1450:400c:c00::9b
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
31.172.81.172
31.220.27.134
34.98.67.61
35.190.24.218
35.227.252.103
37.18.103.21
37.9.245.57
46.243.142.239
46.4.114.109
5.200.43.131
62.173.140.157
64.233.166.156
77.245.57.72
78.46.100.125
88.198.16.238
88.212.201.204
89.108.120.76
89.108.97.2
93.95.102.105
95.163.52.67
95.211.66.35
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9ae83ed412c0a51d6302086193b9f846a503612d1c91fd0df838f2e2321779
1028e3d8a2b24879ce1c8109b96018b5edd73790441c0e54dab2a66fffb5e27b
1266bf92428386599e0210453869c0bfd9e7d62470630216db0ac96330eef2e4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
1acd5b6e3ef73f684c361cbc587fa6e6ee3fb957af2019e3baa4330a1f8fbb85
1c046c3c0881b62a8c2eba07a2df48e785a4e2622189b4b9c3f4403ae32ea845
1c4353acad2842a5598cc6f98535700a283a4a361b6bd05d7505b6cb86e2d1ff
1ddb0b820dec7b14a548cd751c4a24db01dec9d0716daa5724ee5c65d3c347ec
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
21805f6753661b417e371bc6d07627765a0bdb09ff769049bd4fa36a22cac022
23f164c2a32a77520af8e88622bb5f48b24981a238588e84747fbb63ea82857f
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2a7f3d2c238784e955c2426069e8764f35cdbd3a88b5e06e1120a196d119e72d
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b5a9fe93f3c04bc6653128850d640a575725ee1f7ec41600eca3000a939775c
2e9eef13fef2613d07262064babfaf30126169e3ad74a82c3751942886c79d8b
310abf0ebb4e47432cce9e583389d8a0963f6996cce0c8def3e94e875f4d95bd
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3b9bfffdd25b235582aed4cf08b709719aa5af611d5ca3f3f4a5cb5a17d9b6ee
3bc25bf4b354d60ff200bc3f20e7c8154afbd1642b21d47343461c9bb134602d
3d8799c171813adffb4105be1ee07dfd2e7716ba4a5fdd8b785736285a3bf677
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
41665f556d519d47b0533b3d4f4b699ee997a0b6675be6513af768a082b3b1df
43fad28719712a8e7d99c2e54183c1b97a5790e680f1eb2b0d486d47f1e2558f
473feba11f89b4d197a2263ebb6567e53b75a969cff0679ccf50f6634fa3a4f5
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3fad7a21107bb1c4c1798c447279d168671355c2a5a5b5227479569ee8c989
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a6f5d09e9a2fe3c649c80d0172bda7faf99040c8f45c175efede441a729ff8a
5fe5d1f5b73cac63a3ac98efcd1ab515f883b012b3aae669239b96a06354008c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6d0f9faf185c1f43001f2508f80abf686cfb1c00f58c6bf0fa807791b5fc65e2
6de6bc8539811babe97bad8ff5722b3f9c1e768c0e443044c481c755112494ee
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
75bb660f0c38697ed9be3b33be8e5a24365708ee94922da9dd44875efc3776e0
81dd8e95b1a2b7f08d29875ccb8796895c9c0ee05d6f37838d283fb34c5665d0
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
934c42561ecd95d4e8ea88db974c3b72f6f94250932c46fe5e028beb92b16e24
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b44259d063a37622710d79f0cef615cff74d64aad18c0b5fddc58816f808482
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2108bb3f86caf930d09e8a85ae0eccf3a11a5d51296a620201e8a76a9b030c7
a424a69e1c28b4042568b220c0c1ee05a61d295453958efe290a4fffdcbd3cd4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a77e88a053f40b37616d59686fe474d4bf64be658588b56a3f5f95f5c02cb6c6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
bac87240d43f2059419ce7f7fdc63e99966069af39def1f6bcbc59eed1f69cfc
bf0fdab4031d85c318bafbd48968462e4cf1d917071085862aa426c0cf024418
c19bf103343e1241bdf5948e26627f8b7bd3a1697c65ce783e9ea400fc1e2044
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1232525609bc2312fac5f67b2bc0e5c65c2839b18a68535605139d1a657c10f
d801f8eb0a3f61a59148bccb1e8a3d6bd4b6d1cfc3e4328df6eb4534efa5ae53
df591d5c8b0c6bde895ec6ae9d2577c16f91e8499d8f5bbe13e12fd117480809
e1a934e6b705cc33cf61189e1ab03c4a69cce891082affee06e44f10a55b52f2
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e321fbf16ac23281b648af230907838bb5dfa1edb66ac67c59ce20cefb02ec90
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41a9f1a7e28701810cb7895d9739e87f333d4ee7071c3e395630a7e7194a074
e4b61957a7f81c371fcb736ae466bb791a3bb7f4b04f7dbc314d5311c268b18e
ebb3597f3a327fe00b7b1b766dd19e454e3f8b34ad5d45505439b42bf1c24d42
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f4adfd9489ae0ea8d1a5497dc644d3e73ae0aafcf0a7032ba24084568c004d08
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f72d933a34e40e438eae141e1851934625c411461f44e1c86cbcd35d918a2a7d
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f91ece6bf7ec63decde6fbaf9a2c64575a4b3bed12164114a85693a180483270
fe35cd48b276338084999f88cc7d62bab072574908bc0a2282d4d9122fe6ae27

www.afn.by Open in urlscan Pro 62.173.140.157 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

177 Requests

72 %HTTPS

33 %IPv6

57 Domains

76 Subdomains

49 IPs

10 Countries

1756 kBTransfer

5024 kBSize

109 Cookies

5 Outgoing links

Redirected requests

177 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.afn.by Open in urlscan Pro
62.173.140.157 Public Scan

Screenshot
Live screenshot

Full Image

177
Requests

72 %
HTTPS

33 %
IPv6

57
Domains

76
Subdomains

49
IPs

10
Countries

1756 kB
Transfer

5024 kB
Size

109
Cookies

177 HTTP transactions
3 data transactions